At a Glance
  • Israeli intelligence hacked Tehran’s traffic camera network to track the Supreme Leader’s movements for months.
  • The surveillance grid relies heavily on hardware from Chinese manufacturers Hikvision and Dahua.
  • The CIA supported the operation by mapping high-value targets across the capital before the strikes.

The strike on Iran’s Supreme Leader was made possible by exploiting the country’s national traffic surveillance system.

The Digital Kill Chain

Israeli intelligence successfully accessed Tehran’s municipal traffic camera network to build a persistent kill chain Financial Times.

Abstract digital data visualization.
The abstract pattern of this textile mirrors the complex digital surveillance networks used to track targets across Tehran. · Photo by Claudio Schwarz on Unsplash

This access allowed operators to track specific vehicle movements in real-time across the capital. The intelligence gathering effort was supported by the CIA, which had been mapping the Supreme Leader’s locations for months CBS News.

By combining digital surveillance with human intelligence, the strike teams synchronized their window of opportunity. The operation represents a shift in how modern states use civilian infrastructure for targeted lethal action Chatham House. The sources reviewed for this piece do not include a direct Iranian rebuttal or official government statement regarding the specific technical mechanics of the breach.

The Surveillance Infrastructure

Tehran’s security grid is built largely on hardware supplied by Chinese companies including Hikvision, Dahua, and Tiandy The Guardian / Tehran Bureau.

Close up of a security camera on a city street.
A wall-mounted security camera overlooks a Tehran street, highlighting the city’s reliance on vulnerable, mass-produced Chinese surveillance hardware. · Photo by Chris Kursikowski on Unsplash

These systems are designed for traffic management and public security. Their widespread integration provided a centralized point of failure for Iranian authorities.

Cybersecurity researchers have long noted the vulnerability of these mass-market surveillance tools CSIS. The breach demonstrates how off-the-shelf technology can be repurposed for high-stakes intelligence operations Bellingcat. While international observers analyze these technical failures, Iranian state media has maintained a focus on broader regional tensions rather than addressing the specific surveillance vulnerabilities cited by Western intelligence analysts.

The Broader Conflict

The strike is part of the ongoing 2026 Israeli-United States conflict with Tehran ISW.

Previous operations, such as Stuxnet and the assassination of Mohsen Fakhrizadeh, established the precedent for surgical strikes against the Iranian state Wikipedia. The use of compromised technology echoes the tactics seen in the 2024 pager explosions.

The target was identified by the cameras he installed to protect himself. The network meant to secure the regime became the mechanism of its vulnerability.