Do Son 
The conflict between Iran and Israel is unfolding not only on land and in the skies, but also across the digital battlefield. Both nations possess formidable cyber arsenals, and cyberattacks have become a critical component of strategic warfare, alongside missile strikes and conventional military operations.
Following Israel’s June 13 strikes on Iranian nuclear facilities and high-ranking military officials, analysts are convinced that Tehran will not limit its response to the physical domain. With its conventional defenses weakened, Iran may well turn to a cyber counteroffensive—one that could extend beyond Israeli targets to include infrastructure within the United States.
According to a former White House adviser and current head of the Cyber Threat Alliance, both nations are already actively deploying digital resources, at a minimum for reconnaissance. Iran and Israel are capable of conducting both reversible attacks—such as DDoS campaigns—and irreversible ones, such as deploying wiper malware designed to permanently destroy data.
A Google Threat Intelligence Group analyst noted that until recently, Iranian cyber activity had largely focused on neighboring Middle Eastern states. However, the current escalation may prompt a shift in strategy. U.S. government entities, military and political assets, private enterprises, and even individuals—particularly those tied to critical infrastructure—could soon fall within the scope of Iranian cyber operatives.
While Iran possesses the capacity to launch destructive cyberattacks, the technical sophistication of its operations often lags behind that of other major actors. One example is the activity of CyberAv3ngers, a group linked to Iran’s Islamic Revolutionary Guard Corps (IRGC). In 2023, they infiltrated U.S. water supply systems by exploiting default credentials on remote controllers. The same group later deployed specialized malware to remotely manipulate water and fuel systems in both the U.S. and Israel.
Yet, as analysts observed, the attackers failed to fully leverage the access they had obtained. Their limited technical expertise prevented them from causing substantial disruptions, even though the opportunity existed. Should Iran find a full-scale military response unfeasible, it is likely to shift a significant portion of its retaliation to the cyber domain—elevating the threat to Israeli and American interests alike.
Israel’s capacity to counter cyber threats is traditionally regarded as robust. The outlook for the United States, however, is more troubling. Many vulnerabilities reside within smaller firms responsible for maintaining critical infrastructure—ranging from power grids to transportation networks.
Given this reality, experts warn that American businesses must exercise heightened vigilance. Iran may well seek to exploit gaps in corporate cybersecurity. At the same time, observers should expect exaggerated claims of impact—Iranian threat groups frequently overstate the success of their operations in pursuit of psychological leverage.
Should Iranian cyber activity intensify, experts predict the deployment of destructive tools, including data-wiping malware and tactics reminiscent of the infamous NotPetya attack. Likely targets include water supply networks, transportation systems, and the energy sector.
Adding to the tension is the specter of international alliances. Analysts do not rule out the possibility that Iran’s allies might join the fray should the conflict escalate—particularly if the U.S. intervenes directly or Israeli strikes impair Iran’s oil infrastructure.
Such developments could spark a systemic cyberwar involving multiple nation-states, with far-reaching consequences for civilian and military infrastructure across continents.
When traditional instruments of warfare lose their edge, the keyboard becomes the new frontline—and in this emerging theatre, victory belongs not to the one with the most missiles, but to the one who can silently plunge a city into darkness.
Donate