hackers

How 'Handala' Emerged as the Symbol of Iran's Cyber Counteractions

How ‘Handala’ Emerged as the Symbol of Iran’s Cyber Counteractions

spartaLeave a Comment on How ‘Handala’ Emerged as the Symbol of Iran’s Cyber Counteractions

In the wake of the extensive airstrike operations conducted by the United States and Israel over Iran in late February, the cybersecurity sector anticipated retaliatory cyber offensives targeting Western entities. Tuesday night saw such an incident unfold in the US: a data breach at the medical technology company Stryker, believed to have ties to Iran, disabled tens of thousands of computers and disrupted global operations. The Iranian hacking collective Handala took responsibility for the breach.

A pronouncement on Handala’s website characterized the cyber operation as a reaction to the American Tomahawk missile assault that claimed the lives of 165 civilians at a girl’s educational institution in Iran and the ongoing hacking actions of the US and Israel. This pronouncement marks the beginning of a new phase in cyber warfare.

Once relatively unknown, Handala—named after a character created by Palestinian artist Naji al-Ali—is regarded by cybersecurity analysts, particularly in Israel, as a façade for Iran’s Ministry of Intelligence. Renowned for its data-deletion and hack-and-leak strategies, its targets have included the Albanian government and Israeli organizations.

In light of escalating existential threats, Iranian hackers, chiefly Handala, are encouraged to use every intended tool and network access against the US and Israel, stated Sergey Shykevich from the cybersecurity firm Check Point. Shykevich identifies Handala as the most active and prominent group in this vengeful campaign.

While hacking collectives often inflate their achievements, Handala has claimed numerous victims, predominantly in Israel, throughout the recent hostilities. Merging chaotic hacktivist tactics with governmental capabilities, the group acts as a primary cyber-retaliation entity for Iran, according to Justin Moore from Palo Alto Networks’ Unit 42.

Despite the chaos it generates, Handala’s operational coherence is doubtful, according to Rafe Pilling from Sophos’ X-Ops team. The group attempts swift access and infliction of damage in reaction to airstrikes that reportedly impact Iran’s cyber capabilities. Currently, Handala seems to be exploiting any available opportunity without an evident strategic framework.