Amazon Report: Link Between Jerusalem Cameras and Iranian Missiles
Rokna Political Desk: Amazon has revealed in a report that Iran-linked hackers are conducting cyber reconnaissance operations that guide and facilitate missile attacks—an emerging method that represents a new evolution in modern warfare.
Amazon’s Threat Intelligence Unit has disclosed a new model in contemporary warfare in which Iran-affiliated hackers systematically use “cyber reconnaissance” to enable and direct physical military attacks. Researchers have described this shift as a fundamental transformation in the conduct of state-level warfare.
According to Rokna, the findings—presented on Tuesday at the “CYBERWARCON 2025” conference in Arlington, Virginia—document two specific cases in which Iranian hacking groups known as “Imperial Kitten” and “MuddyWater” infiltrated maritime systems and surveillance cameras to obtain the intelligence needed for targeting missile strikes. The study uses a new term, “cyber-enabled kinetic targeting,” to describe operations in which digital intrusion is conducted explicitly to support physical military objectives.
From Digital Surveillance to Physical Strikes
In one of the most detailed recorded cases, the group “Imperial Kitten” infiltrated a ship’s Automatic Identification System (AIS) in December 2021 and gained access to critical transportation infrastructure. In August 2022, the group expanded its reach and accessed CCTV systems inside vessels, obtaining real-time visual information.
On 27 January 2024, the group conducted targeted searches to locate AIS data for a specific vessel. The report states that only a few days later, on 1 February 2024, Houthi forces launched a missile attack on the same vessel (M/V KOI), although the attack ultimately failed. CJ Moses, Amazon’s Chief Information Security Officer, wrote in a post on Wednesday: “Although the missile attack ultimately failed, the connection between cyber reconnaissance and the physical (kinetic) attack is undeniable.”
According to Rokna, a more recent case referenced in the report concerns the “MuddyWater” group. On 13 May 2025, the group set up a server, and on 17 June used that infrastructure to infiltrate servers containing live CCTV footage from Jerusalem. Six days later, Iran carried out large-scale missile strikes against the city. According to The Record, Israeli officials confirmed that Iranian forces exploited the hacked security cameras to “collect real-time intelligence and fine-tune missile targeting.”
Send Comments