AS War Continues, Pro-Iranian Actors Launch Barrage of Cyberattacks reports that Iran and its supporters have intensified cyber activity in response to US-Israeli military action, aiming to cause economic and physical disruption through DDoS, critical infrastructure attacks, and data exfiltration.
Security researchers note that the attacks are likely to continue in the immediate wake of the conflict, with groups linked to Iranian state entities such as the IRGC and MOIS, plus hacktivist organisations sympathetic to Iran. A coalition of pro-Iranian and pro-Russian actors has run the “#OpIsrael” campaign, targeting critical infrastructure and data, while other operatives have struck at Israeli and regional targets, according to Check Point Research, Flashpoint, Unit 42, Cisco Talos and others.
The IRGC has reportedly targeted the energy sector, including an Aramco facility in Ras Tanura and an AWS data centre in the UAE, in what Flashpoint describes as an effort to inflict global economic pain and disrupt energy supply. The piece also names individual groups such as Cotton Sandstorm, FAD Team, Handala Hack and Cyber Islamic Resistance, detailing their claimed activities and targets, and it notes that the US government, according to NSA sources, expects a significant cyber response in the coming weeks.
According to Check Point Research and others, organisations should bolster security hygiene, enable MFA, scrutinise circulating links, and prepare for cyber-physical hybrid threats. March 3, 2026. According to the NSA.