Coordinated Cyberattacks Before US-Israel-Iran Airstrikes Expose Global Financial System

(MENAFN- Khaleej Times) The rules of warfare are being rewritten, hackers weaponise code to inflict more economic devastation than military campaigns, warns a cybersecurity analyst

** PUBLISHED:** Wed 4 Mar 2026, 6:00 AM

By:

Angel Tesorero

Add as a preferred
source on Google

Share:

[Editor’s Note: Follow Khaleej Times’ live blog amid ** Israeli, US strikes on Iran** for the latest regional developments.]

A catastrophic wave of coordinated cyberattacks last month has unleashed unprecedented chaos across four continents. Damages to critical infrastructure have not only led to economic and financial losses but also exposed vulnerabilities in traditional financial systems.

Recommended For You Magnitude 4.3 earthquake strikes Iran’s Gerash amid escalating Israeli-US attacks

“The rules of warfare are being rewritten, hackers weaponise code to inflict more economic devastation than military campaigns,” cybersecurity analyst Rayad Kamal Ayub has warned.

Ayub, who is also the managing director of Dubai-based Rayad Group, noted the intensity of cyberattacks accelerated dramatically since February 28, when US-Israeli forces launched extensive operations targeting Iran,“causing widespread disruptions to governmental and military systems including news websites, Islamic Revolutionary Guard Corps communications, and deep intrusions into aviation and energy infrastructure.”

** Stay up to date with the latest news. Follow KT on WhatsApp Channels.**

Ayub cited internet monitoring firms NetBlocks and Cloudflare reported Iran internet connectivity severely restricted for more than 48 hours. Iran state television was hijacked on March 1 with unauthorised footage of Israeli Prime Minister Benjamin Netanyahu broadcast, representing rare physical broadcast infrastructure compromise.

“Ransomware struck New Britain, Connecticut for over 48 hours, forcing municipal departments to manual paper-based operations. Maritime hackers wiped network edge infrastructure disconnecting 116 tankers. Qilin ransomware group struck New York Transport Workers Union Local 100, compromising data of 41,000 active and 26,000 retired members, and Tulsa International Airport, leaking sensitive corporate data online,” Ayub added.

“Adversaries have evolved beyond attacking fortified targets,” underscored Ayub, warning, “They’re systematically dismantling the contractor ecosystems that keep critical infrastructure operational-a strategy far more devastating than anyone anticipated.”

** Pre-February 28 cyberattacks**

Prior to the February 28, Ayub noted, Saudi Arabia witnessed destructive campaigns when 17 major Aramco contractors were simultaneously targeted in wiper attacks from February 17 to 21, with 2.1 terabytes of data exfiltrated before complete system destruction.

Israel suffered comprehensive assault from February 16 to 23 across financial, water, power, and government sectors. Major banks including Bank Hapoalim, Bank Leumi, and Israel Discount Bank suffered combined outages totaling 67 hours with transaction losses reaching millions of dollars. Mekorot national water company confirmed unauthorized access to six regional control centers affecting 2.3 million residents, while Israel Electric Corporation detected attackers lurking undetected for 14 to 21 days, mapping entire grid architecture.

“This isn’t reconnaissance-it’s digital hostage-taking,” Ayub explained. “When adversaries map your entire power grid but hold fire, they’re demonstrating they control your nation’s lights, water, and survival. That’s the new face of deterrence.”

Asia-Pacific also reportedly faced strategic chokepoint attacks. Jawaharlal Nehru Port in Mumbai and Chennai Port were struck February 19, causing delays impacting cargo worth over a billion dollars, with forensics pointing to Iranian malware. DBS Bank, Southeast Asia’s largest financial institution with $575 billion in assets, faced chaos February 19 to 20, with 19-hour service outages leaving 8.2 million customers stranded across five countries and transaction losses of 420 to 580 million dollars. Pakistan experienced complete internet blackout on February 18 affecting 80 million users for 4.5 hours, causing losses of $260 to 330 million.

Europe’s financial and energy backbone came under siege as UK banks including HSBC, Barclays, Lloyds Banking Group, and NatWest were hit February 21, disrupting services for 42 million customers. UK National Cyber Security Centre attributed attacks to state-sponsored actors with capabilities consistent with Iranian cyber units.

France’s TotalEnergies faced devastating attacks from February 18 to 20 affecting operations across 12 countries, with 430,000 barrels per day impacted. European energy prices spiked 6.3 per cent. Port of Rotterdam was infiltrated February 18, with automated systems offline 11 hours and operations reduced to 35 percent capacity. Approximately 12,000 containers were delayed, resulting in losses of $520 to 680 million.

Africa’s trade arteries faced peril as Suez Canal Authority suffered its first confirmed cyberattack on February 19, disrupting vessel traffic management for 3.5 hours and delaying 47 vessels. South Africa’s Transnet Port Terminals attack February 18 halted Port of Durban operations for 14 hours with 15,000 containers delayed.

‘Help has arrived’ scam

According to Ayunb, there are additional incidents including pro-West hackers hijacking a prayer app sending notifications stating “Help has arrived,” and Handla Hack attacks in Jordan claimed by hacking persona allegedly linked to Iran’s Ministry of Intelligence and Security.

“State-sponsored campaigns targeting US defense contractors intensified with China’s APT5, Russia’s UNC5792 and UNC5976, Iran’s UNC1549 and UNC6446, and North Korea’s APT43 and UNC2970 deploying AI-driven reconnaissance. Record-breaking DDoS attacks reached 31.4 terabps with network-layer attacks increasing 168.2 per cent year-over-yea. Intelligence agencies confirmed these attacks were meticulously coordinated,” Ayub added.

“Every centralised system is a single point of catastrophic failure,” warned Ayub, highlighting: “Decentralisation isn’t just innovation anymore-it’s the difference between economic survival and national collapse.”

ALSO READ

US‐Israel‐Iran conflict may trigger unprecedented cyberattacks

Amazon data centre in UAE confirms fire incident, services impacted

US–Israel–Iran conflict delivers generation‐defining economic shock

MENAFN04032026000049011007ID1110815343