Israel is currently grappling with a barrage of cyberattacks, with several hacking groups, some potentially linked to Russia, making claims of responsibility. These attacks have coincided with the physical conflict involving the Palestinian military group, Hamas.
One such group, "Killnet," purportedly comprised of Russian hackers with nationalist sentiments, has declared its intent to launch distributed denial of service (DDoS) attacks against Israeli government systems. DDoS attacks involve overwhelming a website with traffic, rendering it inaccessible. Killnet alleges that Israel bears responsibility for the violence in the ongoing conflict and accuses the country of supporting Ukraine and NATO. They have asserted that they successfully disrupted Israeli government websites and the Shin Bet security agency's website for a brief period on Sunday, though these claims lack independent verification.
Simultaneously, "Anonymous Sudan," another hacking group suspected of being a Russian front, has voiced support for the "Palestinian resistance" and claimed responsibility for briefly taking the Jerusalem Post website offline on Monday. Multiple cyberattacks targeted the newspaper, as confirmed by its officials.
According to cybersecurity expert Mattias Wåhlén of Truesec AB, these groups' actions appear to be opportunistic attacks. The Israeli-Palestinian conflict serves as a backdrop for them to execute DDoS attacks, while also conveying a message of Russian support for Hamas during the conflict.
In addition to Killnet and Anonymous Sudan, various other hacktivist groups have also asserted responsibility for attacks on Israeli infrastructure, including websites connected to power plants and missile warning systems. However, many of these claims remain unverified.
Cybersecurity group Group IB reported that a hacker collective called "AnonGhost" compromised a mobile app used to issue missile warnings to Israeli citizens during the conflict. Exploiting a vulnerability, the hackers inserted fake notifications containing anti-Israel messages. The app appears to have been removed from the Google Play Store after amassing over 1 million downloads.
While Israel has often been a target of cyberattacks, particularly from suspected Iranian sources, it remains uncertain whether Iran's hacking forces are involved in the current conflict. Conversely, pro-Israel groups have initiated their own cyberattacks, targeting Palestinian organizations.
Despite the intensive cyber onslaught, Gil Messing of Check Point Software Technologies Ltd., an Israeli cybersecurity firm, noted that the overall impact has been relatively limited. Nonetheless, he cautioned that the situation could change abruptly.
Rob Joyce, director of cybersecurity at the National Security Agency, emphasized that cyberattacks have not played a prominent role in this conflict. In contrast, Hamas has faced more denial-of-service attacks and minor web defacements, with hopes of garnering support from external parties to amplify their message. Joyce underscored that significant developments could occur, and an increasing number of actors are employing cyber weaponry to further their objectives in such conflicts.