Lebanese Cedar

Lebanese Cedar, a threat actor group linked to Hezbollah, has been operating since 2012 and is known for targeting the telecommunication sector and Internet service providers across Europe, Middle East, and Africa. The group's activities were brought to light by researchers from Check Point, who noted their consistent and long-standing presence in the cybercrime landscape. Lebanese Cedar is part of the complex web of cybersecurity threats that governments and private entities face daily, demonstrating the intricate nature of these digital conflicts. The Israel National Cyber Directorate (INCD), in collaboration with the Israel Defense Forces and the Israeli Security Agency, conducted an investigation into a recent cyber attack. Their findings indicated that the attack was orchestrated by Iran's Ministry of Intelligence, with the involvement of Hezbollah’s "Lebanese Cedar" cyber unit. The operation was reportedly led by Mohammad Ali Merhi, highlighting the organized and state-supported nature of such cyber threats. In addition to this, the INCD accused Iran and the pro-Hamas group Hezbollah of attempting to disrupt operations at Ziv Hospital, although this attempt was unsuccessful. The attack was attributed to two threat actors: Agrius and Lebanese Cedar. The involvement of Lebanese Cedar in both incidents underscores its significant role in the wider context of state-sponsored cyber warfare, further emphasizing the need for robust cybersecurity measures to counter such threats.