Cyberattacks Spike 245% in the Two Weeks After the Start of War with Iran

Akamai researchers recorded a 245% spike in cyberattacks during the first two weeks of the U.S.-Israeli military campaign against Iran, with hacktivist groups using Russian and Chinese proxy services to target banking, financial services, and ecommerce organizations. Groups like Handala and Fatimion Cyber Team are increasingly attacking private-sector organizations using destructive wiper techniques and living-off-the-land (LotL) methods—notably abusing Microsoft Intune to wipe 80,000 devices without deploying malware. Unit 42 analysts note Iranian actors are shifting from custom malware to native administrative tool abuse for better evasion. Concerns are also raised about U.S. cyber readiness, citing a brief national cybersecurity strategy, vacant leadership posts, and budget cuts weakening the country's defensive posture.