Iran-linked cyber attacks targeting hospitals and payment networks
Cyber attacks linked to geopolitical conflict are increasingly affecting the companies and systems that ordinary people rely on every day, according to cybersecurity researchers and analysts.
A new commentary from cybersecurity publication Cybernews warns that cyberwar is no longer limited to governments, military systems, or intelligence agencies. Instead, attacks are increasingly targeting healthcare systems, payment infrastructure, and critical services used by the public and private sector.
Cyber attacks moving beyond government targets
Recent incidents involving major companies highlight how geopolitical cyber retaliation can now have real-world consequences for businesses and public services.
According to reporting referenced in the commentary, Iran-linked hacktivist group Handala claimed attacks on payment provider Verifone and medical technology company Stryker. The alleged attack on Stryker reportedly disrupted operations and affected healthcare providers attempting to order surgical supplies, demonstrating how cyber incidents can ripple into healthcare systems and supply chains.
These types of attacks show that modern cyberwarfare is increasingly focused on economic and infrastructure targets rather than purely government systems.
Threat activity already increasing online
Security researchers say the threat landscape is already expanding as geopolitical tensions rise.
Researchers have identified thousands of newly registered domains related to Middle East conflict themes, which may later be used in phishing campaigns, malware distribution, or disinformation campaigns. Attack methods expected to increase include:
- Phishing campaigns
- Distributed denial of service (DDoS) attacks
- Ransomware
- Data leaks and hack-and-leak operations
- Destructive malware attacks
- Credential harvesting and password spraying
These tactics are commonly used by both state-backed groups and affiliated hacktivist organizations.
Human error remains the biggest vulnerability
Despite increasingly sophisticated cyber attacks, experts say the most common entry point remains human error and basic security weaknesses.
Common vulnerabilities include:
- Unpatched software
- Weak or reused passwords
- Default credentials on internet-connected devices
- Lack of multi-factor authentication
- Employees falling for phishing emails
Researchers also warn that artificial intelligence is making cyber attacks easier to scale, allowing attackers to generate convincing phishing messages and automate parts of the attack process.
This combination of geopolitical conflict, automation, and existing security weaknesses means organizations must improve basic cybersecurity practices to reduce risk.
Cyberwar now affects everyday services
The key takeaway from recent incidents is that cyberwar is no longer a distant or abstract threat. Instead, it is increasingly affecting companies that provide essential services such as healthcare, payments, logistics, and infrastructure.
For businesses, this means improving patching, authentication, and employee cybersecurity training. For individuals, it highlights the importance of strong passwords, multi-factor authentication, and caution when opening emails or clicking links.
As geopolitical tensions continue to influence cyber activity, experts warn that disruptions may increasingly affect everyday services rather than traditional government targets.
