Cybersecurity Threat Advisory: Israel-Hamas Conflict Creates a Cyberattack Surge
Posted on October 19, 2023 by Jason Franks
As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.
This week there is a new critical alert that requires the mission-critical community’s immediate attention.
Advisory Overview
The recent conflict between Israel and Hamas caused a surge in cyberattacks from hacker activists, also known as “hacktivists.” These attacks have been experienced on both sides of the conflict, as well as in other nations. Common targets of these attacks have been government systems, critical infrastructure, and media outlets.
Threat Indicators
Since the escalation of the conflict, there have been many cases of cyberattacks using several different tactics. One of the most prevalent tactics has been distributed denial-of-service (DDoS) attacks. Such attacks are performed by cyberattackers seeking to disrupt a network, system, or device’s ability to provide service(s) to users, in turn impeding the organization’s ability to fulfill its mission. The main targets for these attacks have been government information technology (IT) systems, critical infrastructure (such as that found in the energy, defense, and telecommunications sectors), and media outlets.
Other attack vectors emerged through the exploitation of vulnerabilities found in various systems. This has enabled cyberattackers to steal information, deface websites, prevent services, and gain control of systems. One hacktivist group has claimed that it hacked into Red Alert, which is Israel’s missile-alert system. They’ve allegedly intercepted data and sent spam messages, and there are claims of false missile alerts sent to Red Alert users. Hacktivists also claimed to attack Alfanet, an internet service provider based in the Gaza Strip, allegedly taking control of its servers. In addition, hacktivist operations allegedly intend to attack government websites and IT systems in Israel, the United States, and India.
Why is it noteworthy?
Cyberattacks have risen throughout the conflict, including complex and sophisticated attacks against critical systems worldwide. This has been an eye-opening experience regarding the capabilities of modern-day hacktivist groups. Further, it has demonstrated that cybersecurity is an even more vital need for all public- and private-sector organizations than ever before.
What is the risk?
Many government organizations and critical infrastructure have been affected by the recent attacks. These attacks have demonstrated denial of access to assets and services, exfiltration of sensitive data, defacement of websites, and spreading of false information, panic, and much more. Outside of the conflict, these malicious actions potentially are still a threat to organizations everywhere. It is recommended that security measures are up to date and are checked consistently to ensure the best cybersecurity posture to protect your organization’s assets.
What are the recommendations?
MCP recommends the following actions to limit the impact of potential cyberattacks:
- Regularly provide security awareness training and conduct phishing simulations for employees.
- Perform vulnerability management to mitigate the attack surface of your organization.
- Audit user permissions/access to the organization’s networks and systems.
- Segment critical systems on the network away from other resources.
- Have an organized disaster-recovery plan in place to prepare for a potential cyberattack.
References
For more in-depth information about the recommendations, please visit the following links:
Topics: Cybersecurity