Israel & Iran Locked In Cyber Conflict

Uploaded on 2021-12-13 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE-Hot Spots-Iran

Millions of people in Iran and Israel have found themselves in the crossfire as a result of the cyber conflict between their countries.

The shadow war between Israel and Iran is increasingly being fought in cyberspace and civilians are the latest targets in this long-running conflict. 

Where once only so-called hard targets, like weapons systems and critical infrastructure, would be regarded as fair game, now small businesses and even members of the public are finding themselves at risk.

Currently Israelis are assessing the wreckage after attacks by a suspected Iranian-linked hackers group Black Shadow on a medical institute which compromised  nearly thousands of patients medical files and Black Shadow also hacked a dating website that meant the leaking of tens of thousands of Israelis private data.

The exchange points to a new trend of targeting civilians and the two attacks appear to be the first that caused widespread harm to civilians, auguring an escalation in the cyber conflict as softer targets are drawn into the line of fire. “Black Shadow is a cover for an Iranian attack group which operates under a criminal cover,” Harel Menashri, an official with Israel’s internal security service Shin Bet, told the Kan television network. “Iran works through the cyber systems from a strategic point of view - to damage Israel’s financial and intelligence sectors.”

Iran-Israel cyber war has been going strong since at least April 2020. This comes on the heels of a recent cyber attack that disrupted people from purchasing  petrol at approximately 4,300 stations in Iran. The attack incapacitated a system used by Iranians to purchase gas at a subsidised rate, taking approximately 12 days before operations were fully restored. Iran as well as at least two US defense officials have pointed to Israel’s culpability in the attack.

In the past several months, those strikes have escalated. Fuel supply systems, railway controls, and an airline in Iran have all faced attacks. At the same time, hackers have posted the personal information of a million Israeli LGBTQ dating app users, and exposed certain details about the Israeli army. 

The high-profile hacks on Iranian infrastructure have been wide-ranging in their targets and attributed to both state-sponsored actors and independent hacking groups. But they have one thing in common: They’ve caused chaos and confusion for ordinary people and businesses in the country. Moreover, the offensive cyber warfare that Israel is encouraging attests to the fact that it is finding it difficult to understand the codes that guide the Iranian leadership. 

Israel  has  experienced cyber security failures in protecting its own facilities, while Iran has been retaliating, targeting Israeli targets. Iranian actors are alleged to have conducted attacks against Israeli water distribution plants that attempted to modify chlorine levels in the water supplied to Israeli homes.

While the two countries have engaged one another covertly in air, land, sea, and cyberspace, for the past year both have appeared to move away from traditional symbols of state power such as military sites, individuals of interest, or government facilities, to civilian infrastructure. A closer look at this new type of Israeli-Iranian exchange suggests that cyber warfare is maturing into a new phase, where new rules of engagement and deterrence are in the process of being established.

The intent of these attacks is quite clear: to inflict pain on the civilian communities in their respective countries in a show that neither government can protect them.

Whether one thinks of climate change, international terrorism, or cyber threats, all such challenging contemporary phenomena necessitate a framework for international co-operation. Even as cyber warfare becomes more established and moves into the public view, it is still an uncontrolled realm. There are no hard international rules resembling the accepted conventions of armed conflict. This leaves state actors to push boundaries, with dangerous margins for error.

Oodaloop:     Haaretz:      NYT:       Wired:       Foreign Policy:     CCDOOE / NATO   

Independent:       ArabNews:       BDNews:     Times Of Israel

You Might Also Read: 

Cyber Warfare Is The New Frontier:

 

« Best Programming Languages For Cyber Security In 2022
Volvo Falls Victim To Hackers »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

National Cybersecurity Agency (ANCS) - Tunisia

National Cybersecurity Agency (ANCS) - Tunisia

ANCS (L'Agence Nationale de la Cybersécurité) is the national cybersecurity agency for Tunisia.

Lloyd's

Lloyd's

As an insurance market, Lloyd’s can provide access to more than 65 expert cyber risk insurers in one place.

Copenhagen FinTech

Copenhagen FinTech

Copenhagen FinTech is a centre for R&D and innovation in the Danish finance IT sector. Focus areas include cyber security and payments platforms.

Cygilant

Cygilant

Cygilant is a SOC2 certified service provider that combines MSSP and Incident Detection and Response (IDR) capabilities managed by global SOCs staffed with trained security engineers.

Golden Frog

Golden Frog

Golden Frog is a Virtual Private Network services provider offering secure encrypted access to the internet.

Cequence Security

Cequence Security

Cequence, a pioneer in API security and bot management, is the only solution that delivers Unified API Protection (UAP), uniting discovery, compliance, and protection.

Threatspan

Threatspan

Threatspan is a cybersecurity firm helping shipping and maritime enterprises achieve and maintain nautical resilience in an age of increasing cyber threats.

Redstor

Redstor

Redstor's complete data management helps you discover, manage and control your data from a single control centre, unifying backup and recovery, disaster recovery, archiving and search and insight.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

Eco Recycling (Ecoreco)

Eco Recycling (Ecoreco)

Eco Recycling is India's first and leading professional E-waste Management Company that has set industry benchmarks with its innovative & environment friendly disposal practices.

Onsist

Onsist

Onsist brand protection services provide proactive defense against fraudulent use of your brand online.

Cyturus Technologies

Cyturus Technologies

Cyturus Technologies delivers cybersecurity business risk quantification services using our proprietary Adaptive Risk Model (ARM).

FPG Technologies & Solutions

FPG Technologies & Solutions

FPG Technology is a technology solutions provider and systems integrator, specializing in delivering IT Consulting, IT Security, Cloud, Mobility, Infrastructure solutions and services.

Tuta

Tuta

Tuta (formerly Tutanota) is an all-in-one email, calendar and contacts app which protects your data with full end-to-end encryption and it requires zero personal information.

Xceptional

Xceptional

Xceptional is a multi-award-winning technology services firm that celebrates the unique strengths of people with autism.

Training.com.au

Training.com.au

Training.com.au is a comparison website through which those looking to learn about different aspects of cyber security can compare learning courses from training providers from across Australia.