Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
More than 44 hacktivist groups targeted Israeli organisations in May in a coordinated campaign to erode public trust.
The nation of Israel has always understood it is surrounded by enemies on practically all of its borders.
However, in the internet age, those borders are now immeasurably vaster than ever before. As Israel continues to conduct military operations against what it perceives as multiple threats, hacktivist groups from around the world are continuing to ramp up cyber attacks against public and private sector targets.
Cyber attacks targeting Israel actually dropped in May, down to 244 compared to April’s 276, but according to security analysts, this isn’t so much a de-escalation, but rather a sign of persistence.
“Hacktivist coalitions kept pushing,” threat intelligence platform Falcon Feeds said in its June threat intel update.
“Their goal: disruption, not ransom. Visibility, not stealth.”
While hacktivist groups have been observed engaging in a variety of disruptive attacks, the most common attack vector has been the humble distributed denial-of-service (DDoS) attack – a massive wave of traffic designed to overwhelm networks and take down services and websites. In May, DDoS attacks made up 81.6 per cent of all malicious activity targeting Israel.
These attacks are popular for several reasons. Many hacktivist groups and other threat actors operate DDoS services for hire, making the barrier to entry relatively low and largely financial. They’re also far more obvious.
“These attacks were meant to steal,” Falcon Feeds said.
“They were designed to overwhelm and humiliate.”
Government and public sector entities were most targeted, with 27 attacks, followed by technology and IT with 25. Twenty-four attacks targeted the education sector, and 20 targeted manufacturing, while financial services providers were hit by 19. That said, every possible sector is a viable target, with entities in the healthcare sector, agriculture, retail, arts and entertainment, and utilities all facing some level of malicious action.
All of this activity was, for the most part, highly coordinated. Of the incidents observed in May, 229 were planned between groups on the Telegram messaging platform, with victims, leaks, and attack plans shared in real time as they progressed. On 10 May, victims in construction, healthcare and education were targeted, and on 15 May, the Arabian Ghosts collective coordinated 30 unique attacks. On 24 May, data leaks, defacements, and DDoS campaigns peaked, while overall, between 6 and 20 May, daily campaigns kept up the pressure.
The Arabian Ghosts were doing more than just coordinating, too. This particular collective was responsible for 60 cyber attacks in May, easily the most active threat actor out of the 44 groups targeting Israel over the course of the month. LulzSec Black is a distant second with 27 incidents, followed by RipperSec with 25.
The activity is truly global, with groups from Indonesia, Morocco, and Bangladesh taking part.
“This wasn’t random,” Falcon Feeds said. “It was ideology-powered cyber warfare.
“These aren’t just technical attacks, they’re political messages, aimed at exhausting public confidence and stretching national defence thin.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
