LevelBlue SpiderLabs Breaks Down the Role of Cyber Operations Taken in the Iran Crisis

LevelBlue SpiderLabs reports that the February 28, 2026 US-Israeli cyber-kinetic campaign (Operation Epic Fury) produced a near-total Iranian internet blackout and precipitated a rapid, large-scale cyber conflict: Iranian APTs (MuddyWater, Charming Kitten/APT42, OilRig/APT34, Elfin/APT33, etc.) and numerous hacktivist proxies launched espionage, DDoS, wiper, and hack-and-leak operations against US, Israeli, Gulf, and regional targets; the report includes observed TTPs, malware families (Shamoon/IOCONTROL/Tickler), IoCs, MITRE mappings, detection queries, and prioritized mitigations for OT/ICS and cloud environments.