Cyber warfare is intensifying alongside military actions by U.S. and Israeli forces against Iran, with both sides employing advanced cyber tactics in the ongoing conflict.
A recent report by Axios has highlighted a significant cyber conflict that is unfolding in parallel with military strikes conducted by U.S. and Israeli forces against Iran. This development marks a notable shift, as both nations are now employing cyber tactics that have long been associated with Iranian actors.
According to the report, Israel is actively targeting Iranian cyber infrastructure. Last week, the Israel Defense Forces (IDF) executed a “wide-scale strike” on various military sites in Tehran, which were believed to house key facilities of the Iranian Islamic Revolutionary Guard Corps (IRGC). Among the locations struck were the IRGC’s “cyber and electronic headquarters” and its “Intelligence Directorate.” However, the flow of information from Iran has been severely restricted due to an internet blackout that has been in effect since the commencement of the U.S. and Israeli strikes, as reported by Politico.
In a strategic move, Israel reportedly hacked a widely used Iranian prayer application last month. This action allowed them to send notifications to potentially millions of users, encouraging military personnel to defect from the Iranian regime. Additionally, Iranian state media has reported that various news sites, including the state news agency IRNA, were compromised to display articles about these cyberattacks, aimed at undermining the credibility of the regime.
The Financial Times has reported that the Israeli military gained access to “nearly all” traffic cameras in Tehran. Collaborating with the CIA, Israel utilized this surveillance capability to coordinate an airstrike that resulted in the death of Ayatollah Ali Khamenei, Iran’s supreme leader.
General Dan Caine, chair of the Joint Chiefs of Staff, stated that U.S. Cyber Command and Space Command were among the “first movers” during the initial strikes against Iran last month, indicating a high level of coordination between military and cyber operations.
Meanwhile, a cyberattack purportedly linked to Iranian-aligned hackers disrupted operations at Stryker, a major U.S. medical technology company. The Wall Street Journal reported that Stryker confirmed it was “experiencing a global network disruption to our Microsoft environment.” However, the company noted that there were no indications of ransomware or malware, and it believes the incident is now “contained.”
In a related incident, the same group of hackers claimed responsibility for a breach of U.S.-based payments firm Verifone. However, Verifone stated that it found no evidence of a breach or any service disruption.
Following the airstrikes on February 28, Iranian-aligned hackers and self-identified “hacktivist” groups have ramped up their activities against targets in the Middle East, the U.S., and parts of Asia. According to CrowdStrike, these groups have increased their cyber operations significantly in response to the escalating conflict. Researchers from Palo Alto Networks’ Unit 42 have also reported that numerous pro-Iran hacktivist groups have claimed responsibility for several cyberattacks since the end of February, primarily focusing on critical infrastructure.
This ongoing cyber warfare underscores the evolving nature of conflict in the digital age, where traditional military engagements are increasingly accompanied by sophisticated cyber operations. As both sides continue to leverage their cyber capabilities, the implications for regional stability and security remain profound.
According to The Wall Street Journal, the situation continues to develop as both military and cyber operations evolve in this high-stakes conflict.