Behind the Israel-Hamas conflict, the real cyberwar is being fought with Iran

In a report on cyberattacks in the context of the Israel-Hamas conflict, Google cyber experts highlight the numerous Iranian operations against Israel since October 7, 2023.

Google’s cybersecurity teams submitted a comprehensive report on February 14, 2024 on cyber attacks encountered in the context of the Israel-Hamas war. Although Hamas launched some espionage operations ahead of the attack, Iran today represents the main cyber threat to Israel. Google cyber experts note: “ In the six months leading up to the October 7 attacks, Iran was behind approximately 80% of all government-sponsored phishing activity. »

For Google, these operations are in line with the Iranian destabilization strategy. “ After the attacks, we saw a focused effort to reduce public support for the war. These include destructive attacks on key Israeli organizations, hacking and leaking and targeted information operations aimed at demoralizing Israeli citizens, eroding trust “, we can read in the report.

Destabilization and attack against the West

Among the operations recorded by the web giant, we can note an attack in December with “wiper” malware – intended to destroy all data – against financial institutions in Israel. The hackers posed as an American security company to trick targets into downloading the malware in booby-trapped messages.

Data leakage is also a frequently used weapon of destabilization. “ Iranian actors have generally followed a common pattern: carry out intrusion activity against a target; claim the hack using a fictitious account; then amplify the leak through social networks », notes the report. Hacker groups (Cyber ​​Aveng3rs, Soldiers of Solomon) have recently claimed – in a largely exaggerated and misleading manner – hacks against energy infrastructure.

Leaks linked to the conflict are daily on the forums.  // Source: Numerama
Conflict-related leaks are often old and recycled. // Source: Numerama

Other symbolic operations caused more damage. On November 26, 2023, the town of Aliquippa, Pennsylvania, in the western United States, announced that hackers had compromised the town’s water distribution system. Software of Israeli origin made it possible to regulate the water pressure. The Cyber ​​Aveng3rs collective immediately declared that it would attack all municipalities that use Israeli products. A similar attack was carried out in Ireland against two villages in December.

On their Telegram channel, Iranian hackers claim attacks against numerous energy infrastructures.  // Source: NumeramaOn their Telegram channel, Iranian hackers claim attacks against numerous energy infrastructures.  // Source: Numerama
On their Telegram channel, Iranian hackers claim attacks against numerous energy infrastructures. // Source: Numerama

Iran has also suffered cyberattacks in retaliation, including a large-scale one at the end of 2023. On December 18, hackers knocked out around 70% of the country’s gas stations. On Telegram and X, the group Predatory Sparrow (in Persian Gonjeshke Darande) claimed responsibility for the attack. “ As with our previous operations, this cyberattack was carried out in a controlled manner while taking steps to limit potential damage to emergency services », We can read in the message posted by the hackers. Experts believe that this collective would be made up of opponents of Iranian power, supported by Israeli or American intelligence.

“No spike in cyberattacks”

Google’s report ends up qualifying this cyber battle, comparing it to that taking place between Russia and Ukraine. “ The conflict between Israel and Hamas is very different from other conflicts, such as the Russian invasion of Ukraine. In the Israel-Gaza region, we have not observed a spike in cyber operations. »

Cyber ​​experts believe that “ Iran-linked groups likely to continue carrying out destructive cyberattacks, especially if escalated », with the potential involvement of Lebanon and Yemen.

If you liked this article, you will like the following: don’t miss them by subscribing to Numerama on Google News.

Source link -100