Experts view the latest DDoS attacks against Israel as a case study in the effectiveness of simple, brute-force cyber security attacks, even against the most sophisticated targets.
In recent days, Israel has faced cyber attacks allegedly linked to Iran. Experts say the attacks demonstrate the risk that fairly unsophisticated attacks pose even to well-defended enterprises and that other countries should take note and prepare.
Prior to the annual Op-Israel hacktivist attack on Israeli enterprises from April 6 to 9, Israel experienced recent attacks this year by Russian entities such as Bugbear, Killnet and Anonymous Sudan, the cyber security for Israel. The group aligned with Killnet carried out exploits in Denmark and Sweden in early 2023 and briefly took down the website of Check Point, Israel’s largest cyber security company.
The threat group is a key player in the new wave of attacks, timed to coincide with Al Quds Day, a day of remembrance for Iran’s Palestine.
The DDoS attacks affected Israel’s critical infrastructure, including banks, passport control and processing, the postal service, as well as smart home and building systems, among other targets.
Financial sector targets included Bank Leumi, Bank Benleumi, Discount Bank, Mizrahi-Tefahot, Bank Mercantile, and Bank Benleumi subsidiaries Bank Otzer Ha-Hayal and Bank Mas’ad.
Other victims include Arkia, El-Al Airlines, Assaf Harofeh and Niadoh Hospitals, the Open University, Ben-Gurion University, the Technion and the University of Haifa, as well as media outlets such as The Jerusalem Post, Kan 11 and i24News.
While the damage was minimal and in most cases briefly involved systems and services, cyber security experts say that, because of their prevalence and reach, attacks by countries less prepared than Israel for cyberattacks could be serious. should be taken from
Look: North America is also a target, especially for ransomware attacks.
‘Massive geopolitical cyber warfare’
Nadir Israel, chief technology officer and co-founder of Tel Aviv-based enterprise security firm Armis, which is working on mitigating the damage at some of the affected institutions, said that as one of the most cyber-aware countries on Earth, Given Israel’s position in the U.S. — a hub for cyber security capabilities — the degree of success of these exploits should be taken into account by the West: they represent broader geopolitical cyber warfare that goes beyond typical DDoS exploits, he added. that target a small number of websites.
“Typically, all of these attacks occur with more or less sophisticated forms, either by exploiting various vulnerabilities and systems or by brute force DDoS,” Israel said.
“What’s different about these is that a crude DDoS tactic would be to blast a website with traffic and take it down. What’s happening here is that attackers are targeting a lot of weak spots where they’re bringing down services.”
Israel said the attackers also managed to install, albeit briefly, smart IoT functionality in individual homes, buildings and other structures.
Justin Cappos, professor of computer science and engineering at the NYU Tandon School of Engineering, said network provisioning needs to be taken care of by any new groups launching large-scale DDoS attacks.
“Defense is much harder than offense in most parts of cyber, so the fact that they can detect and damage some of the easier targets with high volume is a big deal,” Cappos said.
Look: Like a sedan for anonymous Sudanese, Telegram is the market vehicle of choice.
Israel stated that the combination of direct attacks by the Iranian government and indirect attacks by allied groups achieves two goals: keeping the origin of the attacks very obscure and making the attack appear larger because the origin of the attacks is unclear. Additionally, the magnitude and impact were unusual considering that the norm for DDoS attacks on small-scale local targets.
He said, “Israel is on a better war footing than most countries, and that being said, it is still quite conflicted.”
“Despite Israel’s utter cyber might its success shows that there are always weak points and ways to attack them. Surprisingly effective attacks are possible with fairly simple tools and this is a wake-up call to all “
.
This news is auto-generated through an RSS feed. We don’t have any command over it. News source: Multiple Agencies: hindustantimes, techrepublic, computerweekly,
