1. Summary: JaFaJ intelligence assets in Lebanon have confirmed that the Iran-backed and controlled Hezbollah terror group will be launching massive cyber attacks on banks in selected and targeted Gulf states. The attacks have already been commissioned by the Iranian intelligence and handed down to Hezbollah, Iran’s proxy in Lebanon. The attacks have a purpose: to wreak havoc across the banking systems of certain Arab Gulf countries, with a focus being countries opposed to Iran and their actions. JaFaj sources have clearly stated that the focus is on both Saudi Arabia and the United Arab Emirates (UAE). The attacks are designed to disrupt their financial systems as well as steal significant financial information on governments, officials, and other individuals of interest to Iran. Knowing full well that they will be blamed, Iran has taken precautions to ensure that the criminal attacks cannot be “traced back to them,” as a result, they can not be held criminally liable.
An Imminent Attack, Soon
——————————–
2. JaFaJ has confirmed that Hezbollah’s leadership in Lebanon has received orders to undertake a long-planned cyber-attack on Saudi and UAE banking organizations. Although the specific date(s) remain a secret, the sources have told JaFaJ that a “window of opportunity has been given to Hezbollah by Iran to launch the cyber-attacks. The attacks will take place in Lebanon, using Hezbollah’s talented cyber terrorists, as well as cyber experts positioned in Lebanon and working for the Iranian Intelligence Service”. Iran believes that by using this ‘buffer’, they will effectively stem anyone’s attempt to trace the attacks back to them. Iran apparently hopes that the “blame” will fall on criminal organizations operating within Lebanon.
3. JaFaJ intelligence sources are reporting that the window for carrying out the attacks is between “the last week of April and the first week in July”. The sources could not explain why those dates were chosen and so far apart. Even so, they have confirmed that “The war in Ukraine has forced the Iranians to act and act fast”. The source added that “They are afraid that the Ukrainian war will only weaken their position because the Russians are clearly challenging the Biden administration”. [COMMENT: In the Middle East, the Biden administration is perceived as very sympathetic with Iran and therefore, any signs of this administration’s weakness are considered gain by Arab Sunni states and a loss to Iran. END COMMENT]
An Intelligence Gathering Hit, Not Just a Heist
————————————————————-
4. A Western intelligence source operating in Saudi Arabia, UAE, and Bahrain, has confirmed that “This is all expected from Iran, and that it’s nothing new”. The source added that “Iran’s cyber intelligence operatives and assets have been launching several similar attacks on a systematic scale for years, but none of them has ever been at this level.” The source then went on to say that the Saudis and Emirates already know about this, and have been warned [that] this will be a major intelligence operation, not just sabotage or a cyber hit”.
5. The JaFaJ source then warned that the upcoming “attack was unique in the sense that It will be quick, smooth, and grand, and that they will be hitting several banks at the same time.” The source then clearly said that their main purpose is not money, rather they want to cause confusion, concern and steal massive amounts of information and sensitive records, including who owns what, and how much. Their main target is royal family members, government officials, government-owned companies and businessmen close to the governments”.
For the Iranians, It Won’t be a Walk at the Park
—————————————————————
6. An intelligence officer in a mid-ranking leadership position from an Arab Gulf state reported to JaFaJ: “We have been expecting such attacks for the past two years, and now that Iran is economically squeezed and her people turning against the government due to dire economic conditions, we are expecting knee jerk reactions.” The source added that “We have our cyber security teams and so does our Arab Gulf brothers, and that most of our boys have been trained and educated by experts in the CIA, FBI, MI6, and Europe. On top of that, we have also recruited some of the best American and Israeli experts in the field to work for us, as well as many very talented Palestinians from Jordan”. Confidently he added: “You must understand, Iran has been trying for a decade to launch cyberattacks on our oil facilities and delivery chain, not one time have they been successful because we have invested so much in security system(s), therefore, we are not concerned about this new threat”, “Let the Iranians bring it on”.
7. Comment: Iran’s cyber-terrorist groups are considered to be the cream-of-the-crop. Trained by cyber war experts from Russia and North Korea. As a result, the Iranian cyber fighters are highly skilled and considered to be the same caliber as their Western counterparts. While the anticipated attacks are reported to be “very likely” by our intelligence assets, the Saudis and the UAE have cultivated and developed their own experts over the past two decades. Additionally, they have enlisted the best help in the world for their cyber security including American, British and Israeli companies. As a result, Iran’s ability to wreak havoc and steal funds from Saudi and UAE banks as low as the likelihood of Iran stealing funds from American banks. Nonetheless, Iran will be carrying out the anticipated cyber-attacks as an act of war. As a result, it would be unwise for either Saudi Arabia or UAE to downplay the seriousness of this threat or the probability of those attacks happening.
The Target List
——————-
8. Intelligence sources in the Arab Gulf states, Lebanon and Jordan have confirmed to JaFaJ that the list of targets for the Lebanese and Iranian cyberterrorists is limited. “They are aiming for surgical and effective attacks at certain financial organizations; therefore, their hit list is small”. The sources confirmed that in Saudi Arabia, there are 2 targeted financial institutions, including one known to be very close to the Government of Saudi Arabia (GOSA) operations.
9. As for the most likely UAE targets, JaFaJ sources have confirmed that the major focus is on one major bank, and that bank “happens to be one of the largest in the country”. A second unidentified bank is a secondary asset, and “will most likely be a Saudi Bank operating in Dubai”.
Conclusion
—————-
10. On the world stage, the Government of Iran (GOI) is threatened by Russia’s current Ukrainian operations because they have weakened the Biden administration, an administration that the GOI views as a “de facto ally”. Furthermore, the GOI may be afraid that the Ukrainian crisis has propelled Russia into position as a USA rival, hence, restoring bipolarity in the Middle East. This, along with the economic pressure and constant public unrest in Iran, have pushed the GOI against the wall, forcing them to take desperate measures. One of the top desperate measures the GOI has developed is the use of cyber-attacks directed towards Arab Gulf financial institutions. Even with a list and plan in place, it will not be an easy task for the Iranians and their Lebanese offshoots, Hezbollah, because the Saudis, UAE and other regional leaders are well-prepared for any and all of the GOI’s activity. It is important to note here that although financial and economic damage can be substantial, the GOI and her supporters are becoming more and more frustrated and desperate by the challenges they face as Russian policy and military strength take center stage.