Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific
Hackers for Hire Hit Both Sides in Israel-Hamas Conflict
DDoS for hire and live attacks hit both sides as cyber campaigns continue.
Hacktivists are trading cyberattacks on both sides of the Israel-Hamas conflict.
According to detections by ReliaQuest, several pro-Russian hacktivist groups have identified Israeli targets, and Anonymous Sudan's official Telegram channel is discussing how to undermine Israel's Iron Dome defense, a mobile air defense system that intercepts and destroys short-range rockets and artillery shells.
Anonymous Sudan also named the Israeli government in online discussions as a main target and said it had obtained unspecified "zero-day vulnerabilities from Romania" to use in anti-Israel attacks.
The AnonGhost hacktivist group said it had managed to breach the "Red Alert" app to send messages like "The Nuclear Bomb is coming" and "Death to Israel."
Chris Morgan, senior cyber threat intelligence analyst at ReliaQuest, says the discussion on Telegram channels should be taken seriously even though their users' intentions and activities are often not verified, or reflect the true nature of a group.
DDoS for Hire
The Krypton network has also offered to sell its distributed denial-of-service (DDoS) capabilities to hacktivists wishing to target Israeli organizations. Morgan says Krypton is a known DDoS-for-hire botnet that allegedly includes several features to bypass DDoS mitigation services.
"It is realistically possible that the group saw an opportunity amidst the rush to target Israel, viewing it as a chance to make additional sales," Morgan says.
However, the attacks are not all one way, as ThreatSec reportedly compromised the Palestinian Internet services provider AlfaNet, with "literally every server owned by Alfanet" shut down. The group claimed its original goal was just to get a hold of some infrastructure, but it gained full control of more than 5,000 servers in the Gaza region. Statistics show a decline in Internet connectivity in Gaza over the past few days.
Since the attacks by Hamas began, cybercrime groups have shifted their activities toward the Middle East. More than a dozen threat groups declared their intention to launch disruptive attacks against Israel, Palestine, and their supporters. The Jerusalem Post was taken down by a cyberattack this week.
Morgan says Israel is regularly targeted by cyber threats — such as when the Russia-aligned Ragnar Locker group hit the Mayanei Hayeshua Medical Center in Bnei Brak this summer — often by Iranian APTs. Additionally, hacktivist groups frequently target Israel in response to the ongoing conflict with Hamas.
Read more about:
DR Global Middle East & AfricaAbout the Author
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024