The cyber battlefield between Iran and Israel is now just as active as the missile barrages seen across the region.
According to reporting from Politico, both countries have been launching targeted cyberattacks in parallel with military action, and American officials are warning this digital warfare could soon hit the United States directly.
The US military’s overnight airstrikes on Iran’s nuclear sites raised the risk of direct cyber retaliation against American infrastructure.
Military and intelligence analysts say Iran’s next move could involve hacking into US electricity grids, water systems, or other critical networks. Alex Vatanka, senior fellow at the Middle East Institute, said bluntly that “cyber is one of the tools of Iran’s asymmetric warfare.”
The National Terrorism Advisory System issued a public alert on Sunday warning that Iranian-affiliated hackers could target “poorly secured US networks and Internet-connected devices.” US officials say low-level pro-Iranian hacktivist attacks are likely, and more serious government-linked intrusions are possible.
US defense and private sector on high alert for Iran-backed attacks
General Dan Caine, who chairs the Joint Chiefs, confirmed to reporters on Sunday that US Cyber Command had supported the military strikes, though he didn’t provide further details. The Pentagon’s cyber branch gave no public comment, and the Cybersecurity and Infrastructure Security Agency (CISA) also declined to respond when asked about its defensive posture.
Behind the scenes, though, critical infrastructure groups last week warned American companies to get their defenses up fast. Jen Easterly, the former CISA Director, took to LinkedIn and posted that US infrastructure players should keep their “shields up” and expect “malicious cyber activity.”
Jen reminded readers that Iran has a long history of cyber strikes on civilian targets, including water plants, financial systems, pipelines, and government websites. She didn’t confirm whether Israel’s recent airstrikes affected Iran’s cyber capacity, but she did say the threat remains serious.
In 2023, an Iranian gang breached an Israeli hospital and leaked patient data. Not long after, an Israeli hacking group shut down large parts of Iran’s gas station network. Vatanka told reporters that Israel still holds the upper hand, saying, “The Iranians… are good, they are emerging, but I don’t think they’re at the level of the Israelis or Americans.”
The Israeli-aligned hacking group Predatory Sparrow claimed responsibility for shutting down Iran’s Bank Sepah, which caused widespread customer problems. They later said they had drained $90 million from Nobitex, the country’s biggest crypto exchange. The group also dumped pieces of Nobitex’s source code on X, formerly Twitter.
Iran responds with shutdowns, surveillance, and renewed espionage
As cyberattacks hammered Iran’s digital infrastructure, its state broadcasters were also hijacked. Multiple videos showed anti-government messages popping up on Iranian state TV last week.
That triggered a government-ordered internet blackout still in effect as of Sunday, aimed at blocking public access to the attacks. Vatanka said this showed Iran’s regime was trying to “gain control of the flow of information” and possibly prevent public unrest.
Security officials inside Iran have started locking down their own tech use. Last week, senior Iranian personnel were told to ditch any internet-connected devices, especially phones, to limit exposure to more Israeli cyber disruptions.
This came after reports that Israeli intelligence may have tracked down Hezbollah units in Lebanon using wireless signals from pager devices. Thousands of those pagers reportedly exploded, leaving many injured.
One reason Israel’s cyberattacks worked so well is timing. Israeli forces launched the first blows—both in the air and online, giving them extra room to prep their defensive and offensive systems while Iran scrambled to catch up.
Still, Iranian-backed groups aren’t done. Over the weekend, Israel’s National Cyber Directorate warned its citizens abroad not to fill out digital forms or click links on suspicious sites that may be harvesting personal data for intelligence.
Gil Messing, chief of staff at Check Point Software, told reporters Saturday that cyber campaigns targeting Israel had recently “escalated a bit.” He didn’t mention any new damage but said there was a surge of disinformation on social media, including false texts about gas shortages and fake instructions telling people to avoid shelters.
The Israeli civilian cyber defense agency also said Iran was trying again to break into internet-connected cameras for surveillance. That tactic is cheap, fast, and dangerous—and it’s hard to trace. Inside the US, the alarm bells are ringing again.
John Hultquist, chief analyst for Google’s Threat Intelligence Group, posted on X that Iran’s cyber units often focus on “psychological purposes.” He added that his biggest fear right now is cyber espionage targeting US leaders.
“I’m most concerned about cyber espionage against our leaders and surveillance aided by compromises in travel, hospitality, telecommunications, and other sectors where data could be used to identify and physically track persons of interest,” John wrote.
KEY Difference Wire helps crypto brands break through and dominate headlines fast
