Background: Cyber Activity Following Regional Conflict
Recent geopolitical tensions in the Middle East have sparked a wave of cyberattacks carried out by hacktivist groups. After military operations known as Operation Epic Fury and Operation Roaring Lion, security researchers began tracking a noticeable increase in politically motivated cyber activity. Hacktivist groups often respond to real-world events by launching cyber campaigns designed to disrupt services and send political messages. These actions demonstrate how cyber operations have become another arena where international conflicts can unfold.
Scale of the Attack Campaign
According to cybersecurity reports, between February 28 and March 2, 2026, researchers recorded 149 distributed denial-of-service (DDoS) attack claims targeting 110 organizations across 16 countries. Many of these incidents focused on government agencies, telecommunications companies, and financial institutions. Nearly half of the targeted organizations were government entities, suggesting that attackers were aiming to disrupt public services and make a visible political statement.
Hacktivist Groups Behind the Attacks
Several hacktivist groups were responsible for the surge in activity. Analysts identified groups such as Keymous+ and DieNet as major contributors, together accounting for roughly 70% of the attacks observed during the campaign. These groups, along with others like NoName057(16) and smaller hacktivist collectives, coordinated many of their activities through online platforms such as Telegram. On these platforms, attackers often claim responsibility for attacks and encourage others to participate in additional campaigns.
Targeted Regions and Organizations
The attacks primarily affected organizations in the Middle East, particularly in countries such as Kuwait, Israel, and Jordan. However, the campaign also extended beyond the region, with targets in Europe and other parts of the world. This widespread targeting illustrates how hacktivist cyber campaigns can quickly spread across international networks and affect organizations far removed from the original conflict.
The Growing Role of Cyber Warfare
This wave of attacks highlights a broader trend in cybersecurity: global conflicts increasingly involve cyber operations. Hacktivist groups frequently use tactics like DDoS attacks, website defacements, and data leaks to express political positions or retaliate against perceived adversaries. As cyber tools become easier to access and coordinate, organizations, especially those connected to governments or critical infrastructure, must remain vigilant and strengthen defenses against politically motivated cyber threats.