Iran threatened on Tuesday to strike facilities in the Middle East owned by US technology companies as part of the escalating war that began with US and Israeli strikes at the end of February.
In a statement shared to the country's Tasmin News Agency, Iran's Islamic Revolutionary Guards Corps (IRGC) said that as of Wednesday, it would consider more than a dozen tech companies as "legitimate targets," including Apple, Google, Intel and Tesla. The message advised employees to leave their workplaces and residents near those companies "in all countries" to leave the area within a kilometer.
On Wednesday, Amazon's cloud computing operations in Bahrain were damaged, according to a report by the Economic Times. Amazon AWS was the subject of a previous drone attack in March.
Representatives for companies on the list, including Apple, Google, IBM, Palantir, Boeing, Intel and Tesla, didn't immediately respond to requests for comment. Microsoft responded to a request and said the company doesn't have anything to share about the threats at this time.
In a statement to CNBC, an Intel spokesperson said, "The safety and well-being of our team is our number one priority. We are taking steps to safeguard and support our workers and facilities in the Middle East and are actively monitoring the situation."
The US government said it will defend the companies that have been threatened. An unnamed White House official told Reuters that the US "is and was prepared to curtail any attacks by Iran."
Another threat could make things worse
The language of the message from the IRGC suggests that it wants to do damage to tech companies, not necessarily people. That could mean attacks geared toward disruption and data exposure rather than physically attacking tech offices or data sites.
The threats are "more about sending a message than causing visible damage," said Chris Nyhuis, founder and CEO of the Ohio-based cybersecurity company Vigilant. "Based on what we have seen from Iranian groups recently, that likely means wiping devices, shutting down systems and stealing data to embarrass the target."
Most concerning is that in addition to the IRGC threats, a series of attacks from North Korean hackers targeting supply chains and code repositories could dovetail, causing even more damage.
"What concerns me most is the overlap. You have North Korean hackers embedding themselves in the software supply chain. You have Iranian hackers threatening to destroy American companies," Nyhuis said. "And both are exploiting the same fundamental weakness: the way modern software is built on a chain of trust that nobody is verifying."
Vigilant found that 40% of the most popular open-source projects have vulnerabilities that the IRGC and North Korean hackers could exploit. Nyhuis said companies need to be more vigilant about pulling in tools and code from the internet and verifying software builds to close up vulnerabilities.
