TAGS-AT E JAVËS

Rajoni dhe Bota2026-03-18 07:57:00

Cyberattacks as weapons of war, Iranian hackers target US and Israel

Shkruar nga Pamfleti
Cyberattacks as weapons of war, Iranian hackers target US and Israel
Iranian hackers target US and Israel

American medical technology company Stryker confirmed on March 11 that it had been hit by a cyberattack that disrupted its global network. According to a report by the Wall Street Journal, employees noticed on login pages the logo of Handala, a hacking group linked to Iran.

The attack targeted the company's Microsoft environment, and it is still unclear the extent of the damage and the time needed to fully restore the systems.

The Handala group claimed responsibility for the attack, claiming to have used Microsoft's cloud platform, Intune, to remotely wipe over 200,000 devices in 79 countries. This data was reported by cyber intelligence platform SOCRadar.

The group said the attack was in retaliation for a rocket attack on a girls' school in Minab, Iran, that killed more than 160 people. These claims have not been independently verified.

Cybersecurity experts consider this incident part of a broader wave of attacks by state-linked groups targeting the United States and Israel, in the context of Operation "Epic Fury."

Actors involved and objectives

A report by CloudSek highlights that several groups affiliated with the Iranian state are targeting critical US infrastructure. Among them are CyberAv3ngers, APT33 and APT55, which are linked to the Islamic Revolutionary Guard Corps (IRGC).

According to the report, CyberAv3ngers have infiltrated industrial systems using standard passwords and installing malicious programs for possible control. Meanwhile, APT33 uses common password combinations to access accounts of energy companies in the US and attempts to compromise security systems.

The APT55 group, on the other hand, focuses on cyber espionage against individuals associated with the American energy and defense sectors, with the aim of gathering information for Iranian intelligence.

The report also mentions the involvement of Iran's Ministry of Intelligence and Security (MOIS), which collaborates with groups such as MuddyWater, APT34, and Handala in operations against the US and Israel.

MuddyWater, according to CloudSek, targets the telecommunications, oil and gas sectors, as well as government institutions, by providing initial access to networks and passing data on to other actors.

Attacks and counterattacks

In addition to Stryker, Handala has claimed responsibility for other attacks, including the deletion of over 40 terabytes of data from the Hebrew University of Jerusalem and a breach of the Israeli company Verifone. However, the latter has denied any compromise or disruption of service.

Meanwhile, the United States and Israel are also reportedly conducting cyber operations. General Dan Caine stated on March 2 that the US Cyber ​​Command was among the first actors in Operation “Epic Fury”, disrupting communication networks and sensors, which he said limited Iran’s ability to respond.

US Secretary of Defense Pete Hegseth confirmed on March 13 that the US is using artificial intelligence and cyber tools in this confrontation.

According to the Financial Times, Israeli intelligence services are suspected of using data from hacked traffic cameras in Tehran to support their operations, although further details have not been made public.

Lini një Përgjigje