Cyber Security / Geopolitics

149 Hacktivist Attacks Across 16 Countries Signal Escalating Cyber War in the Middle East

Cyber Hunter Team
March 17, 2026
4 min read
149 Hacktivist Attacks Across 16 Countries Signal Escalating Cyber War in the Middle East

Surge in hacktivist cyberattacks targets governments and critical infrastructure across the Middle East and beyond

149 Hacktivist DDoS Attacks Hit 110 Organizations Across 16 Countries

Cybersecurity researchers are warning of a sharp escalation in hacktivist activity following the recent U.S.-Israel military operations against Iran, codenamed Epic Fury and Roaring Lion.

According to a report by Radware, the cyber threat landscape in the Middle East has become highly concentrated, with just two groups — Keymous+ and DieNet — responsible for nearly 70% of all attack activity between February 28 and March 2.

The first recorded DDoS attack in this wave was launched by Hider Nex (also known as Tunisian Maskers Cyber Force) on February 28, 2026.

A Coordinated Hacktivist Campaign

Data from multiple cybersecurity firms indicates that:

  • 149 DDoS attack claims were recorded
  • Targeting 110 organizations
  • Across 16 countries
  • Conducted by 12 different hacktivist groups
  • Government entities (47.8%)
  • Financial institutions (11.9%)
  • Telecommunications (6.7%)

Regional Focus: Kuwait, Israel, Jordan

The distribution of attacks within the region shows clear concentration:

  • Kuwait: 28%
  • Israel: 27.1%
  • Jordan: 21.5%

Key Threat Actors

Alongside Keymous+ and DieNet, several other groups have been involved in disruptive operations, including:

  • NoName057(16)
  • Handala Hack
  • APT Iran
  • Cyber Islamic Resistance
  • Dark Storm Team
  • 313 Team
  • Nation of Saviors (NOS)
  • Conquerors Electronic Army (CEA)

Expanding Scope of Cyber Operations

The current wave of cyber activity extends beyond simple DDoS attacks and includes:

  • Claims of breaches targeting Israeli military infrastructure
  • SMS phishing campaigns distributing surveillance malware
  • Attacks on energy and cloud infrastructure in the Gulf region
  • Website defacements and psychological operations

Hybrid Warfare: Cyber + Geopolitics

Security analysts emphasize that cyber operations are now evolving alongside traditional conflict.

“The digital front is expanding alongside the physical one,” — Radware

Iranian-linked threat actors are increasingly blending:

  • Espionage
  • Disruption (DDoS)
  • Psychological influence operations

Risk Outlook

Organizations in:

  • Government
  • Critical infrastructure
  • Finance
  • Defense
  • Telecommunications

The UK’s National Cyber Security Centre (NCSC) has already issued warnings urging organizations to strengthen defenses against:

  • DDoS attacks
  • Phishing campaigns
  • ICS targeting

Operational Impact & Strategy

Experts highlight that Iran has historically leveraged cyber operations as a response tool to geopolitical pressure, often utilizing both state-linked actors and affiliated cyber groups.

At the same time, the current situation represents a stress test for:

  • Digital infrastructure
  • Cloud ecosystems
  • Financial systems
  • Crypto markets under constrained connectivity

Conclusion

The recent surge in hacktivist activity marks a significant shift in the cyber threat landscape.

What we are witnessing is not Just a wave of attacks

but a coordinated digital escalation aligned with geopolitical conflict.

The battlefield is no longer limited to the land

it now extends deeply into networks, systems, and critical infrastructure worldwide.

Indexed Under:
DDoSCybersecurityHacktivismMiddle EastIranThreat IntelligenceCyber Warfare
0x//PROT_SEC
Status: Active
Secure Infrastructure

Ready to secure your future?

Our experts are ready to provide the intelligence and protection your business needs to stay ahead of evolving threats.

Contact Us Now