Online Conflict In Gaza & Ukraine

As the geopolitical landscape changes, the Israeli-Palestinian conflict in Gaza has extended from the physical battleground into the digital domain of warfare. Today, the use of cyber warfare techniques has become an integral part of the ongoing tensions, adding a layer of complexity to an already intricate situation. 

Various hacktivist groups have targeted critical infrastructure, government agencies, and organizations in both Israel and Palestine. 

The attacks include Distributed Denial of Service (DDoS) attacks, defacement attacks and data breaches. As other countries take a stand on the war, the conflict has also spread beyond the immediate region, affecting several other countries. These cyber attacks have contributed to the unfolding events, adding another level of complexity to the ongoing chaos brought on by the Hamas invasion in Israel.

While many of the hacktivist groups might appear unsophisticated in carrying out their attacks, there are some involved with well developed skills. The recent situation in Palestine shares some common characteristics with the war in Ukraine where hacktivist groups have quickly chosen sides and entered the conflict conducting cyber attacks against both the primary antagonists, as well government and private sector supporters.  

There estimated to be at least100 active groups participating in the ongoing “cyber warfare” between Israel and Palestine.  About 20 groups are though to align with Israel, while 77 are supporting the Palestinian side. Some of these groups like KillNet have been engaged in the Ukraine war, demonstrating how geopolitical issues lie behind these hacking activities.  

Hacktivists on both sides have taken to social media and other channels like Telegram to support their side of the ideological struggle, recruiting others, and pushing their own narratives.

So far, the majority of these cyber attacks have been delivered in the form of Distributed Denial-of-Service (DDoS), though other forms are quickly emerging as well.  The victims of these attacks have been media, financial organisations, government, and telecommunications, most of which have a role in disseminating information to domestic and international audiences.  

War In Ukraine

In Ukraine, political and ideological motivated hacktivist activity has expanded past the two primary combatants and targeted governments and even private sector companies supporting a side.  Several hacktivist groups have conducted DDoS attacks against countries that have openly supported Israel to include France, India, Ukraine, and the United States.   

Iranian Hackers

Researchers that observed DDoS originating from Iranian IP addresses has decreased since the beginning of the conflict and one logical explanation may be that they are observing the cyber battlefield trying to see how these attacks are being detected and deflected by Israeli defenders, with the aim of applying this knowledge to future campaigns.

To date, the DDoS attacks on both sides have limited tactical or strategic impact, surprising given the importance given to protecting critical infrastructure, an established target for Iranian hackers, who have successfully disrupted water utilities in Israel.

Despite the Red Cross efforts to create a hacktivist code of conduct in cyberspace that adhere to the basic principles of international humanitarian laws when conducting operations in support of a state, many groups like KillNet have refused to comply. While they may not possess the high level capabilities of nation state hackers, they skilled enough to cause disruption to key industries.  At least, they can obtain the tools they need and collaborate with other more capable sympathisers.

 As well as DDoS exploits, there has been at least one notable incident where a pro-Palestinian group gained access to an app used by Israeli civilians to warn them of impending rocket attacks.  Once compromised, the hackers sent fake rocket alerts and even a fake nuclear launch warning.  There have been other forms of disinformation executed by hacktivists, but most of the claims asserted with respect to attacks they had conducted were not confirmed or substantiated, but still suggest value in spreading fake news.  

As the Palestine conflict continues. it becomes more likely that hacktivist groups will try other forms of more damaging attacks other than defacing websites and DDoS attacks.

Indeed, one pro-Palestinian group has been using a Linux-based wiper malware against Israeli targets.  Wipers were not a frequently used type of malware because they don’t provide an opportunity for an attacker to make a profit. Their main purpose is to cause disruption and destruction, making them a more common tool for nation-state actors and hacktivists.

Wipers Used Againts Ukraine

Numerous wipers were used to disrupt the Ukrainian government, critical infrastructure, and business shortly before Russia's military attack in Ukraine. Wiper malware has proven effectively destructive, often employed to cause, destruction of evidence, and cyber warfare, as it can “wipe” data, overwrite data, or corrupt data.  As more wipers are deployed, other punitive cyber attacks can be expected such as ransomware deployment to lock up systems and steal/distribute stolen data, not make money.  

Hacktivists also engage in doxxing high-value persons for the purpose of exposing their sensitive information that can be leveraged for physical and/or digital targeting. The best indicator of future behavior is past behavior, and the current Palestine conflict bears many geopolitical similarities with the war in Ukraine.

While the current  conflict in Gaza has been going on for only a few weeks, it has the potential to escalate quickly, both in terms of the cyber domain of warfare as well as the truly deadly military actions of kinetic warfare. 

Cyfirma:    CheckPoint:     Imperva:    Oodaloop:    HackerNews:   CPO Magazine:    The Record

FalconFeeds:     Cyber Express:     Image: hosnysalah

You Might Also Read: 

The Israeli-Hamas Conflict Shows Cyber Warfare Is The New Normal:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Bletchley Declaration On Artificial Intelligence Gets International Support
Ransomware Attacks Hit A Record High »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Professional Information Security Association (PISA)

Professional Information Security Association (PISA)

PISA is an independent and not-for-profit organization for information security professionals, with the primary objective of promoting information security awareness and best practice.

FinalCode

FinalCode

FinalCode offers a file encryption and file-based enterprise digital rights management (eDRM) platform.

CERT-IS

CERT-IS

CERT-IS is the national Computer Emergency Response Team for Iceland.

vdiscovery

vdiscovery

vdiscovery is a provider of proprietary and best-in-breed solutions in computer forensics, document review, and electronic discovery.

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node is part of a national network designed to foster and accelerate cyber capability and innovation across Australia.

Symantec

Symantec

Symantec delivers data-centric hybrid security for the largest, most complex organizations in the world – on devices, in private data centers, and in the cloud.

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

Hunton Andrews Kurth

Hunton Andrews Kurth

Hunton Andrews Kurth LLP serves clients across a broad range of complex transactional, litigation and regulatory matters. Practice areas include Privacy and Cybersecurity.

Ankura Consulting Group

Ankura Consulting Group

Ankura is a global expert services and advisory firm that delivers services and end-to-end solutions in a wide range of areas including cybersecurity and digital transformation.

MAXXeGUARD Data Safety

MAXXeGUARD Data Safety

MAXXeGUARD: The High Security Shredder. MAXXeGUARD easily destroys hard disks up to the highest security levels as well as other digital data carriers like SSD’s, LTO’s, USB’s, CD’s etc.

Cyber Security Services

Cyber Security Services

Cyber Security Services is a cyber security consulting firm and security operations center (SOC).

Pathway Communications

Pathway Communications

Established in 1995, Pathway Communications – is part of the Pathway Group of Companies, a Canadian IT Managed Services organization.

OpenAI

OpenAI

OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity.

Intelidata Techedge Pvt. Ltd.

Intelidata Techedge Pvt. Ltd.

Intelidata are a Global Cyber Security Consultancy and Services firm that helps companies drive growth by minimizing risk and maximizing potential.

Reveald

Reveald

Reveald is making Exposure Management a reality to solve the biggest challenges in cybersecurity with a trailblazing ‘offense to defense’ approach that gives the advantage back to the business.

Triovega

Triovega

Triovega are a leading provider for production security and efficiency. Our solutions enhance OT security, and reduce production downtime.