top of page

Global Rise in Cyber-Enabled Kinetic Targeting

  • Nov 20, 2025
  • 2 min read

Key Findings


  • Nation-states are increasingly using cyber operations to enable and amplify the impact of kinetic military operations

  • The boundaries between cyberattacks and physical, real-world attacks are blurring quickly

  • Cyber-enabled kinetic targeting employs advanced tactics like compromising CCTV systems, maritime platforms, and accessing real-time data streams

  • This represents a fundamental evolution in warfare, where the traditional boundaries between cyber and kinetic operations are dissolving


Background


  • Governments have traditionally treated digital and physical security as separate domains, but this separation is now seen as artificial and detrimental

  • Nation-state actors are recognizing the force multiplier effect of combining digital reconnaissance with physical attacks

  • Countries with advanced cyber capabilities and military strength are most likely to succeed at cyber-enabled kinetic targeting


Case Study: Iran-linked APT Imperial Kitten


  • In December 2021, the group breached a vessel's Automatic Identification System (AIS) platform

  • By August 2022, they had expanded their campaign, accessing onboard CCTV for real-time intelligence

  • On January 27, 2024, they searched for AIS data on a specific ship, marking a shift to targeted tracking

  • Days later, on February 1, 2024, Houthi forces launched a missile strike on that same vessel


Case Study: Iran-linked APT MuddyWater


  • On May 13, 2025, the group set up servers for its campaign

  • By June 17, it accessed another compromised server streaming live CCTV feeds from Jerusalem

  • On June 23, Iran launched missile strikes on the city, while Israeli officials confirmed attackers used hacked cameras to adjust targeting


Implications and Recommendations


  • Cyber-enabled kinetic targeting represents a fundamental evolution in warfare, requiring a new approach to security

  • Traditional cybersecurity frameworks must be expanded to consider the integration of digital and physical threats

  • Threat intelligence sharing across the private sector and government is crucial to address this complex challenge

  • Defenders must consider how compromised systems might be used to support physical attacks and recognize their potential value as targeting aids


Sources


  • https://cyberscoop.com/amazon-cyber-enabled-kinetic-targeting/

  • https://securityaffairs.com/184862/apt/cyber-enabled-kinetic-targeting-iran-linked-actor-uses-cyber-operations-to-support-physical-attacks.html

  • https://x.com/StopMalvertisin/status/1991212423580180764

  • https://x.com/fridaysecurity/status/1991210933343899663

Recent Posts

See All
Defeating AI with AI

Key Findings Generative AI and agentic AI are increasingly used by threat actors to conduct faster and more targeted attacks. One capability that AI improves for threat actors is the ability to profil

 
 
 

Comments


  • Youtube

© 2025 by Explain IT Again. Powered and secured by Wix

bottom of page