A surge in hacktivist groups targeting both Israeli and Palestinian entities has been witnessed in the ongoing Israel-Palestine conflict. One major attack was carried out by the Cyber Av3ngers group on the Israeli Dorad private power station. The hacktivist collective posted images of the allegedly hacked site, featuring a logo incorporating the colors of the Palestinian flag, suggesting their support for the hack. In order to substantiate their claim of a DoS (Denial of Service) attack, the hackers provided evidence of their successful DDoS (Distributed Denial of Service) attack.
Upon close examination of the information released by the Cyber Av3ngers, cybersecurity researchers from Kaspersky discovered that it was actually derived from earlier disclosures made by another hacktivist group called Moses Staff. This finding raises questions about the true nature and origin of the Cyber Av3ngers. It remains unclear whether they are connected to the original Cyber Avengers or the Cyber Aveng3rs.
The Cyber Av3ngers, whoever they may be, mainly focus their attacks on Israeli organizations, particularly those responsible for maintaining the nation’s critical infrastructure. On September 15, 2023, a new Telegram channel named @CyberAveng3rs was created. In its initial messages, the channel connected itself to the previous actions attributed to the Cyber Avengers. Subsequently, they unveiled their plans to target key Israeli infrastructure, including water and electrical systems. The latest posting on the channel made a mockery of the Israeli government’s security guidelines for infrastructure security by releasing the instructions and a list of eight target firms.
A specific incident that drew attention was the Dorad private power plant attack. Stolen information from several Israeli businesses was initially released by Moses Staff in June 2022. The data included images in PNG and JPEG formats, as well as PDF documents. The hackers also released a video along with the data. A comparison between the images released by the Cyber Av3ngers and those from the Moses Staff archive revealed that the former had used pictures from the leaked video and PDF files. The Cyber Av3ngers edited and cropped these images before posting them. It can be concluded that the data leak resulted from the activities of Moses Staff, who employed malware and specialized tools like PyDCrypt, DCSrv, and StrifeWater to remove the files from the targeted company’s computers.
Interestingly, reports suggest that there is no ransom demand associated with the data leak caused by Moses Staff. Their organization seems to be motivated by causing harm rather than seeking financial gain. This presents a unique challenge for the affected entities, as there is typically no way to pay a ransom and decrypt the data.
In light of these events, cybersecurity experts stress the importance of implementing robust security measures to protect IT (Information Technology) and OT (Operational Technology) systems. The Cyber Av3ngers’ alleged hack is an example of repurposed data from a previous security breach rather than a result of new unauthorized access. This further emphasizes the need for organizations to remain vigilant and proactive in defending against evolving cyber threats.
To address vulnerabilities and ensure comprehensive security, it is recommended to utilize solutions like Trustifi’s AI-powered email security. Such tools offer protection against various email threats, including but not limited to email tracking, blocking, modifying, phishing, account takeovers, business email compromise, malware, and ransomware.
Furthermore, Patch Manager Plus can be deployed to patch over 850 third-party applications quickly, thus minimizing vulnerabilities. Taking advantage of the free trial of Patch Manager Plus enables organizations to ensure 100% security by keeping their software systems up-to-date.
In conclusion, the rise of hacktivist groups like the Cyber Av3ngers targeting both Israeli and Palestinian entities highlights the increasing cyber risks associated with the Israel-Palestine conflict. The interconnected nature of our digital world calls for robust cybersecurity measures to defend against evolving threats and protect critical infrastructure.