Surge in Hacktivist Activity Amid U.S.-Israel Military Actions
Recent developments in cybersecurity have raised alarms among experts regarding a notable uptick in hacktivist operations. This increase stems from the U.S.-Israel military campaign against Iran, known as “Epic Fury” and “Roaring Lion.” According to a report by Radware, the Middle East has experienced heightened activity, with two main groups—Keymous+ and DieNet—accounting for nearly 70% of all attacks recorded between February 28 and March 2.
Emergence of Hacktivist Groups
One of the key players in this rise is Hider Nex, also referred to as the Tunisian Maskers Cyber Force. This group, which emerged in mid-2025, is known for its pro-Palestinian stance and uses a combined tactic of distributed denial-of-service (DDoS) attacks along with leaked sensitive data to further its political agenda. The first DDoS attack attributed to this group took place on February 28, 2026, marking a significant moment in the current digital conflict landscape.
A total of 149 claims of hacktivist DDoS attacks were identified, targeting 110 distinct organizations across 16 countries. These operations involved 12 different groups, with Keymous+, DieNet, and NoName057(16) responsible for a staggering 74.6% of the activity.
Focus and Targets of Attacks
Most of the attacks—107 out of 149—were concentrated in the Middle East, particularly targeting public infrastructure and state-related organizations. Kuwait led the charge, accounting for 28% of the claimed attacks, followed closely by Israel at 27.1% and Jordan at 21.5%. A secondary hotspot of activity appeared in Europe, which experienced 22.8% of the global attack claims during this period.
The vulnerabilities of various sectors were stark, with nearly half (47.8%) of the targeted organizations being from the government. The finance and telecommunications sectors were also notably affected, accounting for 11.9% and 6.7%, respectively.
Broader Implications of Cyber Warfare
Radware noted that the current digital aggression against infrastructure in the Middle East reflects a shift in hacktivist strategies, with multiple nations now being targeted simultaneously. Various groups are now at the forefront of these confrontations, including Nation of Saviors, Conquerors Electronic Army, and Handala Hack, among others.
Evolving Tactics and Strategies
The landscape of cyber warfare continues to evolve, with pro-Russian hacktivists also making headlines. Cardinal and Russian Legion claimed to have breached Israeli military networks, including its Iron Dome defense system. In addition, deceptive phishing campaigns have been identified, deploying malicious applications designed to monitor and extract data.
Iran’s Islamic Revolutionary Guard Corps (IRGC) has focused on vital infrastructural targets such as energy sectors in Saudi Arabia and data centers in the U.A.E., aiming to leverage military losses against economic stability.
Despite operational adjustments made by major Iranian cryptocurrency exchanges, they remain active but have begun suspending or batching withdrawals as a precaution against possible connectivity disruptions. Experts indicate that this reflects a market striving to manage volatility amid the current geopolitical climate.
Expert Assessments and Recommendations
Experts, including those from cybersecurity firms like SentinelOne and Nozomi Networks, have expressed that organizations in Israel, the U.S., and allied nations are likely to experience intensified threat levels. The advisory stresses the urgency for these organizations to ramp up their cybersecurity measures, particularly in government, critical infrastructure, and financial sectors.
With Iran advocating a history of cyber operations in response to perceived threats, analysts suggest that it may choose to activate cyber actors as a form of backlash against military actions. It’s critical for stakeholders in these sectors to implement continuous monitoring systems, stay updated on threat intelligence, and ensure that proper segmentation exists between operational and informational technology networks.
Conclusion
As the digital landscape shifts in response to international conflicts, understanding the evolving tactics of hacktivist groups and state-sponsored actors is imperative. The ongoing situation demands vigilance and proactive measures from organizations, ensuring they are equipped to withstand the increased challenges posed by cyber warfare.
