Iran’s hackers are coordinating more closely, Israel’s top cyberdefense official says
Israel’s National Cyber Directorate director-general Yossi Karadi warned that Iran’s state-aligned hackers have become more organized and are leveraging AI to refine disinformation campaigns, including sending misleading text messages to Israelis during recent conflicts. Karadi also emphasized that cyberattacks will likely persist even if a peace agreement is reached, as attribution is harder to enforce than physical strikes, while Iran-linked groups have recently targeted U.S. industrial systems and medical firms like Stryker.
Israel’s top cyberdefense official, Yossi Karadi, director-general of the National Cyber Directorate, stated that Iran’s state-aligned hackers have grown more coordinated and are increasingly using artificial intelligence to enhance influence operations. In a recent interview, Karadi noted that Iranian cyber groups now share tools and collaborate more efficiently, improving their ability to execute attacks. He highlighted that AI has helped Tehran refine disinformation messages, such as sending misleading texts to Israelis, including false claims about bomb shelters being closed or recruitment attempts for intelligence-sharing. Karadi revealed that Israel has been pressing major AI labs, including Anthropic, for controlled access to advanced models like Mythos to counter Iranian cyber threats. He explained that Iranian hacking activity fluctuates based on military strikes: when Israel intensifies bombing campaigns, Iranian cyber operations decrease due to disrupted access to equipment, but they rebound when attacks ease. Recent Iranian cyber campaigns have targeted smaller Israeli organizations and U.S. entities, including industrial control systems and medical technology giant Stryker, which was reportedly compromised by a state-affiliated group. U.S. officials confirmed earlier this month that pro-Iran hackers are actively probing American infrastructure. Karadi dismissed suggestions that Israel underestimated Iran’s cyber capabilities, insisting they had prepared for Tehran’s evolving tactics since the 12-Day War. The official also warned that cyber conflicts will likely persist even if a peace agreement is reached, as cyberattacks are harder to attribute and enforce compared to physical strikes. He emphasized that ‘there is no ceasefire in cyber,’ meaning offensive cyber operations could continue unabated regardless of diplomatic efforts. Iran’s cyber activity has included espionage techniques targeting the U.S., Israel, the UAE, and other Middle Eastern nations, according to recent research. Karadi’s remarks underscore the escalating cyber arms race, where AI-driven disinformation and infrastructure attacks are becoming central to modern conflict strategies.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.