The Unseen War: Cyber Warfare in the Shadow of Global Conflicts

As of June 2025, while missiles and drones dominate news cycles in conflicts like Israel-Iran and Russia-Ukraine, a parallel cyber war is escalating. This hidden battle involves state-sponsored attacks, hacktivist campaigns, and the blurring lines between nation-state operations and cybercrime. From a cybersecurity researcher’s perspective, the past few weeks have seen a dramatic surge in cyber warfare, particularly tied to these conflicts, alongside a rise in cyber protesting and a muddying of the waters with criminal hacking enterprises. This post examines the state of this unseen war, drawing on recent events, historical lessons, and emerging technologies to highlight its impact and the urgent need for stronger, proactive defenses.

Historical Context

Today’s cyber warfare has evolved significantly, with key historical attacks shaping current strategies and showing how digital operations are increasingly synchronized with physical conflicts.

• 2007 - Estonian Cyber Attacks: In one of the first major state-driven cyber campaigns, Russia allegedly launched massive DDoS attacks on Estonia’s government and banking websites, which paralyzed the nation's digital infrastructure.
• 2008 - Russo-Georgian War: Cyberattacks on Georgian government websites coincided directly with military actions, establishing an early and effective model for integrated warfare.
• 2010 - Stuxnet: A watershed moment, this sophisticated worm, likely a U.S.-Israeli effort, was the first to prove that a cyberattack could cause tangible, physical harm by successfully damaging Iran’s nuclear centrifuges.
• 2012 - Shamoon: In a likely retaliation for Stuxnet, Iran is believed to have targeted Saudi Aramco with this wiper malware, erasing data from thousands of computers and disrupting global oil markets in a purely destructive attack.
• 2014 - Sony Pictures Hack: North Korea allegedly hacked Sony over a film, an attack that served as a clear example of cyber power being used as a political tool against a private company, leaking sensitive corporate data and causing significant reputational damage.
• 2015 - Ukrainian Power Grid Attack: For the first time, a cyberattack successfully took down a nation's power grid. Russia-linked hackers caused widespread power outages in Ukraine, with a direct impact on civilians.
• 2016 - U.S. Election Interference: Russian hackers stole and leaked emails while spreading disinformation across social media, conducting a broad campaign intended to influence democratic processes.
• 2017 - NotPetya: What began as a targeted Russia-linked malware attack on Ukraine quickly spread globally, causing billions of dollars in damages and revealing the devastating collateral reach of state-sponsored cyber weapons.
• 2020 - SolarWinds Hack: Russia allegedly compromised thousands of U.S. agencies and companies through a sophisticated supply chain attack that exposed deep vulnerabilities in digital infrastructure and enabled widespread espionage.
• 2021 - Colonial Pipeline Attack: A criminal group, possibly operating from Russia, disrupted U.S. fuel supplies with ransomware, demonstrating the vulnerability of critical infrastructure to actors outside of direct state control.
• 2023 - Denmark Power Grid Attack: Russia is suspected of causing outages in Denmark’s energy sector, continuing its pattern of targeting critical European infrastructure.
• 2024 - American Water Breach: A cyberattack disrupted a major U.S. water utility’s services, which further underscored the ongoing risk to essential public systems.
• June 2025 - Recent Attacks: Incidents continue to demonstrate how cyber operations are often coordinated with military campaigns, as seen in Ukraine’s attacks on Russian telecommunications and pro-Iranian hacks on Middle Eastern government websites.

Current Cyber Conflicts

Israel-Iran Cyber Conflict

In June 2025, cyber warfare between Israel and Iran intensified alongside physical strikes. Israel has disrupted Iranian financial systems, with groups like Predatory Sparrow allegedly stealing $90 million from Nobitex, Iran’s largest cryptocurrency exchange. Iran’s response includes hacktivist-driven attacks, such as false missile alerts and TV broadcast hacks, aiming to create panic. A cybersecurity firm reported a 700% increase in Iranian cyber attacks on Israeli targets since a specific escalation, though many were thwarted.

On June 11, 2025, the Fatemiyoun Cyber Team, suspected to be IRGC-linked, claimed responsibility for attacks on government websites in Jordan and Kuwait, aligning with Iran’s strategy to target U.S. and Israeli allies. Furthermore, Iran’s APT35 group has targeted Israeli tech professionals with AI-driven phishing campaigns, using fake Gmail pages to bypass security. U.S. authorities warn that pro-Iranian hacktivists are also expected to launch low-level attacks on U.S. networks, raising concerns about broader regional impacts.

Russia-Ukraine Cyber Conflict

Russia’s cyber operations against Ukraine remain relentless, with 4,315 attacks in 2024 targeting critical infrastructure. In June 2025, Russian military intelligence used new malware against Ukrainian state agencies, leveraging social engineering via Signal chats. Russia is also likely targeting European infrastructure ahead of the 2025 NATO Summit, employing a hybrid strategy of digital and physical tactics.

Ukraine has responded aggressively. On June 8, 2025, its intelligence directorate (HUR) shut down Russian Railways’ website, and on June 12, it targeted Orion Telecom, disconnecting a Russian uranium mining city and erasing 370 servers. Another Ukrainian cyberattack hit Tupolev, Russia’s major aircraft manufacturer, compromising its systems. A growing Russia-Iran cyber alliance, potentially sharing malware and drone technology, raises fears of a broader anti-Western cyber threat.

The Role of Hacktivists

Around 83 hacktivist groups are active in 2025, amplifying state goals through DDoS attacks, data leaks, and disinformation. Pro-Iranian groups like Fatemiyoun Cyber Team target Israeli and allied systems, while Anonymous and others hit Russian infrastructure, aligning with Western interests. These decentralized actions add unpredictability and allow states to pursue aggressive cyber strategies with plausible deniability, complicating defense and attribution efforts. An X post on June 11, 2025, for example, noted massive attacks on Saudi government websites, likely by pro-Iranian hacktivists.

Cybercrime and State-Sponsored Overlap

The line between state-sponsored attacks and cybercrime is fading. Nations appear to leverage criminal groups as proxies, providing tools and protection for attacks that serve geopolitical goals. Iran-linked ransomware attacks on U.S. water utilities in 2023, for instance, generated revenue while disrupting services, aligning with anti-Western objectives. This overlap, seen with groups like FunkSec and KillSec using AI-driven tools, makes it harder to trace and counter threats, as hacktivist, state, and financial motives become increasingly intertwined.

Technology’s Role in Cyber Warfare

The U.S.-China AI race is reshaping cyber warfare. China’s projected 700 billion yuan AI investment in 2025 fuels advanced attacks, while the U.S. aims to restrict Chinese AI in government systems. AI enables automated hacking and convincing deepfakes, as seen in Russia's campaigns against Ukraine, while the proliferation of IoT devices expands vulnerabilities. The 2023 Chinese balloon incident, which collected signals intelligence, highlights the fusion of cyber and physical espionage.

Critical Infrastructure at Risk

Critical infrastructure remains a prime target, with over 57% of 2024’s cyberattacks hitting energy, water, and transportation systems. Recent incidents include the 2024 American Water breach and a June 26, 2025, attack on Hawaiian Airlines’ IT systems. Concerns are also rising over the security of space infrastructure, with a recent report noting NASA’s inadequate cyber risk practices. These attacks disrupt essential services, erode public trust, and exploit outdated OT/ICS systems.

Final Thoughts

As of June 2025, cyber warfare is a critical dimension of global conflicts. The fusion of state-sponsored attacks, hacktivist campaigns, and cybercrime, all amplified by the U.S.-China AI race, has created a complex and dangerous threat landscape. By learning from past attacks and addressing current challenges with robust, technologically advanced defenses, we can better prepare for this hidden battlefront. The stakes—economic stability, public trust, and national security—are as high as those in the physical conflicts dominating headlines.

We are living through an era where cyber warfare is not an adjunct to conventional war—it is a co-equal domain. Yet media coverage and political attention remain disproportionately focused on the kinetic, the visible, the explosive.

This imbalance conceals the scale and stakes of the digital war now underway. It distracts from the systemic erosion of trust, the fragility of critical infrastructure, and the increasingly blurred line between protest, espionage, and economic warfare.

The unseen war isn’t coming—it’s here. And it’s not silent. We’re just not listening carefully enough.
To view more insights from Cobalt, the Cobalt Core, or our elite pentester community, visit our resource library.