Middle East-based brute-force cyber intrusions surge

Brute-force authentication attacks aimed at network devices have skyrocketed during the first three months of 2026, with nearly 90% of intrusions stemming from the Middle East, according to Cybersecurity Dive.

More than 50% of all confirmed cyberattacks between February and March were attributed to the targeting of SonicWall and Fortinet FortiGate devices, a report from Barracuda revealed. While IP addresses alone cannot reliably determine the origin of intrusions, state-sponsored threat operations, professional groups, and opportunistic gangs may have engaged in brute-force attacks, which involved aggressive scanning of vulnerable perimeter devices, noted Barracuda Manager of Cybersecurity Analysts Anthony Fusco.

Such findings come as Iran-linked threat groups have escalated cyberattacks following the joint U.S.-Israel military strikes against the country in late February. Organizations' security teams have been urged not only to implement complicated passwords and multifactor authentication on their VPNs and firewalls but also to reinforce the surveillance of repeated failed login attempts.