The ongoing Israel-Hamas conflict isn’t just being fought on border fronts but also in the unseen cyber space. According to the media reports, Pro-Hamas hacking groups launched dozens of Distributed Denial of Service (DDoS) attacks against government and private websites in Israel, knocking them offline. However, the attacks did not have a lasting impact.
In response to a surge in hacktivist actions linked to the Gaza conflict, Israeli information security experts have united to offer complimentary cybersecurity support to Israeli businesses, as reported by Reuters.
In a recent incident where Israeli students were attending a Zoom class, an alarming image of an armed individual in military attire suddenly appeared on the screen, as revealed in a screenshot shared with Reuters. In another case, a similar video featured a billboard in the central Israeli city of Holon that showed images of rockets and a burning Israeli flag.
Anonymous cybercriminals from Sudan too launched cyberattacks against Israel shortly after the first rockets were fired by Hamas, targeting emergency warning systems and alerting applications. The Jerusalem Post, Israel's largest English-language daily newspaper, was also a target. A pro-Hamas group, Cyber Av3ngers, targeted the Israel Independent System Operator (Noga) and the Israel Electric Corporation, including a power plant. Additionally, pro-Russian group Killnet launched attacks against Israeli government websites.
"In the Israel-Palestine conflict, experts warn of ongoing and complex cyber warfare. Expect cyberattacks, including DDoS, Phishing Campaigns, Malware, and Espionage targeting government, military, critical infrastructure, media outlets, humanitarian groups, and civilians," says Sonit Jain, CEO at Gaj Shield Infotech.
In another part of the world, Ukraine, which is as conflict-ridden as the Middle East, cyberattacks have had severe economic consequences with estimates suggesting billions of dollars lost. In response, the Ukrainian government has declared a state of emergency and requested assistance from international organisations and Western partners. The European Union and the US have supported Ukraine in countering cyberattacks by launching a cyber dialogue, strengthening the operational capacity of the country's telecommunications services and combating disinformation.
National Cyber Security Centre (NCSC) United Kingdom (UK) in an official blog stated that during the Russia-Ukraine Conflict apart from Ukraine Military, other countries' personal and commercial internet users. Wind farms in central Europe and internet users were also affected.
Protecting cyberspace is traditionally a challenging endeavour as the cyber actors operate anonymously. A ripple effect can usually impact allied nations on both sides, as it has been observed during the intense Russia-Ukraine conflict.
The Dark Web Frontier
During active conflicts, dark web emerges as a clandestine arena where digital mercenaries and motivated groups play a significant role in shaping the landscape of cyber warfare. The shadow frontier facilitates anonymous collaborations, making it an ideal platform for state and non-state actors to engage in proxy cyber warfare.
In this hidden realm, alliances form discreetly, enabling actors worldwide to contribute cyber capabilities without the fear of attribution. The dark web's involvement in geopolitical conflicts carries ominous implications for global cybersecurity for example the erosion of trust. As dark web actors exploit disinformation campaigns and cyber operations, trust among nations erodes, making diplomatic resolutions more challenging.
Saumil G Shah, Cybersecurity Partner at BDO India, warns of espionage, data tampering and influence operations during the Israel-Palestine conflict. His concerns include cyberattacks on critical infrastructure, like hospitals and power networks, with potential severe humanitarian consequences, especially in the event of a PII breach.
According to a Netskope report’s findings, in the first quarter of 2023, financial services and healthcare sectors has seen a significantly higher percentage of activity linked to geopolitical threat groups. In these industries, almost 50 per cent of observed activity originated from such adversaries, rather than financially motivated groups. Conversely, verticals like manufacturing, state, local, education (SLED) and technology saw less than 15 per cent of activity stemming from geopolitical motives, with the majority of threats being financially driven.
Regionally, Australia and North America experienced a higher percentage of attacks attributed to criminal groups, while other parts of the world, including Africa, Asia, Latin America, and the Middle East, saw more geopolitical-motivated attacks.
Source: Business World