Israel-Hamas War and its Impact on Israeli Tech Companies

The war between Israel and the Palestinian terror group Hamas started on October 7, when Hamas launched its assault against Israel by firing a barrage of rockets and sending its fighters across the border. As per reports, the incident killed 1,200 people, and 250 people were taken as captives.

Illustration by The Geostrata

The recent Israel-Hamas conflict has spilled over into cyberspace as well, with pro-Palestinian hacktivist groups targeting Israeli infrastructure. In the initial period following the assault by Hamas, Israel witnessed a series of attacks that targeted public and private websites. The ongoing war will affect the Israeli workforce since most tech startups are shifting operations outside Israel. Israel is considered to be the most innovative high-tech company.

The tech companies have remained one of the most significant sectors of Israel’s economy.

The sector comprises fourteen per cent of the workforce, contributing a fifth of Israel’s economic output. The hacking groups have targeted the tech and private entities in Israel. The attacks ranged from temporarily compromising websites and facilities like the electric grid. Since October 6, Israeli public and private entities have witnessed the growing cyber-attacks from the Palestinian terror group Hamas.

The report intends to focus on the effects of cyber-attacks against Israeli entities that can disrupt the operations and business of tech companies based in Israel.

TIMELINE OF CYBER ATTACKS

6th October 2023: A hacktivist group named ‘Cyber Av3ngers’ hacked the Noga Independent Systems Operator, launching Distributed Denial of Service (DDoS) attacks. The event marked the beginning of the cyber activities related to the present conflict.

7th October 2023: The hacktivist group, ‘Anonymous Sudan’, launched DDoS attacks and alerted the citizens of the rocket attacks within an hour of missile attacks on Israel by Hamas.

8th October 2023: The hacker group named ‘Killnet’ claimed responsibility for attacking the Israeli government's website, making it unreachable. The group also threatened that it would further target the government systems of Israel. ‘Anonymous Sudan attacked the website of ‘The Jerusalem Post’ making it unreachable for two days.

9th October 2023: The hacktivist group named ‘AnonGhost’ targeted Israel’s Alert App and hacked it to send threatening notifications by exploiting its API vulnerability. The cyber branch of Israel Police’s Lahav 433 unit experienced a cyber breach, and all the cryptocurrency accounts related to Hamas were blocked with the help of Binance.

10th October 2023: Another hacking group known as ‘Blackfield’ announced on a Russian-speaking forum that they have the data that belonged to IDF soldiers and Shabak members. The group revealed their personal information, photos, and phone numbers. The group also threatened to target the United States in the future.

14th October 2023: The hacktivist group named ‘Cyber Av3ngers’ announced that they had compromised ORPAK, a company that provides payment and management solutions for fuel, retail, and fleet businesses in Israel. The group also leaked the data of multiple gas stations with their CCTV footage.

15th October 2023: The hacktivist group named ‘AnonGhost Indonesia’ leaked a database of a dating and consolidation project that targeted the LGBTQ community.

16th October 2023: Amidst cyber-attacks, Israeli news websites like ‘All Israel News’, and ‘Abu Ali Express’ were targeted by hacktivist ‘YourAnon T13x’. The news organisations took countermeasures, but the group conducted DDOS attacks on the website again.

17th October 2023: The hacktivist group ‘AnonGhost’ showcased a list of targets in Israel that remain vulnerable to attacks and exploitation.

IMPACT ON TECH COMPANIES

The trend of increased combat activities by the Israeli forces in Gaza can indicate increased chances of cybercrime. The Hamas-Israel conflict will prompt criminals to utilise cyberspace and conduct attacks to seek alternate revenue sources. This can range in the form of online scams to conducting direct DDoS attacks.

The increased likelihood of cyber attacks can be attributed to the increased online activities by the pro-Hamas hacking groups, who are likely to carry out dozens of DDoS attacks against credible government and private websites. The attacks have ranged in the form of ransomware to target Israeli tech companies to gain advantages by conducting confidential information theft.

The foreign employees in the tech industry, owing to their limited exposure and knowledge, can be targeted by the Pro-Hamas hacking groups.

As per reports, the group has utilised open-source social media handles like LinkedIn, posing as software engineers and developers to carry out attacks by sending malware to employees.

The tech companies will experience significant issues owing to the supply chain. The tech companies in Israel and their partners can experience phishing schemes involving the workforce in the near term. Such activities can cause interruptions to the contingency planning made by the companies to respond to the situation.

The alleged attacks can also involve increased cyber-attacks by the pro-Iranian entities targeting the websites of Israel-based tech organisations.

The possible can be conducted for creating and spreading fear in the industry to disrupt service and operations. The attacks by pro-Iranian entities can involve further capitalisation in the social media domain.

NEAR-TERM FORECASTS

Near-term cyberattacks can cause moderate to severe damage to the public-facing websites of the target organisations, leaving them inaccessible to the general public. The attacks can also put the industrial control systems (ICS) from Israel out of service with the capability of posing physical consequences. Physical infrastructural facilities like electric grids, alert systems, and billboards will be targeted.

Cyber attacks in the near term can also involve taking down sites, videos, and social media posts of tech companies. Therefore, the government and private entities need to practice increased supervision of the online platform to enhance surveillance and restrictive capabilities.

The authorities will likely strengthen the cybersecurity capabilities and measures to combat cyber-attacks. Keeping cognisance of the recent cyber-attacks, the risks of further attacks remain high.

The recent attacks related to data theft and ransom activities against government entities indicate further chances of large-scale attacks on websites of public and private importance, leading to large-scale disruptions to service.

The companies can experience disruptions in their local service centres, email, and other related infrastructure in the near term.

RECOMMENDATIONS

Organisations must give prevalence to DDoS attacks and invest in robust mitigation technologies and strategies. Such processes also need to involve real-time traffic analysis and snubbing to counter disruptions to service.

Tech companies must also ensure continuous vulnerability scanning of their critical infrastructure to identify and address cyberattacks and reduce risk exploitation by hacktivist groups.

Companies must develop and update incident plans to ensure security teams are well-prepared to counter cyber-security incidents. Companies need to invest in robust and training awareness programs for their employees. The companies must conduct regular cybersecurity drills and exercises for incident response plans.