Morton Klein, national president of the Zionist Organization of America, had two FBI agents visit his home recently and tell him that his organization and he were among 42 listed on Iranian hit lists and cyberattack lists.

By Aaron Bandler

(July 2, 2025 / JNS) Just as Jew-hatred has spread on university campuses across the country, Iran-aligned and other antisemitic cyber criminals will target Jewish and pro-Israel entities increasingly in the coming days and months, experts told JNS.

“Iran uses cyber as one of its many tools to exert influence and to attack its enemies, and those enemies are broadly defined,” Annie Fixler, a senior fellow at the Foundation for Defense of Democracies and director of its cyber and technology innovation center, told JNS.

Those targets “range from the U.S. government to American companies to Israeli entities to Jewish organizations, both in the United States and abroad,” according to Fixler, a former senior research analyst at AIPAC. “We are likely to see increased attempts at attacks in the coming days, weeks and months to come.”

The FBI, National Security Agency, Cybersecurity and Infrastructure Security Agency and the Pentagon’s Defense Cyber Crime Center “strongly” urged organizations “ to remain vigilant for potential targeted cyber activity against U.S. critical infrastructure and other U.S. entities by Iranian-affiliated cyber actors,” in a June 30 statement.

“Despite a declared ceasefire and ongoing negotiations towards a permanent solution, Iranian-affiliated cyber actors and hacktivist groups may still conduct malicious cyber activity,” the agencies said.

They added that defense companies with “holdings or relationships with Israeli research and defense firms are at increased risk” and that “hacktivists and Iranian government-affiliated actors routinely target poorly secured U.S. networks and internet-connected devices for disruptive cyberattacks.”

In the past “several months,” cyber criminals with ties to Iran have “increasingly conducted website defacements and leaks of sensitive information exfiltrated from victims,” and they are “likely to significantly increase distributed denial of service campaigns against U.S. and Israeli websites due to recent events.”

After Oct. 7, Iran-backed cyber criminals “conducted several hack-and-leak operations to protest the conflict in Gaza,” including stealing data, the agencies said. “These operations resulted in financial losses and reputational damage for victims.”

The U.S. Department of Homeland Security stated on June 22 that the “ongoing Iran conflict is causing a heightened threat environment in the United States.”

“Low-level cyber attacks against U.S. networks by pro-Iranian hacktivists are likely, and cyber actors affiliated with the Iranian government may conduct attacks against U.S. networks,” the department said.

“Multiple recent homeland terrorist attacks have been motivated by antisemitic or anti-Israel sentiment, and the ongoing Israel-Iran conflict could contribute to U.S.-based individuals plotting additional attacks,” it stated.

Gerard Filitti, senior counsel for The Lawfare Project, told JNS that the government’s warning “highlights the ever-present potential for potential malicious cyberattacks against U.S. critical infrastructure, and organizations, by Iran-affiliated actors.”

“Since Oct. 7, we have seen a significant increase in cyberattacks targeting not just Israel, but the United States as well,” he said, “including reports of cyber-espionage activities by Iran-backed hackers targeting Jewish community entities possibly seeking to obtain financial records and internal communications.”

The “unspoken and far larger concern” than Iranian cyber threats to infrastructure and the economy is “that Iranian penetration of sensitive information—identifying, for example, employees or members of Jewish community organizations—could be the prelude to physical attack by terror cells against the Jewish community,” Filitti said.

He told JNS that such worries are “not dissimilar to concerns in previous years that hackers releasing sensitive information about American service members deployed overseas could be a prelude to attacks on their families in the homeland.”

“Vigilance is certainly warranted while the Iranian regime remains in power,” he said.

Fixler, of FDD, has seen reports of increased cyber attacks against Israeli groups but hasn’t seen anything specific about U.S. Jewish organizations.

“I would be really surprised to see numbers that didn’t increase,” she told JNS.

“You’re going to get attacks from anyone and everyone, just as we’ve seen sort of anti-Israel sentiments on college campuses increase and we’ve seen pro-Palestinian movements that have targeted Jewish organizations in vandalism or protests or things like that,” she said.

“You’re going to see the same activity online from hackers that are based in the United States, that are based in Iran, that are based in the Middle East,” she said. “The cyberspace gives them that ability to act globally.”

Personal attacks

Morton Klein, national president of the Zionist Organization of America, had two FBI agents visit his home recently and tell him that his organization and he were among 42 listed on Iranian hit lists and cyberattack lists.

“Our websites and computers have been compromised, but quickly repaired, and we’ve received threatening phone calls,” he told JNS. “These threats are not theoretical. They are real and escalating.”

ZOA and other Jewish groups lobbied Congress last week for more security funding for Jewish institutions and communities across the country. “These measures are essential for our protection and preparedness in the face of such serious threats,” he told JNS.

Chuck Berkowitz, vice president of security at the Community Security Service, told JNS that “it’s more crucial than ever that we are equally diligent with our digital defenses.”

Everyone should be aware of the government’s warning and “be alert for any suspicious activity,” he said. “This isn’t about fostering fear, but promoting necessary vigilance, recognizing that our community remains a target across all domains.”

Berkowitz urged people to “always verify any suspicious request through a separate, known channel” and to use strong, unique passwords and multi-factor authentication. But that’s not enough, he said.

“Your best defense truly is your awareness and your willingness to think before you click,” he said. “Every online action has real-world security implications.”

Fixler said that Jewish organizations “should work with their local Federations and organizations that have the capabilities and the knowledge to increase their cybersecurity.”

“There’s going to be a pro-regime hacker, who doesn’t necessarily get orders from the Iranian government but is looking for some splashy target to hit to claim success,” she said. “Organizations, don’t let yourself be the low-hanging fruit.”

“Protect yourself so that a hacker looks at you and says, ‘It’s going to be too difficult for me to bother with this organization,’” she said.

Iran doesn’t tend to be seen as a major cyber crime actor like China or Russia, but “that doesn’t mean its hackers can’t cause serious damage and destruction.”

“U.S. government, American businesses, Jewish organizations need to take the threat from Iran seriously,” she said.

This article was originally published in JNS and can be viewed here.