The US-Israel-Iran war has largely taken place in the skies, with missiles and drones hitting military bases and critical infrastructure. But the conflict is not limited to the battlefield. Battles are also taking place in cyberspace.
Hackers and cybergroups affiliated with rival factions have begun targeting corporations, government systems, and individuals with ties to national security agencies. Data breaches, website breaches, and online intimidation campaigns have become tools of this digital confrontation.
In the latest of these claims, the hacking group Handala has been blamed for cyber intrusions targeting U.S. and Israeli entities in two separate incidents, releasing incriminating data and making threats against government officials in recent days.
As the war between the United States and Iran continues, the group claimed to have targeted American medical device manufacturer Stryker. In a post on its official website on Monday, the hackers said they had attacked nearly 200,000 systems, deleting about 12,000 terabytes of data.
Regarding this incident, the company confirmed that a cyber attack has been causing disruption globally since March 11th. “We experienced a cybersecurity attack that disrupted Stryker’s Microsoft environment globally,” Stryker said in a statement.
The group’s claims about the scale of data deletion cannot be independently verified.
In another Israeli cyber incident claimed by the group, data posted on the hackers’ website reportedly included the emails, private chats and personal information of Laura Gilinski, deputy director of the Institute for National Security Studies (INSS), an Israeli security and strategy think tank.
The group also claimed to have accessed 100,000 confidential emails linked to her. According to the hackers, Gilinsky previously served as deputy director for planning and strategy at Mossad, Israel’s intelligence agency. The authenticity of the leaked data could not be independently confirmed.
The hackers also claimed to have targeted Sima Shine, a senior researcher at INSS and former director of the institute’s research program “Iran and the Shia Axis”, who previously worked for Israeli intelligence. In posts published on
Who are the Handala hackers?
According to the International Institute for Counterterrorism (ICT), an Israel-based research group, Handala Hacking Team (HHT) emerged around December 2023 as the Israel-Hamas war intensified. Researchers said the group primarily targeted Israeli politicians, defense personnel and organizations involved in critical infrastructure.
The group has been targeting Israeli companies for over a year. ICT estimates that at least 85 cyberattacks were carried out between February 2024 and February 2025, most of which were directed at Israeli targets, with a few incidents also reported in the United States.
Their operations typically include DDoS attacks, phishing campaigns, hacking, and disclosure of leaked data. These are tactics commonly used by hacktivist groups to disrupt systems while amplifying their political messages online.
HHT posts notices about alleged breaches and distributes hacked data sets through messaging platforms such as Telegram and X, and dedicated leak websites. The group’s current Telegram channel subscribers are 2,346, and the X account has 1,463 followers and about 40 posts.
The group has been repeatedly suspended online. According to its own post, the current Telegram channel is the 41st after several previous channels were shut down. Similarly, several X profiles linked to the group were also suspended and then new accounts were created.
They also posted a call to action message on their Telegram channel, inviting supporters willing to take action against Israel and providing financial and informational support to participants.
– end