Nation-states' growing use of hacktivist personas to obfuscate responsibility will increasingly enable governments to spread their preferred narratives and conduct attacks against targets they would normally be deterred from, especially as less-resourced states increasingly use this strategy. On Dec. 10, U.S. network security firm Claroty published a report indicating that Iran-affiliated hackers have been utilizing a new malware to compromise internet-of-things and supervisory control and data acquisition (SCADA)/operational technology devices used in U.S. and Israeli critical infrastructure. Specifically, Claroty blamed the group Cyber Av3ngers, which portrays itself as a hacktivist organization but is affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC) and in late 2023 hacked multiple U.S. and European water entities. Claroty's report was the latest in a long list of research accusing ostensibly independent hacktivist groups of being fronts for nation-state threat actors. Whereas traditional hacktivists historically have anti-establishment motives and advance various activist causes, there is increasing...
