Global Companies Brace for Potential Cyberattacks as Iran War Escalates

Plus, Canada’s digital intelligence agency warns critical infrastructure operators to remain vigilant to threats posed by Iranian cyber actors.

SPONSORED BY

Good morning! Here’s what’s up.

People

Matt Gorham has joined Terakeet, an online reputation management partner for global brands. Gorham previously spent 25 years with the FBI, overseeing national cyber operations and critical incident response.

Clips ✂️

US banks on high alert for cyberattacks as Iran war escalates

The U.S. financial services industry is on heightened alert for potential cyberattacks amid the unfolding U.S. war in Iran, with firms stepping up monitoring for ‌threats that often rise during periods of geopolitical conflict, said executives and analysts.

The killing of Iranian Supreme Leader Ali Khamenei last weekend in an air strike has sparked a conflagration in the Middle East that has roiled markets globally and stoked concerns over the potential for Iran-linked cyberattacks on U.S. financial services operations.

"The industry remains vigilant and ready to respond to cyber threats at all times, and especially when global cybersecurity risks are heightened," said Todd Klessman, managing director for financial services cyber and technology at industry group SIFMA which runs an annual exercise to ensure financial firms can operate through significant cyber emergencies.

by Reuters

What US companies like Amazon and JPMorgan are telling their Middle East staff during the war in Iran

Global US companies with Middle East operations are advising their employees to work from home following a weekend of regional escalation, as US and Israeli military strikes on Iran triggered retaliatory attacks across several Gulf states.

This is what major US companies in the region are telling their employees during the Iran conflict.

Goldman Sachs

Goldman Sachs has implemented a number of measures to support the safety of its people and resilience of its business, a company spokesperson told Business Insider.

The US bank has told its employees across the region to work from home and to follow the advice of local officials, the spokesperson said.

Citigroup

Citigroup has told its employees to work from home until further notice, a Citi spokesperson told Business Insider.

JPMorgan

JPMorgan has also advised its employees in parts of the region to work from home, a person familiar with the matter told Business Insider. The US's largest bank has offices in Abu Dhabi and Dubai, and, across the wider region, in Beirut, Cairo, Doha, Manama, and Riyadh.

by Bloomberg News

👉In summary, go about your normal course of business, but work from home.

Expect Iran to Launch Cyber-Attacks Globally, Warns Google Head of Threat Intel

Iran will “absolutely” respond to the US and Israeli air strikes with cyber-attacks against a wide range of targets in the Middle East and beyond, Google’s chief of cyber threat intelligence has warned.

John Hultquist, chief analyst of Google Threat Intelligence Group (GTIG), made the comments at an event hosted by the Royal United Services Institute (RUSI) defense think tank in London.

Iran has long been classed as capable nation-state actor in cyberspace with a history of numerous cyber espionage and other malicious hacking campaigns against the West.

Hacktivist and Ransomware as a Front for Hostile State-Backed Cyber Action

Speaking to Infosecurity, Hultquist explained that there have long been blurred lines between the Iranian state and Iranian cybercriminal and hacktivist groups. “They’re really good at playing in this foggy space,” he said.

Hackers associated with the Iranian government have previously been accused of secretly working with ransomware groups to facilitate campaigns against organizations in the US.

by Infosecurity Magazine

Intelligence agency tells Canada to brace for cyberattacks

Canada’s digital intelligence agency is warning that Iranian reprisals will “very likely” include cyberattacks.

“Canadian critical infrastructure operators and other possible targeted entities should remain vigilant to threats posed by cyber actors aligned with Iranian interests,” a bulletin from the Canadian Centre for Cyber Security states.

“Pro-Iran hacktivists will likely view Canada as a target … due to Canada’s public support of the U.S./Israel military activity.”

The U.S. and Israel launched a joint campaign against Iran on Saturday. Iran has retaliated by barraging Israel and nearby U.S. allies with missiles and drones. While Canada might be out of range of Iranian munitions, it remains vulnerable to state-sponsored cyber threats.

‘Likely target opponents abroad’

According to the March 2 bulletin, Iranian retaliation against Canada could include cyberattacks on energy grids and government networks, as well as online harassment of military personnel, diaspora communities and political activists.

“Iranian state-sponsored cyber threat actors opportunistically target poorly secured critical infrastructure networks and internet-connected devices around the world, including those associated with the water and energy sectors,” the bulletin cautions.

by CTV News

Abbott Labs Finishes Off Suit Over Google, Meta Data Sharing

Abbott Laboratories Inc. defeated a proposed class action alleging it disclosed the protected health data of consumers to Meta Platforms Inc. and Google LLC in violation of state and federal privacy laws.

The plaintiffs failed to adequately allege the elements of their claims of negligence and violations of the Electronic Communications Privacy Act and the California Invasion of Privacy Act, Judge Manish S. Shah of the US District Court for the Northern District of Illinois said Monday.

Shah dismissed the case with prejudice.

by Bloomberg Law

AI and Deepfakes Supercharge Sophisticated Cyber-Attacks, Says Cloudflare

Easy access to large language models (LLMs) and other AI tools has significantly lowered the barrier to entry for cybercriminals to conduct effective cyber-attacks rapidly and at scale, a new threat intelligence report by Cloudflare has warned.

The 2026 Cloudflare Threat Report draws on research and analysis by the company’s Cloudforce One threat research team and details how AI has become a “force multiplier” for cybercriminals, lowering the effort required to carry out campaigns, while also making those campaigns more impactful.

“An actor who previously lacked the skills to craft a convincing phishing email or write custom malware can now leverage an LLM to generate them rapidly and at scale, significantly lowering the barrier to entry for highly effective operations,” said Cloudflare.

According to the report, LLMs and AI have been adopted by a wide range of threat actors, including state-sponsored hacking groups, financially motivated cybercriminal gangs and hacktivist collectives.

by Infosecurity Magazine

SPONSORED BY

Incident Response Forum D.C. 2026 is set for Wednesday, April 22, 2026 at the historic Mayflower Hotel in Washington, D.C.!

Incident Response Forum is the only conference of its kind, bringing together hundreds of cybersecurity and incident response attorneys, in-house counsel and compliance executives, and other top professionals in the field. Join us in person or tune in virtually to hear from nearly 50 luminaries in the incident response field—including senior officials from the DOJ and FBI, and lawyers and consultants from the best firms and in the world.

👉 UNTIL FRIDAY, MARCH 27: Please use the codes below to get a 25% early-bird discount (regular in-person registration fee is $1,500; regular virtual registration fee is $750). Please register here:

In-person attendance: UPDATE909DC25
Virtual attendance: UPDATE909V25

X