RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2023/10/27 14:10:28

Cybercrime and cyber conflicts: Israel

.

Content

2023

Israel enlists spyware developers to fight Hamas

The Bloomberg news agency published information that Israel's special services are attracting NSO Group and Candiru spy software developers to search for hostages. Moreover, it is argued that these manufacturers provide their products and services for free. This is logical, since according to some reports, Candiru at one time recruited recruits from the IDF's 8200 intelligence unit .

It should be noted that both of these companies are on the black list. USA Founded in 2010, NSO Group became famous for developing a spyware program Pegasus that was legally sold to the governments of several countries to spy on human rights activists and journalists. The NSO Group said it was providing spy ON to authorised governments to help them fight terrorism and crime. Moreover, Pegasus spyware is classified by the state of Israel as a weapon, so any export and use in foreign countries must be approved by the government.

Candiru was formed in 2014 and was engaged in the sale of the software of the same name for surveillance and cyber espionage to government clients. Its software was discovered by specialists Kaspersky Lab"" in 2019, when it was used by the intelligence agency. Uzbekistan After that, it was found out that similar software was used in Saudi Arabia and the United Arab Emirates. Representatives of the IDF and NSO Group declined to comment, but representatives of Candiru said that the company was ready to provide any necessary assistance in the hostilities.

In addition, Israeli intelligence agencies are engaged in the analysis of information published in open sources and social networks, for which they attract specialists in open source intelligence (OSINT) and social networks (Social Media Intelligence - SOCMINT).

Personnel from the video library that Israeli intelligence agencies collect to investigate Hamas crimes
File:Aquote1.png
Israel is gathering digital and physical evidence against Hamas, "noted Omer Benjakob, a reporter for the Israeli newspaper Haaretz. - OSINT and SOCMINT firms helped create the "Library" based on video from GoPro cameras, social media accounts and other online sources.
File:Aquote2.png

CyberAvengers cyber group attacked vodokanal and 200 gas stations in Tel Aviv and Haifa

According to the Tasnim news agency [1] , the pro-Palestinian cyber group CyberAvengers attacked the gas station network of the Israeli company Orpak. As a result, the work of 200 gas stations of the company was disrupted. Residents of Tel Aviv and Haifa complain on social networks about the difficulties in obtaining services at some gas stations. In addition, CyberAvengers published video from surveillance cameras located at some gas stations on its telegram channel. Earlier, the group's hackers announced that Mekorot had taken control of the water treatment station and also published video from its video surveillance cameras .

List of cyber groups involved in the Palestinian-Israeli conflict

Actually, the Palestinian-Israeli conflict has become one of the catalysts for the confrontation of hacker groups with each other. Now the number of groups participating in the confrontation is being calculated. According to the latest data, there are already about a hundred of them: 20 are on the side of Israel, 77 are on the side of Palestine and 3 more are still neutral.

Israel subjected to massive cyber attacks

In early October 2023, Israel was attacked by several groups of hackers at once. In particular, we are talking about the attacks of the pro-Iranian group CyberAvengers on Israeli energy facilities, the Palestinian Storm-1133 on power, defense and telecommunications enterprises, and the pro-Russian Killnet, which announced attacks on Israeli government websites.

At the same time, an attack by hackers from the Indian Cyber ​ ​ Force group on resources in the Palestinian Authority was also recorded: a bank, government, transport and trading companies. Thus, it can be stated that the confrontation of armed groups is reflected in cyberspace.

Against the background of the military confrontation between Israel and Palestine, cyber attacks are taking place on the objects of the parties

In particular, the activities of the CyberAvengers group were aimed at destabilizing the Israeli energy system. Attacks on generating companies Noga, DORAD and others were recorded. It was noted that as a result of the actions of the group, power outages were noticed in the Israeli city of Yavna.

Microsoft has investigated in detail the activities of the Palestinian group, which was named Storm-1133. She infiltrated victim companies with the help of fake accounts of Israeli HR managers, project coordinators and software developers on the LinkedIn network banned in Russia. To secure the attacked systems, the Caramel Morning Trojan, which is written in Python, was used. Malware activity is coordinated using Google Drive file storage.

Earlier, in early September, ESET announced the discovery of the activities of the allegedly pro-Iranian group Ballistic Bobcat. The purpose of its activities was cyber espionage, but the bulk of the 34 companies attacked were in Israel, but there were also companies from Brazil and the UAE. In Israel, the automotive, manufacturing, engineering, financial services, media, health, technology and telecommunications industries were attacked.

In addition, the pro-Russian hacker group Killnet announced cyber attacks on Israeli government systems - even the "murder" of the Israeli government website was announced. According to Killnet, the Israeli government betrayed Russia back in 2022, supporting Ukraine, so they decided to join the cyber confrontation. Killnet representatives also wrote that hackers from Sudan joined their initiative. Now it is not clear how these cyber groups interact with each other and how seriously their actions affect the opposing parties.

Israeli security service introduces ChatGPT analogue to combat cyber threats

On June 27, 2023, the Israeli security service "Shin-Bet" introduced AI into its work and uses the technology to prevent serious threats. Read more here.

2022

Israeli officer conducts first ever Israeli army cyber attack

Second Lieutenant B. was a young officer in the IDF's Military Intelligence Agency (IDF) in the 1990s and was the man who planned and carried out the first cyberattack in Israeli army history. This became known on October 19, 2022.

Second Lieutenant B. was part of a 5-man task force responsible for developing a plan that consisted of secretly entering a stronghold of one of Israel's enemies and gaining access to an important source of intelligence. data

This operation allowed Israel to get its hands on useful information without risking the lives of the soldiers, while still remaining out of radar view. Second Lieutenant B. received the Israel Defense Prize for "developing a system that has a creative technological solution to an operational task of great importance."

The enemy of Israel at that time was in the process of creating an advanced missile arsenal and developing an innovative cyber system, which he planned to use for military purposes.

For 2 years, Second Lieutenant B., together with his team, recreated the enemy system, conducted tests and searched for gaps in the system so that the enemy did not detect suspicious activity on the network and did not notice the hack.

The team logged into the target system and stole the data. The whole campaign lasted a few minutes. Since then, the technical gateway created by Second Lieutenant B. and his team has become more perfect and paved the way for other IDF campaigns. An[1].

Israel creates "Cyberkupol" to protect against all types of network attacks

On June 28, 2022, Israel will create a national system of protection against network attacks. The Cyber ​ ​ Dome system ("Cyber ​ ​ Dome"), by analogy with the Iron Dome air defense, will provide the country with protection from attacks by hostile countries, organizations and individuals. Read more here.

2021: Hackers hack into Israeli military computers and release personal data of military personnel

On October 26, 2021, hackers leaked hundreds of Israeli army personnel and those, as well as those citizens who are already close to military age, into Internet personal data. Officials in Israel believe Iran is behind the attack. No official comments have yet been received from Tehran. Read more here.

2020

Israeli companies hit by massive cyber attack

Israeli companies were subjected to a massive cyber attack. This became known on December 13, 2020. There is reason to believe that this is a "state" cyber attack to harm Israel.

The attackers managed to steal important information that could damage the stability of the supply of vital products to the country. Some of the stolen information may have strategic value for Israel.

Hackers carried out a cyber attack on dozens of companies engaged in the delivery and import of goods in Israel. This is reported by the Calcalist edition.

The attack began with the hacking of computers from software company Amital. The publication notes that this time the hackers did not demand a ransom.

One of Calcalist's interlocutors said that the cyber attack resembles a hacker attack in 2017 on large Ukrainian companies, which are the backbone of the national economy. This attack was carried out by Russian hackers using the NotPetya worm.

As a result of the attack, accounting software was disabled. As a result, the expert believes, the Ukrainian economy suffered heavy losses[2].

Iranian hackers claim Israeli railway hack

The group, the Iranian hackers which calls itself Cyber ​​Avengers, posted on Telegram a channel associated with the Islamic Revolutionary Guard Corps a statement of responsibility against attacks the railway communication system in. Israel This became known on July 31, 2020.

The group published a map of the Israeli railway network indicating the stations to which the attack was allegedly directed. Among them are stations in Jerusalem, Tel Aviv University and Ben Gurion Airport.

A Cyber ​ ​ ​​Avengers spokesman said that from July 14 to 24, 2020, this group attacked servers that ensure the functioning of 28 railway stations in Israel, including Jerusalem, Tel Aviv University and Ben Gurion Airport.

File:Aquote1.png
"Major cyber operation" began, according to hackers, on July 14 at 1:20 am. It was at this time a little more than six months ago - on January 3, 2020 - at the Baghdad airport American drone destroyed a high-ranking Iranian military - General Qasem Soleimani.
File:Aquote2.png

Iranian hackers claim that as of July 31, 2020, railway stations in Israel are not functioning due to the damage caused, which is not true. Railway communication in Israel is carried out in accordance with the schedule established for the period of quarantine measures related to the coronavirus epidemic: train traffic has been reduced, regular delivery of passengers to Ben Gurion station does not make sense, since passenger flights are almost not carried out.

The Cyber ​ ​ ​​Avengers group emphasizes that although a hacker attack against Israel's transport infrastructures was suspended on July 24, 2020, "the worst (for Israelis) is yet to come." Iranian hackers are threatening to plan other attacks that could lead to "dozens of train collisions."

In early July 2020, the same group claimed responsibility for massive power outages in Israel. However, cybersecurity experts believe the claim is not based on fact.

However, Iranian hackers warned that "the worst is yet to come" and said a "cold cyber war" was unfolding between Israel and Iran[3] hacked].

Israel suspected of cyber attack on Iran's nuclear facility

On July 3, 2020, it became known that the Israeli authorities were suspected of carrying out a cyber attack on one of Iran's nuclear facilities. The incident occurred on July 2 and led to a fire and then an explosion at an underground uranium enrichment facility in Natanz. Read more here.

2019: Air Strike Response to Cyber Attack - First Ever

In early May 2019, for the first time in history, an immediate air strike was responded to a cyber attack. The Israel Defense Forces said it was able to prevent a hacker attack by the Palestinian group Hamas by launching a retaliatory airstrike on a building in the Gaza Strip. According to the military, this is where the cyber attack was carried out.

The Israel Defense Forces did not specify what exactly was the goal of Hamas. The Times of Israel claims that the hackers planned to damage the quality of life of Israeli citizens. The Israel Defense Forces reported only the neutralization of the threat and refused to release details so as not to disclose its technical capabilities to the enemy.

The Israel Defense Forces said it managed to prevent a hacker attack by the Palestinian group Hamas by launching a retaliatory airstrike on a building in the Gaza Strip

This incident was the first time that the military responded to an alleged cyber attack by using force directly during hostilities. Israel's response to Hamas "actions is unique and marks the evolution of the principles of warfare.

A similar case took place in 2015, when the United States attacked a member of ISIS (a terrorist organization is banned in Russia), who published personal data of American servicemen on a Twitter blog. However, by that time, US intelligence had been purposefully following the hacker for some time and at the right time struck from a drone.

International humanitarian laws state that retaliatory actions must be directly proportional to the attack. An independent consultant cyber security on noted that before the strike, Israel had to assess the level of seriousness of the conflict. Given that the Hamas cyber attack never occurred, and no specific information was received about its possible consequences, it is not known whether the response of the Defense Army corresponded to threats. The media called the incident "an alarming evolution" of modern warfare, given the growing threat to the armed forces from hackers.[4]

2018

How Israeli girls are trained in cyber warfare from school age

By August 2018, women who Israel hold positions related to information security account for only a tenth of jobs. To level the gender gap and make it easier for girls to work in the cyber industry, Tali Ben-Aroya founded CyberGirlz an educational program that prepares Israelis to work in the field cyber security from school. More. here

Launch of three-year cyber security technology development program

On August 15, 2018, the Israeli authorities announced a program for the development of information security technologies, trying to make the country a leader in this direction. Investments in the project will amount to 90 million shekels (about $24 million at the exchange rate at the time of the announcement).

As part of a three-year program, research and development companies will be able to receive up to 5 million shekels annually to develop their activities. Pilot projects in Israel and abroad will also receive financial support.

Israel marks the leaders of the information security market and launches a state program for this

The investment will be directed towards innovative technologies that have "significant potential to influence the global market" and complement the future foundation of the industry in Israel. They will also help start-ups access information, systems and test sites that they can't easily get.

The program covers the following areas:

  • investments in technologies seen as potentially "game changers" at the global level;
  • supporting large companies moving from the development stage by funding pilot tests of their technologies in conjunction with potential customers;
  • increasing resources for Israel's CyberSpark cybercompelx to strengthen its position as a global hub. cyber security

File:Aquote1.png
Despite significant investment from venture capitalists who believed in the local information security market, many companies face difficulties in finding suitable sites to test their technologies, said the head of the Israeli innovation agency Aaron Aharon.
File:Aquote2.png

According to the Israeli government, the country accounts for about 5% of the global cybersecurity technology market by August 2018. This is the second indicator of the United States, in which the share is measured 16%.[5]

2017: Israeli army faces cyber espionage campaign

Kaspersky Lab helped the Israel Defense Forces investigate a cyber attack by military units located in the hottest border zones, including in the Gaza Strip.

As it turned out during the investigation, more than 100 servicemen of the Israel Defense Forces of various ranks became victims of espionage, ON which fell on their Android devices through social engineering. To malware managed to gain access to information about the location of military units and other classified data, in particular about military equipment.

The cyber espionage campaign began in July 2016 and is still active. Spyware is distributed through communication applications such as Facebook Messenger. Most of the victims clicked on malicious links and uploaded the malware, "tempted" by the sexual messages they received from people from Canada, Germany and Switzerland.

Once on the device, spyware gains control over the video and audio capabilities of the smartphone, can determine the location and control SMS functions.

As a result of the investigation, Kaspersky Lab experts came to the conclusion that the attacks were targeted, and the cyber espionage campaign itself is now in its initial stages. According to analysts, the attackers are seeking to obtain data on the movements of ground units of the Israel Defense Forces, as well as on the tactics and equipment of the IDF.

2016: Israeli parliament recommends creation of unified cybersecurity structure

In the summer of 2016, it became known that the Israeli Knesset is awaiting the adoption of a bill that will help unite all organizations responsible for cyber defense into one centralized structure[6].

All components of Israel's cybersecurity apparatus should be united under a single roof, in accordance with the statement of the representative of the Knesset, the country's parliament.

In particular, referring to the hacker attack on the Democratic Party, USA members of the Foreign and Defense Commission submitted to the Knesset an appropriate proposal regarding cybersecurity.

Cybersecurity issues are expected to be placed under the control of the National Cybersecurity Administration. The Department will be subordinated to a system responsible for information and cyber security of vital computer systems.

There are, however, a number of reservations. In emergency situations, responsibility for this area will be assigned to the country's internal security service, SHABAK. Knesset members and political parties will be protected by the National Cybersecurity Administration only if the information they possess is considered secret.

The innovation, if adopted, will require organizations responsible for cyber defense in Israel to "develop comprehensive measures combined with the use of legislative and operational mechanisms in a wide variety of areas of activity. For example, this includes the need to formulate appropriate guidelines for small and medium-sized enterprises, which have so far received insufficient attention from the authorities, while being under the constant crosshairs of cybercriminals.

2015: National Cyber Defense Authority to be set up in Israel

The Israeli government approved the creation of a national cyber defense office in early 2015. The structure will be created in stages, within three years, the portal reports Strana.co.il.

The management will be engaged in comprehensive protection against cyber attacks, including the development of threats and attacks in real time. The management will also operate a national support center CERT (Cyber ​ ​ Event Readiness Team) to combat cyber threats in order to ensure the protection of various organizations and industries.

The new department will work in conjunction with the current national headquarters. cyber security The department and headquarters form a single system of national cyber defense under the ministry of the head of government, headed by Dr. Eviatar Matania.

2011

Tehran has accused Israel of a cyber attack against offshore drilling installations. But the list of hostile acts is not limited only to this. Israel is among the countries suspected of an ongoing series of attacks against Iran's nuclear program. Conventional military strikes are difficult to carry out for political reasons, so they resort to cyber attacks.