The Iranian regime has begun a cyberwarfare campaign, opening up a new front in the war against the United States and Israel.
U.S. intelligence officials have warned that Iran-aligned hackers and proxy groups are gearing up for major retaliatory operations against American and allied targets as the military conflict intensifies, according to CNN.
The US intelligence community has issued a flurry of private warnings in the past week to American companies and government agencies urging vigilance and the hardening of possible targets of cyber attack by the Iranian regime in response to the war with Tehran, according to national security sources and memos reviewed by CNN.
While no specific or credible threat has been outlined, in one recent bulletin to US law enforcement agencies, the Department of Homeland Security warned of a heightened threat environment following the killing of Iran’s supreme leader, Ayatollah Ali Khamenei.
US intelligence officials routinely send bulletins to law enforcement agencies across the country, sharing information on potential threats and best practices for protecting the public.
Citing open-source intelligence, the DHS “critical incident note” said that “two top Iranian religious leaders issued separate Farsi-language fatwas calling on Muslims worldwide to take revenge for the killing” of Khamenei.
“The fatwas, Iranian government rhetoric, and online messaging from regime supporters promoting retaliation against the US heightens the threat from violent extremists who support the Iranian regime,” the bulletin said.
60+ Iranian-aligned hacktivist groups launched coordinated cyber operations within hours of the Feb 28 US-Israel military strikes on Iran -- the largest single-event hacktivist mobilization ever recorded.
— Rory Bernier (@RoryCrave) March 11, 2026
DDoS attacks peaking at 1.2 Tbps, 40,000+ exposed US industrial control…
As the Iranian regime continues suffering under U.S. and Israeli airstrikes, hackers are reportedly prepared to kick into high gear. Arctic Wolf reported that the regime has long relied on cyber operations and proxy groups to act against Western nations.
U.S. officials have not highlighted specific Iranian cyberattacks the regime plans to employ, but its hacker groups could move from low-level attacks to more coordinated threats against critical American infrastructure, including energy, water, and telecommunications networks.
The officials noted that “historically, the US financial sector has been viewed as a priority target and a target of opportunity by Iranian-aligned cyber actors,” CNN reported.
SITREP - Cybersecurity - #epicfury #iran
— Christopher Burgess (@burgessct) March 10, 2026
Taken from the report I issued today 12-page pdf.
Executive Summary
Operation Epic Fury enters Day 10. As Iran’s kinetic military capacity degrades under sustained US-Israeli air operations and a near-total internet blackout… pic.twitter.com/xNX30ZWDI0
This strategy became apparent with the massive Iranian cyberattack on Stryker, a Michigan-based medical technology company. Pro-Iran hacktivist group Handala claimed it wiped data from over 200,000 systems, servers, and mobile devices tied to the company’s operations in 79 countries.
The company reported that its systems experienced a “global network disruption” that forced hospitals in several states and countries to disconnect from its online platforms. The hackers wormed their way into login screens and made them display the Handala logo, prompting company management to instruct staff to refrain from powering on company devices or connect them to the internet.
The Stryker attack should be seen as a prelude to what Iran and its hackers hope to do next as it escalates efforts to damage the West. The regime has previously targeted financial institutions, industry control systems, and government networks in the U.S. and allied countries, according to the Center for Strategic & International Studies (CSIS).
They are likely to expand that playbook amid the war in Iran. The Register reported that Iran’s Islamic Revolutionary Guard Corps (IRGC) identified facilities belonging to tech giants like Amazon, Google, IBM, Oracle, and others.