91³Ô¹ÏÍø

Watch CBS News
World

Iran says major U.S. tech firms are targets in the Middle East, with drone and cyberattacks already underway

By
Emmet Lyons
Emmet Lyons
Producer
Emmet Lyons is a news desk editor at the CBS News London bureau, coordinating and producing stories for all CBS News platforms. Prior to joining CBS News, Emmet worked as a producer at CNN for four years.
Read Full Bio
Emmet Lyons

/ CBS News

Iran has listed a number of major U.S. tech companies as potential targets as it expands its attacks across the Middle East in retaliation for the ongoing U.S. and Israeli attacks on its military and security forces and leadership.

Iran's semi-official Tasnim News Agency, which is linked to the country's powerful Islamic Revolutionary Guard Corps, published a list of major U.S. tech companies in on Tuesday, which included Amazon, Microsoft, Palantir, and Oracle, with the caption: "Enemy's technological infrastructure: Iran's new goals in the region."

Iranian drone strikes have already damaged data centers in the region, hitting Amazon facilities in two countries last week.

The list published by Tasnim was accompanied by a threat that, "with the expansion of regional war dimensions into infrastructure, cyberwarfare, and scope, Iran's legitimate targets are gradually expanding."

The companies named by Iran have offices, research and development centers, data centers and cloud infrastructure across the Middle East, including in the United Arab Emirates, Israel and Bahrain. 

CBS News has requested comment from the companies named by Tasnim about any steps they're taking to protect staff and interests in the region.

White House Deputy Press Secretary Anna Kelly told CBS News Thursday that "The United States has been prepared for Operation Epic Fury for some time, and we are aware of all potential Iranian targets."

"As it stands, the terrorist Iranian regime is getting absolutely crushed. The United States is meeting or exceeding all of its benchmarks — Iranian ballistic missile attacks are down by 90 percent, and drone attacks are down by 83 percent," Kelly said. 

Last week, Amazon Web Services, the company's cloud platform, said Iranian drone strikes had damaged two of its facilities in the UAE, while another drone landed in close proximity to its facility in Bahrain, damaging some of its infrastructure.

"These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage. We are working closely with local authorities and prioritizing the safety of our personnel throughout our recovery efforts," .

On Wednesday, U.S. medical technology giant Stryker that it had been hit by a cyberattack that caused a temporary "global network disruption to our Microsoft environment."

The company said Thursday that it had "no indication of malware or ransomware and we believe the situation is contained to our internal Microsoft environment only."

The Wall Street Journal reported Wednesday that the logo of Handala, a hacking group linked to Iran, had appeared on Stryker's login pages.

Brian Krebs, a cybersecurity analyst, said in a blog post Wednesday that the hacking group had acknowledged responsibility for the attack in social media posts, which he said had been removed from Telegram.

"Our major cyber operation has been executed with complete success," the group's post said, according to Krebs.

Chris Krebs, a former United States Director of the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security, told CBS Mornings that the ties between the group and Iran are "blurry."

"What is significant about where we are at this moment is that it's almost an all hands on deck approach by Iran. All of their groups, whether they're directly related to the military or intelligence or their proxies, hacktivists, sympathizers, whatever you want to call them, they are all going for targets," Krebs told CBS Mornings Thursday. 

In a made Wednesday with the U.S. Securities and Exchange Commission, Stryker said an investigation into the incident was ongoing and that the "operational and financial impacts of the incident are not yet known."

The cybersecurity firm Palo Alto Networks says in its profile of Handala that the group is directly linked to Iran's Ministry of Intelligence and Security, and that it conducts "cyber operations against the Israeli political and defense establishment."

CBS News' partner network BBC News reported last week that tech giants Amazon, Google, Snap and Nvidia were among many U.S. firms that have implemented emergency protocols to protect the safety of thousands of workers across the Middle East.

In:

© 2026 91³Ô¹ÏÍø. All Rights Reserved.

View CBS News In
CBS News App Open
Chrome Safari Continue
const link = doc.createElement('link'); link.rel = 'stylesheet'; link.href = '/fly/fly/bundles/cbsnewscontent/css/cmp-banner.min.css?v=296763317a51cab90faa73f1bb146d5c'; doc.head.appendChild(link); doc.body.innerHTML = CONSENT_MESSAGE; } else { el.insertAdjacentHTML('afterend', CONSENT_MESSAGE); } }); } function hidePrivacyMessage() { // Remove from the main document document.querySelectorAll(`.${CONSENT_MESSAGE_CLASS}`).forEach(el => el.remove()); // Remove from inside any iframes document.querySelectorAll('iframe').forEach(iframe => { const doc = iframe.contentDocument || iframe.contentWindow.document; doc.querySelectorAll(`.${CONSENT_MESSAGE_CLASS}`).forEach(el => el.remove()); }); } function activateGatedScripts() { // Handle both new format (cmp-gated-script) and old OneTrust/Ketch format (optanon-category-4) const gatedScripts = Array.from(document.querySelectorAll('script.cmp-gated-script, script.optanon-category-4')); // Activate scripts sequentially with a small delay to avoid timing issues let delay = 0; gatedScripts.forEach(function(placeholder, index) { setTimeout(function() { // Skip if already processed if (placeholder.hasAttribute('data-cmp-processed')) { return; } placeholder.setAttribute('data-cmp-processed', 'true'); const newScript = document.createElement('script'); newScript.type = 'text/javascript'; // Try new format first (data-cmp-src), then fall back to old format (data-src) const src = placeholder.getAttribute('data-cmp-src') || placeholder.getAttribute('data-src'); if (src) { newScript.src = src; } else if (placeholder.textContent) { // Inline script - just copy the content newScript.textContent = placeholder.textContent; } // Handle new format attributes (data-cmp-attrs) - for both inline and external scripts const attrs = placeholder.getAttribute('data-cmp-attrs'); if (attrs) { const tempDiv = document.createElement('div'); tempDiv.innerHTML = '
<\/div>'; const tempAttrs = tempDiv.firstChild.attributes; for (let i = 0; i < tempAttrs.length; i++) { // For external scripts, allow defer/async. For inline scripts, skip them (not valid) if (src || (tempAttrs[i].name !== 'async' && tempAttrs[i].name !== 'defer')) { newScript.setAttribute(tempAttrs[i].name, tempAttrs[i].value); } } } // Copy other attributes from old OneTrust format for (let i = 0; i < placeholder.attributes.length; i++) { const attr = placeholder.attributes[i]; // Skip attributes we've already handled or don't want to copy if (!['class', 'data-src', 'data-type', 'data-cmp-src', 'data-cmp-attrs', 'data-cmp-processed', 'type', 'async', 'defer', 'src'].includes(attr.name)) { newScript.setAttribute(attr.name, attr.value); } } placeholder.parentNode.replaceChild(newScript, placeholder); // If external script, manually trigger window.onload handlers after it loads // This handles widgets that use window.onload for initialization if (src) { newScript.addEventListener('load', function() { // If page already loaded and script set a new onload handler, trigger it if (document.readyState === 'complete' && window.onload) { const originalOnload = window.onload; window.onload = null; // Clear temporarily to prevent loops originalOnload(); // Execute the handler } }); } }, delay); delay += 500; // 500ms delay between each script to allow full loading }); } cbsoptanon.onScriptsReady(function(cmp) { cmp.ot.targetingAllowed(function(allowed) { if (!allowed) { showPrivacyMessage(); } else { activateGatedScripts(); } }); cmp.ot.awaitInitialConsent(function(consent_model) { cmp.ot.addOnConsentChangedHandler(function() { cmp.ot.targetingAllowed(function(allowed) { if (allowed) { hidePrivacyMessage(); activateGatedScripts(); } else { showPrivacyMessage(); } }); }); }); });