Washington– Says hackers who support Tehran Ceasefire uncertain Between Iran, the United States and Israel, it will not end Retaliatory cyber attacksIt is a warning that American cybersecurity experts say potential targets in the United States and Israel should take seriously.
One of the leading hacking groups known as Handala said after the ceasefire was announced that it had temporarily postponed attacks on the United States but would continue to target Israel. It pledged to revive its efforts against America when the time is right, demonstrating once again the extent to which digital warfare has evolved They become ingrained in military conflict. Indeed, for two weeks The ceasefire appears to be in danger Because of the major differences between the parties, each of which claims victory in the war.
It is a pro-Palestinian, pro-Iranian network that operates independently of Tehran, for which Handala has claimed responsibility. Disable processes From the American medical manufacturer Stryker W FBI Director Kash Patel’s personal email account hackedamong other cyber attacks. This group is just one of several proxy hacking networks allied with Iran.
Handala wrote on his X account: “We did not start this war, but we will be the ones to end it.” “Let it be clear: cyber war did not begin with a military conflict, and it will not end with any military ceasefire.”
US authorities warned Tuesday that Iranian-backed hackers have infiltrated Internet-connected computers used to automate and control technology in a variety of important industrial sectors. The computers, known as programmable logic controllers, are used in ports, power plants and water plants — prime targets for foreign hackers looking to disrupt daily life in the United States.
In a joint advisory from the FBI, the National Security Agency and the Cybersecurity and Infrastructure Security Agency, officials urged organizations that use the technology to ensure their security precautions are up to date. CISA did not immediately respond to questions Wednesday about the impact of the ceasefire on cybersecurity.
Cybersecurity experts say the warning should be taken seriously by potential targets regardless of which party declares a temporary truce.
Markus Mueller, executive director of cybersecurity at Nozomi Networks, said he expects an increase in cyberattacks on US organizations after the ceasefire, not a decrease. This is because any lull in hostilities would allow hackers to shift from regional targets directly involved in the conflict to efforts to infiltrate US organizations that were involved in the war effort in some way, a list that includes data centers, technology companies and defense contractors.
He also predicted that some groups based in Iran or Russia would seek to circumvent the truce by launching a major cyber attack on a US target designed to attract the attention of the American public.
“With the ceasefire, we are likely to see an expansion of cyber activity in terms of size and scope,” Mueller said. “These groups are likely to attempt a major attack like what we saw with Stryker.”
So far, attacks attributed to pro-Iranian hackers have been large in scale but low in impact, intended to boost morale among Iran’s supporters while reminding its opponents of continued vulnerabilities despite their military superiority.
Last month, Handala claimed responsibility for the hacking of Stryker, a major medical equipment supplier based in Michigan. Handala claimed that the hack was in retaliation Because of the strikes that killed Iranian schoolchildren.
The FBI responded by seizing four web addresses used by the group to spread its message. Handala then leaked several old photos of Patel after she said she hacked the FBI director’s personal email account.
Other pro-Iranian hackers have been linked to efforts to install malware on Israelis’ phones, hack cameras in Middle Eastern countries to better target Iranian missiles, and target data centers and industrial facilities in Israel, Saudi Arabia, and Kuwait.