Iranian-backed hackers will increasingly carry out ransomware and encryption-based cyberattacks targeting U.S. and Israeli organizations, even as nuclear negotiations continue. And if those talks break down, Iran will be incentivized to launch more disruptive attacks. An Iranian threat actor, dubbed DEV-0270, was behind a ransomware attack against U.S.-based Cox Media Group over the summer, The Record reported Dec. 29 without providing a source. Live streams from Cox’s television and radio stations went down on June 3, which the company confirmed in October was caused by a ransomware attack. Iran’s involvement in the Cox incident, however, had not been widely reported until now, and follows months of warnings from both Microsoft and the U.S. government that Iranian threat actors are increasingly using ransomware in their attacks. ...
