Cybersecurity: No Ceasefire in Cyberwarfare | The Register
- While physical conflicts may pause, the cyber realm remains a constant battleground, according to Candan Bolukbas, CTO and founder of cyber-risk intelligence firm Black Kite.
- Bolukbas' firm shares threat intelligence with the NSA, among others.
- Bolukbas believes Iran is unlikely to launch refined attacks against top-tier organizations like the NSA or Pentagon without external backing from Russia or China, which he deems improbable.
Cyberwarfare knows no truce. Candan Bolukbas, a cyber-risk expert, confirms that a ceasefire is unlikely in the digital realm. This means constant vigilance is crucial for cybersecurity professionals worldwide. Iranian cyberattacks, particularly phishing campaigns, pose a significant threat. The US, with its “defend forward” strategy, is actively fighting back. Smart devices and IoT vulnerabilities are major attack vectors, frequently enough weaponized into botnets. Promptly patching systems is your best defense against these threats. News Directory 3 is closely following these developments. Stay informed on this ever-evolving landscape of digital threats and defenses, which is paramount in this high-stakes cyberwarfare.Discover whatS next for global cyber strategies.
Expert Warns of Potential Iran Cyberattacks, Highlights US Cyber command Defense
Updated June 28, 2025
While physical conflicts may pause, the cyber realm remains a constant battleground, according to Candan Bolukbas, CTO and founder of cyber-risk intelligence firm Black Kite. Bolukbas, formerly with NATO’s counter-cyberterrorism task force, emphasizes that a “ceasefire” is unlikely in cyberspace.
Bolukbas’ firm shares threat intelligence with the NSA, among others. He notes that smart TVs and other IoT devices can be compromised to create botnets for distributed denial of service attacks or to route traffic for cyberattacks against high-value targets.
Bolukbas believes Iran is unlikely to launch refined attacks against top-tier organizations like the NSA or Pentagon without external backing from Russia or China, which he deems improbable. He suggests these nations woudl prefer to reserve their stealthy access and cyber weapons for their own geopolitical and military objectives.
However, Bolukbas cautions that Iran can still target “low-hanging fruit.” He notes that while Iranian cyber campaigns, notably phishing attempts, continue, the US also engages in similar activities.
He cited Stuxnet, a joint American-Israeli malware operation against Iran’s nuclear centrifuges, as an example. “And that,of course,was during a ceasefire. We were not in a war with Iran,” Bolukbas saeid.
If we see something in cyberspace that can disrupt us, we’re going to attack it first, and we have that under US Cyber Command’s mission
Bolukbas highlighted the US’s proactive “defense forward” strategy, stating, “If we see something in cyberspace that can disrupt us, we’re going to attack it first, and we have that under US Cyber Command’s mission.” He suspects that cyber espionage, influence operations, and infrastructure probing are ongoing.
Bolukbas advises network defenders to be wary of phishing attacks, as Iran relies heavily on social attacks due to a limited supply of zero-day exploits. He also urges caution regarding fake news and social media posts generated by AI, a tactic increasingly used by Iran, Russia, and china to manipulate public opinion.
Bolukbas stresses the importance of promptly patching systems, including IoT devices, to mitigate the risk of exploitation by Iranian groups.
What’s next
Network defenders must remain vigilant against evolving cyber threats, particularly phishing and social engineering tactics, and prioritize patching systems to mitigate potential exploits.
