Skip to content
Search

Latest Stories

cipherbrief

Welcome! Log in to stay connected and make the most of your experience.

Input clean

Iran's Digital War Machine Targeting U.S. Infrastructure

Despite strikes on Iranian command centers, Tehran’s cyber operators continue targeting U.S. healthcare, energy, water, and government systems through dispersed networks and proxy groups.

Cybersecurity Photo Illustrations

Flag of Iran displayed on a laptop screen and binary code displayed on a screen are seen in this multiple exposure illustration photo taken in Krakow, Poland on September 27, 2022.

(

Photo by Jakub Porzycki/NurPhoto via Getty Images

)

The first missile strikes hadn’t even cooled before Iranian-linked hackers were moving. When the U.S. and Israel launched military operations against Iran on February 28, 2026, Tehran’s cyber forces answered not with silence but with a systematic campaign against American infrastructure, one that has since moved well beyond reconnaissance into confirmed, disruptive attacks on United States soil.

The most striking blow came on March 11, when the Handala group — widely assessed as a front for an IRGC-sponsored threat actor — hit Michigan-based medical technology giant Stryker, wiping nearly 80,000 Windows devices, stealing 50 terabytes of data, and causing severe disruptions that materially impacted the company’s first-quarter earnings. Emergency responders across Maryland lost access to the electrocardiogram transmission system used to relay patient data to hospitals. The FBI later seized two domains that Handala used to leak the stolen data. It was, analysts noted, only the beginning.

Keep reading... Show less
Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.

Related Articles

When Hackers Get AI Co-Pilots: Frontier AI and the National Security Clock

Five intelligence services rarely speak with one voice. When they warn the window of vulnerability has narrowed to months, the real question is [...] More

The War Before the War Has Already Begun

There are 65 active state-based conflicts in the world today, according to the Uppsala Conflict Data Program. That is not 65 separate crises. It is [...] More

Don’t Permit Iran to Enrich Uranium

Ideally, Iran should not be permitted to enrich uranium, even at the 3.67% low enriched uranium level, enough for nuclear reactors to generate [...] More

The AI Bubble and the Growing National Security Problem

The AI bubble is not a capability bubble. It is an expectation bubble. National security leaders are treating AI as a replacement for analysts, [...] More

From Bombing Iran to Negotiating: Trump Explains His Red Line

“I had to stop them [the Iranians] because if they had a nuclear weapon, they would use it. And you want to see bedlam, let them blow up a couple of [...] More

Cuba’s New Spy Array Raises Concerns for U.S. Security

BLUFF — On 18 June, Center for Strategic and International Studies (CSIS) researchers released a new study that says Cuba has completed construction [...] More

{{}}