Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Since United Countries and Israel Unleashed for the first time Extensive campaign Air strikes across Iran In late February, the cybersecurity industry warned that the country’s retaliatory measures would include punitive and disruptive cyberattacks against Western targets. Late Tuesday night, the first of those attacks reached the United States: a devastating breach of a medical technology company Striker This has It is said It disabled up to tens of thousands of computers and paralyzed much of the company’s global operations — all carried out by an Iranian hacking group calling itself “Handala.”
“We announce to the world that in response to the brutal attack on the Minab School and in response to the ongoing cyber attacks against the infrastructure of the Axis of Resistance, our major cyber operation was carried out with complete success,” said a statement published on Hanzala’s website, referring to both American tomahawk rocket Which killed at least 165 civilians In a Girls school In Iran and many more Hacking operations Carried out by the United States and Israel as part of the two countries’ attacks through Iran. “This is just the beginning of a new era of cyber warfare.”
Even among American cybersecurity researchers who closely follow state-sponsored hacking groups, Handala — which takes its name from the Hanzalah character known in political cartoons by Palestinian artist Naji Al Ali — has yet to achieve much fame. But those who have followed the group’s development, particularly in Israel’s cybersecurity industry, say the group is now widely believed to be a front for Iran’s Intelligence Ministry. They have seen hackers become the most prominent player in a wave of Iranian state cyber operators posing as hacktivists as they seek to wreak tumultuous, often politically motivated mayhem on adversaries. Handala, or the same group operating under previous names, has launched data destruction, hacking and leaking operations for years against targets ranging from the Albanian government to Israeli companies and political officials.
Now, like Iran The regime faces an existential threatIts hackers — Hanzala in particular — were likely tasked with using every tool they kept in reserve and every foothold they had quietly gained within a Western network to strike back against the United States and Israel, says Sergey Shekevich, who leads threat intelligence research at Tel Aviv-based cybersecurity firm Check Point. “They all joined in,” Shikevich says. “They are trying to do everything they can now to carry out destructive activity.”
In these efforts by Iranian state-sponsored hacking agencies to achieve highly visible and publicly visible digital retaliation, Handala has grown into “probably the most dominant group,” says Shekevich. “They are the main face now.”
Although hacker groups tend to exaggerate or embellish their successes and the impact of their activity, Handala has publicly claimed the lives of more than a dozen victims, most of them Israelis, since the start of the war two weeks ago. The group “combined the noisy, chaotic playbook of a group of hacktivists with the destructive capabilities of a nation-state,” says Justin Moore, a threat intelligence researcher at security firm Palo Alto Networks’ Unit 42 group, describing Handhala as “an essential cyber retaliation arm of the Iranian regime.”
Despite the chaos it has created, Handala’s strategic thinking should not be overstated, says Rafe Billing, director of that intelligence at cybersecurity firm Sophos’ X-Ops group. It appears that Handala is trying to reach the organizations quickly and cause as much damage as he can in the midst of the American and Israeli air strikes that struck the region. It is said Hitting parts of Iranian cyber operations. “This doesn’t have the hallmarks of a plan,” Billing says of Handala’s latest hacking campaign. “It is possible that the group is currently pursuing targets that it could hit in Israel or the United States, to demonstrate that it has some sort of retaliatory influence, but not from any sort of strategic perspective.”