Pro-Iran Hackers Claim Breach of Israeli Surveillance Firm Amid Rising Cyber Conflict

The cyberwar between Iran and Israel is heating up as pro-Iran hacktivist groups are throwing their weight behind Iran. There’s been a number of attacks aimed at disrupting critical Israeli infrastructure.

One of such is the latest claim by a group that calls themselves Cyber Islamic Resistance. The group released a video online as proof that they hacked an Israeli company that makes surveillance camera systems.

Details of the latest Iran-linked cyber breach claim

The Cyber Islamic Resistance dropped a video on March 17, claiming they successfully breached Logit E.D. Logit E.D is an Israeli firm that manufactures surveillance and camera systems.

According to the hacker crew, they broke into the company’s internal camera and private systems. They posted the video of their exploitation on Telegram under their ‘Cyber Islamic Resistance Axis’ campaign. This video has the same style and logos as their other videos, but for now, no outside expert has verified the authenticity yet.

Coordinated cyberattacks targeting Israel and perceived supporters

Since the US and Israel launched Operation Epic Fury against Iran, the internet has become a major battlefield. Right after the conflict began, over 60 pro-Iranian hacktivist groups joined forces in something they call an “Electronic Operations Room” on Telegram.

The coalition calls itself the Cyber Islamic Resistance. In just the first two weeks of the war, it claimed responsibility for over 600 distinct attacks across more than 100 Telegram channels.

These aren’t just small-time players either. The group has taken credit for operations against Israeli defense company Rafael’s air defense systems. It also claimed an attack on VigilAir, a drone detection service, and said it disrupted electricity and water systems at a hotel in Tel Aviv.

US companies targeted in new cyber attacks

Israel isn’t the only receiving end of these attacks. American companies are getting hit hard too. On March 11, medical tech giant Stryker said a cyberattack hit its global network. When employees logged in at their offices, they saw the logo of Handala, a hacking group linked to Iran.

European entities are facing similar threats, the European Space Agency recently suffered a breach that leaked staff data on the dark web, demonstrating that the cyber war between Iran and its adversaries has truly global reach, hitting targets across continents.

Handala claimed it exploited Microsoft’s cloud management platform to remotely wipe more than 200,000 devices across 79 countries. The group said the attack was retaliation for a missile strike on a girls’ school in Iran that killed over 160 people. Handala has also claimed it wiped over 40 terabytes of data from servers at the Hebrew University of Jerusalem.

State actors target critical infrastructure

Beyond the hacktivists, Iran’s state-backed groups are going after America’s most sensitive systems. Groups tied to Iran’s Islamic Revolutionary Guard Corps, including APT33, CyberAv3ngers, and APT55, have launched attacks on American industrial control systems. These are the computers that run water treatment plants, power grids, and manufacturing lines.

The tactics are surprisingly simple but effective. CyberAv3ngers hackers are logging into industrial machines using default passwords that companies never changed. They then install malware that could potentially control those systems. APT33 tries to crack accounts at US energy firms using common passwords, aiming to disrupt safety systems. At the same time, APT55 spies on people linked to US energy and defense, collecting info for Iranian intelligence.

The gulf states get their share of cyber attacks

The conflict is extending into other Middle Eastern countries. Recently, pro-Iranian group 313 Team that’s based in Iraq, claimed they attacked several Kuwaiti government websites, including the Armed Forces and the Ministry of Defence websites. The group has also gone after Romanian and Bahraini sites.

In addition, one other group, DieNet, with connections all over the Middle East, claims it attacked airports in Bahrain, Saudi Arabia, and the United Arab Emirates. 

Not forgetting NoName057(16), which launched several DDoS attacks to disrupt Israeli municipal, political, and defense sites. They’ve also teamed up with a North Africa-based group called Hider-Nex to target Kuwaiti government websites.

A reckless and unpredictable threat

What makes these groups particularly dangerous is their unpredictability. Security researchers at CloudSek say these actors “operate on ideological initiative rather than central state direction.” That makes them hard to track. The report warns they’re not as disciplined as state-directed groups, are potentially more reckless and they don’t care how their actions affect civilians.

These groups are also likely using artificial intelligence to boost their capabilities. AI helps them “compensate for the technical depth that they lack,” according to researchers. That means even amateur hackers can now pull off sophisticated attacks.

Israel and the US fight back

Of course, Israel and the US aren’t just sitting there taking hits. General Dan Caine, America’s highest-ranked military officer, said US Cyber Command was one of the “first movers” in Operation Epic Fury. They disrupted Iranian communications and sensor networks, leaving Iran “without the ability to see, coordinate, or respond effectively.”

Israeli spies have reportedly used intelligence from hijacked traffic cameras across Tehran to aid in their operations. And Defense Secretary Pete Hegseth confirmed the US is using AI and cyber tools as part of its war in Iran.

Pro-Israeli groups are fighting back by hacking Iranian companies. Anonymous Syria Hackers said they hacked an Iranian tech firm and stole PayPal account logins. But security experts say Israel mostly runs its cyber operations from the state level, making independent groups largely redundant.