The recent attack on Israel by the Hamas terrorist group has once again highlighted the digital component of conflicts that have been present since before the beginning of the century. These actions have emphasized the importance for Chief Information Security Officers (CISOs), particularly those with entities in Israel, to strengthen their backup infrastructure and business continuity plans, stay vigilant against new threats, and become more engaged in the cybersecurity realm.
In Israel, the trigger points that lead companies to invoke their crisis plans are typically higher compared to other areas. As we are now slightly over one week into the war, it comes as no surprise that almost every company with assets in Israel has experienced some disruption to their day-to-day operations. The transition to a war footing has also resulted in personnel issues. The call-up and activation of 360,000 reservists from the Israeli Defense Force (IDF) means that the support personnel available on Friday, October 6, are not present on Monday, October 16, to focus on network continuity. Additionally, both official and commercial entities have been targeted with a barrage of distributed denial-of-service (DDoS) attacks and hacking attempts.
Several groups have claimed responsibility for the attacks on the Israeli infrastructure. Cybersecurity researcher Julian B. has created a timeline suggesting that some activities began on October 6. This timeline sheds light on the activities of groups such as Cyber Av3ngers, Killnet, and Anonymous Sudan. Cyber Av3ngers is aligned with Iran, Killnet with Russia, and Anonymous Sudan, sympathetic to Hamas and aligned with Russia.
Among these groups, Anonymous Sudan has claimed responsibility for an attack on the Israeli alert system. Due to human error, the alert system in northern Israel was falsely activated, creating an impression of an attack in that area. The Noga — Independent Systems Operator, responsible for managing the Israeli electric system, fell victim to a DDoS attack by Cyber Av3ngers.
The Jerusalem Post, a reputable news outlet, also faced a DDoS attack on October 7. The editors took to social media to inform the public about the attack and reassure readers that they were still operational. It took a day or two to restore stability to the website. ZeroFox, a cybersecurity company, reported that personal identifying information (PII) of individuals from the Israeli Defense Force and Israeli Security Agency was being shared on a Russian language dark web forum called RAMP, indicating that threat actors were seeking to profit from the conflict in Israel.
These recent cyberattacks exemplify the growing role of cybersecurity in contemporary conflicts. The attackers come from different groups with various allegiances, showcasing the complexities of the digital battlefield. CISOs, especially those operating in Israel, must now not only focus on physical security but also invest in robust cybersecurity measures to protect their infrastructure, employees, and sensitive information. It is crucial for organizations to have comprehensive backup plans and business continuity strategies in place to mitigate the impact of disruptions caused by cyberattacks.
Furthermore, the ongoing conflict in Israel has led to an increased drain on personnel resources. With reservists being called to duty, companies are left without critical support personnel, making it even more challenging to maintain network continuity and effectively respond to cyber threats. This situation highlights the need for organizations to proactively engage with cybersecurity professionals and stay informed about the evolving threat landscape.
As conflicts continue to have a digital component, it is imperative for CISOs and organizations worldwide to understand the significance of these cyber attacks and take appropriate measures to protect their assets and operations. By investing in cybersecurity capabilities and staying vigilant, organizations can minimize the impact of disruptions caused by cyber threats and ensure the continuity of their business operations during times of crisis.