A hacking group that first emerged shortly after the Oct. 7 massacre by Hamas and is believed to be backed by Iran has stolen the classified details of 36 joint military projects between Australia and Israel.
The compromised data includes 3D renderings and technical details of the $7 billion Redback infantry fighting vehicle project.
Although the vehicles are produced by the South Korean firm Hanwha Defence, the incorporation of Israeli technology meant the documents were accessed when the Cyber Toufan group undertook the hack.
Among the systems integrated onto the platform are Israeli-made turrets and gunner sights, sensors, an Iron Fist active protection system, an Iron Vision advanced situational awareness helmet-mounted display system, and an Iron Beam laser-warning system.
The hack began with a sophisticated operation targeting Israeli defence contractor Maya.
The hackers claim to have spent 18 months in the system and have released not only documents but also still images captured from internal CCTV systems of meeting rooms and workshops across multiple sites.
From Maya, they were then able to access the systems of several other Israeli weapons manufacturers, including Elbit Systems (which makes the Redback’s turrets) and Rafael Advanced Defence Systems (which makes the helmet-mounted displays and Iron Beam laser defence system).
Aside from the Redback project, Cyber Toufan also appears to have highly sensitive data on other advanced military systems, including David’s Sling missile interceptors, Ice Breaker missile, Spike NLOS (non-line-of-sight) anti-tank missiles, Elbit’s Hermes 900 storage container, ROEM self-propelled howitzer, the Crossbow turreted mortar system, and multiple drone and missile programmes.
The Australian Defence Force (ADF) is reportedly considering purchasing Rafael’s Spike anti-tank missiles.
The group also released hundreds of photos of Israeli defence contractor employees.
“Through the systems, we have breached Elbit and Rafael’s,” the group said. “Their phones, printers, routers, and cameras as well. We have recorded your meetings with sound and video for over a year. This is just the beginning with Maya!”
Who Is This Group?
Israeli cybersecurity firm OP Innovate released a report on Cyber Toufan earlier this year, stating that it has a “clear focus on entities tied to Israel’s economy and security.”It targets government contractors, tech firms, infrastructure providers, and international companies doing business in Israel, and “appears to exploit default or previously leaked credentials associated with [a third party] service provider’s configurations—gaining access not by breaking in, but by walking through an unlocked door.”
Tightening Security
The Redback project is planned to deliver 129 next-generation combat vehicles to the Australian Army, with construction taking place in Geelong, southwest of Melbourne.
Defence Industry Minister Pat Conroy, who announced the project last week, defended Elbit’s role despite the government’s criticism of Israel’s actions in Gaza.
“We make no apology for getting the best possible equipment for the Australian Defence Force,” he said.
The Australian Signals Directorate warned in its 2025 Cyber Threat Report that government and military data remain key targets for state-sponsored actors.
It is being reported that Australia has begun tightening restrictions on sensitive military data, with a new condition introduced under the Defence Export Controls (DEC)—which are used to assess permit applications to export military or dual-use items overseas—preventing licence holders from sending “approved goods” to Israel.The Department of Defence is declining to comment, citing national security and commercial in-confidence reasons.
