In response to this growing cyber threat landscape, Seqrite, the enterprise cybersecurity division of Quick Heal Technologies Limited, released a detailed advisory outlining the implications of the Iran-US-Israel cyber escalation. The company emphasized that the ripple effects of this digital warfare are no longer confined to the region but are actively endangering global enterprises, governments, and critical infrastructure.
Dubbed Operation Epic Fury and Roaring Lion, the strikes not only initiated missile and drone exchanges but also triggered a sophisticated cyber offensive. Within hours, Iran’s internet infrastructure dropped to just 1–4% capacity. However, despite this internal disruption, Iran’s cyber units continued operations seamlessly using pre-established backdoors, overseas systems, and advanced persistent threat (APT) groups.
Notably, threat actors such as Seedworm (also known as MuddyWater) had already infiltrated US and Israeli networks prior to the strikes. They deployed tools like Dindoor and Fakeset using stolen digital certificates to target banks, airports, and NGOs. Meanwhile, TA453/APT42 launched credential phishing campaigns targeting US think tanks, cleverly using OneDrive-based lures. Similarly, OilRig/APT34 executed ClickFix attacks by impersonating Iraqi government communications.
At the same time, other cyber groups intensified their activities. Marshtreader (Agrius) exploited vulnerabilities in surveillance systems to monitor real-time damage across Gulf nations. In one of the most disruptive incidents, Handala/Void Manticore managed to wipe over 200,000 devices at Stryker Corporation by abusing legitimate Microsoft Intune functionalities through a compromised global admin account. This attack not only disrupted operations but also impacted global manufacturing systems.
Furthermore, global threat actors joined the chaos. Chinese group Mustang Panda leveraged Iran-themed lures to distribute malware, while Dust Specter and TeamPCP conducted targeted and supply-chain attacks. Over 50 hacktivist groups also coordinated attacks via Telegram; however, most of these remained low-impact compared to state-sponsored operations.
According to Seqrite Labs, these developments align with earlier predictions in their India Cyber Threat Report 2026, which highlighted the rise of AI-driven cyber warfare. The report emphasized how adversaries now use AI for reconnaissance, deception, and persistence.
Moreover, Seqrite’s Cybersecurity Maturity Survey revealed that Indian organizations scored 6.3 out of 10, with notable gaps in incident response and data governance. Consequently, businesses with exposure to the Gulf region or cloud-dependent infrastructure face heightened risks. Additionally, compliance requirements under the Digital Personal Data Protection Act, 2023 have further increased accountability, mandating strict data protection measures and breach notifications.
To address these evolving threats, Seqrite offers a robust, DPDP-compliant security portfolio. Its solutions range from endpoint protection and data privacy tools to threat intelligence and ransomware recovery services, ensuring enterprises remain resilient against modern cyber warfare.
Recommended Cyber Technology News:
- Google GTIG Warns of Raccoon Social Engineering Attacks
- HackerOne Stops Bug Bounty Program Over AI Risks
- AWS Partners with Anthropic to Launch Advanced Cybersecurity AI
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
