ZeroFox Intelligence Flash Report - Cyber SITREP #1 - Military Strikes on Iran - March 5, 2026

ZeroFox Intelligence Flash Report - Cyber SITREP #1 - Military Strikes on Iran - March 5, 2026

Product Serial: F-2026-03-05c

TLP:CLEAR

In this Flash report, ZeroFox researchers report on the latest cyber developments relating to U.S. and Israeli combat operations against Iran.

Standing Intelligence Requirements

For the most up-to-date list of ZeroFox’s Intelligence Requirements, please visit:

https://cloud.zerofox.com/intelligence/advisories/14956

Link to Download

View the full report here

Key Findings

• The United States and Canada have issued warnings that Iran-aligned cyber threat actors are very likely to target Western critical infrastructure and financial institutions in retaliation for the ongoing U.S.-led attacks in Iran.
• Threat actors and hacktivist collectives—primarily those who self-describe as pro-Iranian, pro-Islamic, pro-Palestinian, or pro-Russian—are employing a combination of distributed denial-of-service (DDoS) attacks, website defacements, data exfiltration, and claimed intrusions into Industrial Control Systems (ICS).
• Since February 26, 2026, at least 241 separate cyber incidents have likely been linked to the ongoing military campaign against Iran. These incidents include ransomware attacks, initial access broker (IAB) sales, and vulnerabilities/exploits affecting multiple regions and industries. The notable increase in cyber activity is likely intended to support Iran and retaliate against nations perceived as backing U.S. military operations.