The cyberattacks by hacker groups affiliated with Iran’s regime have escalated following U.S. strikes on Iran’s nuclear facilities. American banks, military contractors, and oil companies have been targeted in recent days.
In a report, the Associated Press quoted cybersecurity experts saying that although the growing cyberattacks by Iran-backed hackers have not yet caused widespread disruption to U.S. critical infrastructure or its economy, the situation could quickly change if the ceasefire collapses.
The report, published on Wednesday, June 25, warned about the possibility of an emerging digital war against the United States by independent hacker groups supporting Iran’s regime.
Massive Data Breach Exposes Personal Information of 30 Million Hamrah Aval Users in Iran
According to Arnie Bellini, a tech entrepreneur and investor, U.S. attacks could even encourage Iran, Russia, China, and North Korea to invest further in cyber warfare.
He pointed out that hacking operations are far cheaper than warfare involving bullets, military aircraft, or nuclear weapons, saying: ”
“America may be militarily dominant,” he said, “but its reliance on digital technology poses a vulnerability.”
U.S. federal officials have stated that they are currently on high alert to counter increasing efforts by hackers attempting to infiltrate US networks.
On Tuesday, June 24, the US Cybersecurity and Infrastructure Security Agency (CISA) instructed all organizations that manage critical infrastructure—such as water systems, pipelines, or power plants—to remain fully vigilant.
According to the Associated Press, not all hacker groups involved in these attacks are working with Iran’s military or intelligence agencies—some operate entirely independently.
The cybersecurity company Trustwave has so far identified over 60 hacker groups that support the Iranian regime.
Possible shift in objectives of hacker groups supporting Iran’s regime
Iran’s regime and its allies—particularly Russia—have in recent years attempted to influence U.S. domestic politics and harm Israel through cyberattacks.
Between 2011 and 2013, a series of cyberattacks under the name “Operation Ababil” targeted the websites of more than 40 American banks—including Bank of America, Chase, Wells Fargo, and JPMorgan—causing temporary disruptions to online banking services.
Groups such as Charming Kitten, Phosphorus, and APT33—believed to be connected to Iranian regime security agencies—have repeatedly targeted U.S. critical infrastructure.
Jake Williams, a former analyst with the U.S. National Security Agency (NSA) and now vice president of research and development at Hunter Strategy, told the Associated Press:
“It’s fairly certain that these limited resources are being used for intelligence collection to understand what Israel or the U.S. might be planning next, rather than performing destructive attacks against U.S. commercial organizations.”
Intelligence agencies, including the CIA, the National Security Agency (NSA), and others have also faced staff reductions.
Ziv Mador, vice president of security research at SpiderLabs, an Israel-based firm, told the Associated Press:
“The Israel-Iran conflict shows the value of investments in cybersecurity and cyber offense, Mador said. He said Israel’s strikes on Iran, which included attacks on nuclear scientists, required sophisticated cyberespionage that allowed Israel to track its targets.”
Bellini also said that expanding U.S. cyber capabilities requires investment not only in technology but also in public education, to ensure that devices and networks are properly protected.
“It’s Wile E. Coyote vs. the Road Runner,” Bellini said. “It will go back and forth, and it will never end.”
