1 min read

Iranian State Hackers Are Targeting Security Cameras Across the Middle East

Canopy Security
Security cameras in Tehran targeted by Iranian state hackers for military surveillance and targeting

Check Point Research disclosed on Wednesday that hundreds of hacking attempts targeting consumer-grade security cameras in the Middle East appear to have been timed to coincide with Iran's recent missile and drone strikes on Israel, Qatar, and Cyprus, with attacks attributed to a group previously linked to Iranian intelligence. The campaign mirrors tactics used by Russia in Ukraine, where military forces on both sides have exploited insecure IP cameras for battle damage assessment and targeting reconnaissance. Ars Technica reports Israel separately leveraged Tehran's traffic camera network — in partnership with the CIA — to help target the airstrike that killed Ayatollah Khamenei, highlighting the growing military role of civilian surveillance infrastructure.

Key Takeaways

  • Check Point Research tracked hundreds of camera-hijacking attempts in the Middle East timed to Iran's March 2026 strikes; attacker group has prior attribution to Iranian intelligence services
  • Hikvision and Dahua cameras are the primary targets; both vendors have had CVEs actively exploited in prior nation-state campaigns (e.g. CVE-2021-36260, CVE-2022-30563)
  • Israel used nearly all of Tehran's traffic cameras via CIA collaboration for kinetic targeting; Ukraine and Russia have both weaponized civilian IP cameras for surveillance and strike guidance

Original source: Ars Technica / Wired / Check Point