The conflict in Israel is intensifying and turning into a true cyberwar.
Several cyberattacks on Israeli private companies in the energy, defense, and telecommunications sectors have been linked to a group of hackers from Gaza. Microsoft's annual Digital Defense Report, which tracks the campaign under the name Storm-1133, provided specifics about the activity.
Since the majority of the activity is focused on groups that are thought to be hostile to Hamas, the assessment demonstrates that the group promotes the interests of the Hamas group. The campaign targeted targets that were devoted to Fatah, the Palestinian political party with its West Bank headquarters, as well as organizations in the Israeli energy and defense sectors.
The attack chains use a combination of social engineering and fictitious LinkedIn profiles* impersonating Israeli project managers, software developers, and HR managers to send phishing emails, gather information, and spread malware to staff members of Israeli businesses.
Microsoft also noted Storm-1133's attempts to infiltrate the computer networks of outside groups with connections to Israeli targets. Backdoors and configurations that enable the group to dynamically update command and control (C2) infrastructure hosted on Google Drive are both part of the intrusions' design. Operators can avoid some static network defenses using this technique.
The cyberattacks coincide with recent claims that the Dorad power plant in Ashkelon, one of the biggest privately owned power plants in Israel, was hacked by the hacker group Cyber Av3ngers, which has previously claimed responsibility for attacks on oil refineries and electricity systems in Israel. One of many hacker groups with connections to Iran and its allies is the Cyber Av3ngers group.
Comments 0