Israel-Hamas Conflict: Hacktivist Involvement Escalates
Various hacker collectives have joined the escalation of the Israel-Hamas conflict, which commenced over the weekend following a major attack by the Palestinian militant group.
Hamas initiated an unprecedented assault on Israel from Gaza, launching thousands of rockets and deploying its fighters in the southern region of the country. In response, Israel declared war on Hamas and initiated countermeasures. The escalation of the conflict has led to hundreds of casualties and thousands of injuries on both sides.
In addition to presumed state-backed entities that have likely increased their covert cyber endeavors, acknowledged hacktivist groups supporting each faction have amplified their cyber offensives.
As outlined in a timeline established by cybersecurity consultant and open-source intelligence (OSINT) enthusiast Julian Botham, Anonymous Sudan initiated the initial hacktivist assaults against Israel less than an hour after Hamas fired the first rockets. This group targeted emergency alert systems, asserting to have disrupted alerting applications in Israel.
Anonymous Sudan also directed efforts at The Jerusalem Post, Israel's largest English-language daily newspaper.
A pro-Hamas faction known as Cyber Av3ngers focused on the Israel Independent System Operator (Noga), an entity overseeing the power grid, purporting to have infiltrated its network and taken down its website. The group also targeted the Israel Electric Corporation, the primary electrical power provider in Israel and the Palestinian territories, in addition to a power plant.
The well-known pro-Russian entity Killnet launched assaults on Israeli government websites.
A Palestinian hacking gang called Ghosts of Palestine has extended invitations to hackers globally to target private and public infrastructure in Israel and the United States. Another group, Libyan Ghosts, has begun defacing small Israeli websites in support of Hamas.
For the most part, these hacktivists have employed distributed denial-of-service (DDoS) attacks to induce disruption. While some have asserted significant impact on their targets, it is customary for hacktivists to embellish their claims. For example, declarations from hackers linked to Iran and others, suggesting a cyberattack on Israel’s Iron Dome air defense system, are likely overstated.
Conversely, groups like Killnet and Anonymous Sudan, both affiliated with Russia, have a history of executing highly disruptive attacks. They have previously targeted major corporations like Microsoft, X (formerly Twitter), and Telegram with substantial DDoS attacks.
On a different front, ThreatSec, a pro-Israel group, alleges to have compromised the infrastructure of AlfaNet, an ISP based in Gaza.
Hacktivists purportedly based in India have targeted Palestinian government websites, rendering some of them inaccessible.
A collective called Garuna has declared its solidarity with Israel, while TeamHDP has aimed at the websites of Hamas and the Islamic University of Gaza.
In a recent report, Microsoft disclosed heightened activity from a Gaza-based threat group named Storm-1133, directed at Israeli organizations in the defense, energy, and telecommunications sectors in early 2023. Microsoft believes the group is aligned with the interests of Hamas.
Host your website independently to have full control over its security. Protect your business from cyber threats. Stay secure.