ACCORDING to Associated Press, pro-Iranian hackers are targeting sites in the Middle East and are beginning to stretch into the United States, raising the risk to American defence contractors, power stations and water plants. The group behind the activity claimed responsibility for a significant cyberattack on U.S. medical device company Stryker, with operations expanding since the war began on 28 February 2026.
Since then, they have also attempted to penetrate cameras in Middle Eastern countries to aid Iran’s missile targeting, and have attacked data centres and various critical infrastructure. Handala, the group behind the Stryker strike, is described as prioritising data destruction over financial gain, according to Ismael Valenzuela of Arctic Wolf.
Cybersecurity expert Kevin Mandia said, “Something is going to happen because the gloves are off,” highlighting the heightened risk to critical services and the need for meticulous patching and up-to-date defences. Researchers at CrowdStrike noted a surge of activity from Russian-linked actors supporting Tehran, with one group, Z-Pentest, claiming to disrupt several U.S. networks, underscoring the broader cross-border dimension of the threat.