Following Israel’s June 13 air offensive Operation Rising Lion, the global cyber conflict has escalated sharply with a 32% increase in attacks over the past week, totaling more than 1,150 incidents. These cyber operations stem from ongoing Israel–Iran tensions and are being conducted by over 80 hacktivist and APT groups, primarily aligned with Iran. The most heavily targeted nations are Israel (700% spike in 48 hours), the United States (17% of incidents), and India (7%), but the wave has reached France, Italy, and beyond. Attackers are unleashing DDoS, credential theft, wiper malware, data breaches, and psychological warfare campaigns against critical infrastructure, government, financial, telecom, and healthcare sectors worldwide.
In the heat of this digital confrontation, cyberattacks have become more sophisticated and multi-faceted. State-linked Iranian groups such as APT34 (OilRig), APT39 (Remix Kitten), and CyberAv3ngers have ramped up operations targeting Israeli energy grids, water systems, and defense networks, deploying custom malware and wipers to disrupt system integrity. These campaigns often involve supply-chain intrusion compromising software providers and third-party vendors allowing threat actors to gain persistent footholds in Western and Israeli infrastructure.
Simultaneously, over 65 pro-Iran hacktivist crews, including Handala Hack, DieNet, and Cyber Islamic Resistance, are executing high-volume DDoS and data exfiltration attacks. Handala Hack, believed tied to Iran’s MOIS, has claimed responsibility for breaching Israeli companies like Delek Group and telecoms, allegedly stealing terabytes of sensitive documents. Beyond technical disruption, Iranian-aligned groups have escalated psychological warfare: distributing fake missile alerts via compromised SMS systems, hijacking radio broadcasts, and deploying AI-driven botnets to spread disinformation through social media and messaging channels.
These operations unfold not in isolation but through loosely coordinated networks. Communications, toolkits, and propaganda circulate openly on Telegram and dark forums, enabling rapid campaign scaling. Pro-Israel actors are responding; groups like Predatory Sparrow have attacked Iranian financial institutions, including Bank Sepah, causing service outages and claiming data destruction. Complex multi-stage attacks are evident starting with reconnaissance and spear‑phishing, followed by credential compromise, lateral movement, and culminating in destructive payloads or wipers.
The consequences of this cyber surge are already visible: critical infrastructure disruptions, breaches in government and telecom systems, and leaked or manipulated data. Israel’s centrality in the conflict has attracted a 700% surge in cyber incidents, while U.S. agencies warn of potential spill-over attacks targeting utilities, transportation, and communications. India besides being the third most attacked country is facing waves of phishing, ransomware, and supply chain threats aimed at destabilizing its growing digital environment.
Psychological operations remain central to the threat model. Adversaries are forging public alert messages, staging radio hijacks, and spamming panic-inducing missives to sway public sentiment. Globally, businesses and governments are being compelled to elevate alert levels, guard against spear-phishing and DDoS, and monitor third-party dependencies. The blended nature of technical and influence operations marks this campaign as a potent, evolving cyber conflict phase.
https://www.newarab.com/news/iran-linked-hackers-launch-wave-cyberattacks-israel
