top of page
Search

Global Rise in Cyber-Enabled Kinetic Targeting

  • Nov 20, 2025
  • 2 min read

Key Findings


  • Nation-states are increasingly using cyber operations to enable and amplify the impact of kinetic military operations

  • The boundaries between cyberattacks and physical, real-world attacks are blurring quickly

  • Cyber-enabled kinetic targeting employs advanced tactics like compromising CCTV systems, maritime platforms, and accessing real-time data streams

  • This represents a fundamental evolution in warfare, where the traditional boundaries between cyber and kinetic operations are dissolving


Background


  • Governments have traditionally treated digital and physical security as separate domains, but this separation is now seen as artificial and detrimental

  • Nation-state actors are recognizing the force multiplier effect of combining digital reconnaissance with physical attacks

  • Countries with advanced cyber capabilities and military strength are most likely to succeed at cyber-enabled kinetic targeting


Case Study: Iran-linked APT Imperial Kitten


  • In December 2021, the group breached a vessel's Automatic Identification System (AIS) platform

  • By August 2022, they had expanded their campaign, accessing onboard CCTV for real-time intelligence

  • On January 27, 2024, they searched for AIS data on a specific ship, marking a shift to targeted tracking

  • Days later, on February 1, 2024, Houthi forces launched a missile strike on that same vessel


Case Study: Iran-linked APT MuddyWater


  • On May 13, 2025, the group set up servers for its campaign

  • By June 17, it accessed another compromised server streaming live CCTV feeds from Jerusalem

  • On June 23, Iran launched missile strikes on the city, while Israeli officials confirmed attackers used hacked cameras to adjust targeting


Implications and Recommendations


  • Cyber-enabled kinetic targeting represents a fundamental evolution in warfare, requiring a new approach to security

  • Traditional cybersecurity frameworks must be expanded to consider the integration of digital and physical threats

  • Threat intelligence sharing across the private sector and government is crucial to address this complex challenge

  • Defenders must consider how compromised systems might be used to support physical attacks and recognize their potential value as targeting aids


Sources


  • https://cyberscoop.com/amazon-cyber-enabled-kinetic-targeting/

  • https://securityaffairs.com/184862/apt/cyber-enabled-kinetic-targeting-iran-linked-actor-uses-cyber-operations-to-support-physical-attacks.html

  • https://x.com/StopMalvertisin/status/1991212423580180764

  • https://x.com/fridaysecurity/status/1991210933343899663

Recent Posts

See All

Comments

  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page