Israel & Iran Locked In Cyber Conflict

Millions of people in Iran and Israel have found themselves in the crossfire as a result of the cyber conflict between their countries.

The shadow war between Israel and Iran is increasingly being fought in cyberspace and civilians are the latest targets in this long-running conflict. 

Where once only so-called hard targets, like weapons systems and critical infrastructure, would be regarded as fair game, now small businesses and even members of the public are finding themselves at risk.

Currently Israelis are assessing the wreckage after attacks by a suspected Iranian-linked hackers group Black Shadow on a medical institute which compromised  nearly thousands of patients medical files and Black Shadow also hacked a dating website that meant the leaking of tens of thousands of Israelis private data.

The exchange points to a new trend of targeting civilians and the two attacks appear to be the first that caused widespread harm to civilians, auguring an escalation in the cyber conflict as softer targets are drawn into the line of fire. “Black Shadow is a cover for an Iranian attack group which operates under a criminal cover,” Harel Menashri, an official with Israel’s internal security service Shin Bet, told the Kan television network. “Iran works through the cyber systems from a strategic point of view - to damage Israel’s financial and intelligence sectors.”

Iran-Israel cyber war has been going strong since at least April 2020. This comes on the heels of a recent cyber attack that disrupted people from purchasing  petrol at approximately 4,300 stations in Iran. The attack incapacitated a system used by Iranians to purchase gas at a subsidised rate, taking approximately 12 days before operations were fully restored. Iran as well as at least two US defense officials have pointed to Israel’s culpability in the attack.

In the past several months, those strikes have escalated. Fuel supply systems, railway controls, and an airline in Iran have all faced attacks. At the same time, hackers have posted the personal information of a million Israeli LGBTQ dating app users, and exposed certain details about the Israeli army. 

The high-profile hacks on Iranian infrastructure have been wide-ranging in their targets and attributed to both state-sponsored actors and independent hacking groups. But they have one thing in common: They’ve caused chaos and confusion for ordinary people and businesses in the country. Moreover, the offensive cyber warfare that Israel is encouraging attests to the fact that it is finding it difficult to understand the codes that guide the Iranian leadership. 

Israel  has  experienced cyber security failures in protecting its own facilities, while Iran has been retaliating, targeting Israeli targets. Iranian actors are alleged to have conducted attacks against Israeli water distribution plants that attempted to modify chlorine levels in the water supplied to Israeli homes.

While the two countries have engaged one another covertly in air, land, sea, and cyberspace, for the past year both have appeared to move away from traditional symbols of state power such as military sites, individuals of interest, or government facilities, to civilian infrastructure. A closer look at this new type of Israeli-Iranian exchange suggests that cyber warfare is maturing into a new phase, where new rules of engagement and deterrence are in the process of being established.

The intent of these attacks is quite clear: to inflict pain on the civilian communities in their respective countries in a show that neither government can protect them.

Whether one thinks of climate change, international terrorism, or cyber threats, all such challenging contemporary phenomena necessitate a framework for international co-operation. Even as cyber warfare becomes more established and moves into the public view, it is still an uncontrolled realm. There are no hard international rules resembling the accepted conventions of armed conflict. This leaves state actors to push boundaries, with dangerous margins for error.

Oodaloop:     Haaretz:      NYT:       Wired:       Foreign Policy:     CCDOOE / NATO   

Independent:       ArabNews:       BDNews:     Times Of Israel

You Might Also Read: 

Cyber Warfare Is The New Frontier:

 

« Best Programming Languages For Cyber Security In 2022
Volvo Falls Victim To Hackers »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Vanguard Integrity Professionals

Vanguard Integrity Professionals

Vanguard Integrity Professionals is an independent provider of enterprise security software solutions that address complex security and regulatory compliance challenges.

Bundesdruckerei

Bundesdruckerei

Bundesdruckerei specializes in secure identity technologies and services for protecting sensitive data, communications and infrastructures.

GreatHorn

GreatHorn

GreatHorn offers the only cloud-native security platform that stops targeted social engineering and phishing attacks on communication tools like O365, G Suite, and Slack.

Georgia Cyber Center

Georgia Cyber Center

Georgia Cyber Center is dedicated to training the next generation of professionals through education and real-world practice while also supporting innovation in new technologies for online defenses.

HCC Embedded

HCC Embedded

HCC’s mission is to ensure that data stored or communicated by an embedded IoT application is secure, safe and reliable.

Greensafe IT

Greensafe IT

Greensafe offer various onsite and offsite data erasure services, aimed at increasing data security whilst reducing any risk of data loss during transit.

Darkbeam

Darkbeam

Darkbeam provides a unified solution to protect against security, brand and compliance risks across your digital infrastructure.

TransUnion

TransUnion

TransUnion is a global information and insights company that makes it possible for businesses and consumers to transact with confidence.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

Telesign

Telesign

Telesign connect, protect, and defend online experiences with sophisticated digital identity and programmable communications solutions.

DEKRA

DEKRA

DEKRA’s promise is to ensure the safety of human interaction with technology and the environment.

Exiger

Exiger

Exiger is revolutionizing the way corporations, government agencies and banks navigate risk and compliance in their third-parties, supply chains and customers.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.

LetsData

LetsData

LetsData uses AI to provide governments, intergovernmental organizations, civil society, and businesses with data-empowered decisions on communication in the age of online disinformation.

Offenso Hackers Academy

Offenso Hackers Academy

At Offenso we focus on cyber security training focused on producing cyber security professionals with a wide range of abilities to counter threats from the internet and cloud to a business.

StackGen

StackGen

StackGen (formerly appCD) automatically generates Infrastructure from Code (IfC) based on application code with golden standards applied.