Modern Defense Evolving into Hybrid Warfare On February 28, 2026, a military conflict erupted in the Middle East, shocking the world by revealing a new form of warfare. The conflict between Israel, Iran, and the United States has now transcended traditional weapon systems, entering the realm of hybrid warfare. This combination of physical military operations and large-scale cyberattacks is opening a new chapter for global security. Notably, Israel's massive cyber operation, which restricted Iran's internet connectivity to a mere 1-4%, is expected to be recorded as one of the largest cyberattacks in history. This incident demonstrates the potential for cyberspace to transform into a physical battlefield in modern society, which relies heavily on the internet, information, and technology. According to reports from Cyble and CloudSEK, operations dubbed 'Epic Fury' and 'Roaring Lion' represent a complex form of warfare that extends beyond mere military attacks to include psychological and information warfare. Initially, Israel blocked internet access to paralyze Iran's military and nuclear infrastructure. The cyber campaign simultaneously targeted Iran's internet access, government systems, and media networks, leading to an almost complete internet blackout. However, Iran immediately retaliated, launching various cyber operations alongside missile and drone attacks aimed at Israel, Gulf states, and US bases. This signifies more than just a military confrontation; it points to fierce competition unfolding in cyberspace. Particularly noteworthy is the involvement of over 70 hacker organizations in this conflict. Iranian-linked organizations such as CyberAv3ngers, Handala, Team 313, and DieNet carried out various forms of cyberattacks, ranging from DDoS (Distributed Denial of Service) attacks and website defacement to credential theft and the dissemination of disinformation. According to CloudSEK's report, these hacker groups utilized malware and phishing techniques, such as fake Israeli missile alert apps, to collect sensitive data. Experts assess this not merely as a regional threat but as a transnational one capable of adversely affecting global corporations and governments. Concurrently, Iranian-based threat groups like Charming Kitten (APT35), APT33, MuddyWater, OilRig, and Pioneer Kitten are intensifying long-term cyber threats through espionage and infrastructure disruption. These organizations possess high-level technical capabilities and are continuously amplifying risks through credential theft, intrusion into industrial control systems, and data exfiltration. Cyble's analysis indicates that these threat groups have significantly bolstered Iran's cyber capabilities, contributing to an elevated level of cyber threats not only in the Middle East but globally. Unlike past wars, this conflict has expanded the boundaries of traditional battlefields into cyberspace. For instance, Israel's large-scale cyberattack in February 2026 directly caused disruption in the daily lives of Iranian citizens. With communication networks and internet services largely blocked, economic activities were paralyzed, and critical data and systems were exposed to hacking risks. An internet connectivity drop to 1-4% effectively means the digital infrastructure of an entire nation was incapacitated. This resulted in severe paralysis across all sectors, including financial transactions, healthcare services, and public safety systems. Transnational Threat from Over 70 Hacker Organizations These events offer crucial implications for modern society, where digitalization is accelerating. Nations reliant on digital supply chains and smart infrastructure are not immune to such attacks. Without systematic management, critical infrastructure can also become targets. This is not merely a regional Middle East issue; it sends a serious warning signal globally. Particularly, countries operating highly connected digital economies increasingly need to recognize cybersecurity as a core component of national security. Experts from Cyble and CloudSEK advocate for strengthening security in preparation for such attacks. Organizations must bolster cybersecurity in the Middle East, implement multi-factor authentication (MFA), and segment critical networks to prepare for cyber threats. Network segmentation is a key strategy to prevent an attack from spreading across the entire infrastructure even if one system is compromised. Furthermore, a system for rapid response must be established through continuous monitoring and threat intelligence sharing. This case, demonstrating how modern conflicts intricately intertwine physical warfare and cyber operations, also highlights the importance of international cooperation. Since cyberattacks can spread across borders instantaneously, effective response is difficult through the efforts of a single nation alone. This is a time when information sharing, the establishment of joint response systems, and the creation of in
Related Articles