CloudSEK has posted a pair of research reports that are highly relevant to the cyber dimension of the Iran-US conflict, especially in light of developments since the February 28 strikes.
Following the February 28 US-Israel strikes on Iran, CloudSEK has documented an immediate and significant surge in Iranian-aligned cyber activity targeting US critical infrastructure, with AI now acting as a direct force multiplier for threat actors.
The key findings:
- Over 60 Iranian-aligned hacktivist groups activated on Telegram within hours of the February 28 strikes, the largest single-event mobilization of this ecosystem ever recorded.
- An Electronic Operations Room was formed on Telegram to coordinate attacks, operating on ideological initiative rather than central state direction, which makes activity harder to predict and constrain.
- More than 40,000 US industrial control systems are currently reachable on the public internet, many with default or no credentials, representing an immediately exploitable attack surface.
- CloudSEK researchers demonstrated that an actor with no prior ICS knowledge can move from intent to a working list of accessible US industrial targets in under five minutes using AI tools and passive reconnaissance. No scanning, no exploitation, no specialist knowledge required.
- The same AI platforms now embedded in US defense operations are accessible to threat actors for offensive reconnaissance, creating a dual-use dynamic that significantly widens the threat.
Both reports are primary-sourced, technically detailed, and directly tied to the current conflict escalation. The full write-ups are here:
Report 1: AI, the Iran-US Conflict, and the Threat to US Critical Infrastructure
https://www.cloudsek.com/blog/ai-the-iran-us-conflict-and-the-threat-to-us-critical-infrastructure
Report 2: Threat Actor Landscape Assessment of ICS/OT Targeting in the 2026 Iran-US Conflict
https://www.cloudsek.com/blog/a-threat-actor-landscape-assessment-of-ics-ot-targeting-in-the-2026-iran-us-conflict-and-the-scale-of-the-risk
Like this:
Like Loading...
Related
This entry was posted on March 9, 2026 at 8:36 am and is filed under Commentary with tags CloudSEK. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
How the February 28 Strikes Triggered a New Wave of AI-Assisted Attacks on US Critical Infrastructure
CloudSEK has posted a pair of research reports that are highly relevant to the cyber dimension of the Iran-US conflict, especially in light of developments since the February 28 strikes.
Following the February 28 US-Israel strikes on Iran, CloudSEK has documented an immediate and significant surge in Iranian-aligned cyber activity targeting US critical infrastructure, with AI now acting as a direct force multiplier for threat actors.
The key findings:
Both reports are primary-sourced, technically detailed, and directly tied to the current conflict escalation. The full write-ups are here:
Report 1: AI, the Iran-US Conflict, and the Threat to US Critical Infrastructure
https://www.cloudsek.com/blog/ai-the-iran-us-conflict-and-the-threat-to-us-critical-infrastructure
Report 2: Threat Actor Landscape Assessment of ICS/OT Targeting in the 2026 Iran-US Conflict
https://www.cloudsek.com/blog/a-threat-actor-landscape-assessment-of-ics-ot-targeting-in-the-2026-iran-us-conflict-and-the-scale-of-the-risk
Share this:
Like this:
Related
This entry was posted on March 9, 2026 at 8:36 am and is filed under Commentary with tags CloudSEK. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.