The ISA and the National Cyber Directorate announced on Wednesday that they thwarted hundreds of cyberattack attempts over the past year carried out by Iranian intelligence operatives.
According to the agencies, the attacks targeted senior government and defense officials, academics, journalists, and employees in the defense industry. A joint statement said a marked escalation in hostile cyber activity was identified beginning with Operation Rising Lion.
The purpose of the attacks was to gather personal and professional information to support terrorism, espionage, and influence operations. Investigators said the attackers primarily used “targeted phishing" techniques, crafting personalized messages while impersonating trusted or familiar figures.
Victims were encouraged to click on links or download files, enabling the attackers to steal login credentials and authentication codes for platforms such as Google, Telegram, and WhatsApp. This would allow full access to private communications and stored data.
In recent months, the ISA and the National Cyber Directorate acted to disrupt the attempts by issuing targeted warnings, blocking malicious activity, and briefing those at risk on how to strengthen account security. Public awareness campaigns were also conducted among relevant populations.
The agencies urged the public, particularly individuals with access to sensitive information, to enable two-factor authentication, remain cautious of unsolicited contacts, and avoid sharing personal details or clicking on suspicious links. They also recommended using the advanced protection programs recently introduced by Google and WhatsApp.