Hackers who previously targeted Bay Area terrorize Israel, wage cyberwarfare in Middle East

Friday, October 20, 2023

How hackers are terrorizing Israel with cyberwarfare in Middle East

An Israeli-based cyber security firm says hundreds of cyber-attacks are targeting innocent civilians and emergency alert systems.

SAN FRANCISCO (KGO) -- An Israeli-based cyber security firm says hundreds of cyber-attacks are infiltrating government and news agencies in the Middle East - targeting innocent civilians, emergency-alert systems, and in some cases even hacking technology inside people's homes to terrorize them.

As the conflict between Israel and Hamas continues to escalate, cyber-security experts warn of another war looming on the dark web.

"Cyber warfare is taking a huge part of the overall warfare," said Gill Messing, the Chief of Staff for Check Point Software, a cyber-security firm based in Tel Aviv.

MORE: Oakland ransomware attack: Leaked data has more than 3.1K views on dark web

Messing says he's tracking more than 40 groups conducting attacks that disrupted more than 80 Israeli websites for both government and news agencies since the start of the war - some of which are believed to be coordinated attacks with Hamas.

Congressman Jim Himes (D-CT) is the ranking member on the House Select Committee on Intelligence, who recently had a classified briefing on the matter.

"We did see cyber activity not just Hamas actors, but sympathizers of Hamas... It's painful even to say it. But their objective here was to inflict the maximum amount of casualties on innocent civilians," said Rep. Himes.

Some of the groups that are targeting Israel have a history of targeting the U.S., California, and even parts of the Bay Area. According to Messing, this includes two Russian-based groups called "Anonymous Sudan" and "Killnet" that managed to hack into the systems at the Oakland Airport around six months ago. Now, he says they're preying on innocent civilians.

According to the company, these groups are trying to take down emergency websites and applications, like Israel's Red Alert app, that warns civilians about incoming missiles. In other instances, Messing says hackers are terrorizing digital billboards in Israel.

"They've managed to change the image, instead of showing an image of rallying the troops around the war, they show the horrific footage of people getting killed and the Israeli flag on fire," said Messing.

VIDEO: Bay Area Jewish community ties ribbons, rallies for Israel as war in Middle East continues

After Oakland was targeted with a ransomware attack by group "Play," the stolen data has more than 3,100 views on the dark web as of Thursday evening.

From random threatening calls and text messages to haunting smart homes. This affects homeowners who control their appliances, lights, and other devices through an internet connection.

"Think of yourself or anyone at 4:30 in the morning, then all of a sudden the shades go up and down, the lights go on and off, children are waking up, it feels like the house is haunted," Messing said.

Cyber analysts believe the hackers include teens as young as 16 years old to sophisticated state sponsored governments conducting attacks from Russia, Indonesia, Sudan, Egypt, Jordan, and even some on the Gaza Strip.

Messing says one of the groups called Ghosts of Palestine leaked credentials of civilians using Israeli government websites.

"People are amplifying information, quite often misinformation or disinformation, that is most often consistent about their point of view," said Rep. Himes. "So there's a lot of people trying to wade through everything they see on social media to figure out what is true."

From widespread hacks to data breaches--one of the largest affecting a university where Messing says hackers leaked 250,000 records of students and staff over the weekend. This leak involved a series of threats about the students and the stolen data on the messaging app Telegram saying "We got them all" with a knife emoji.

Check Point Software reports the threats quickly turned into phishing scams where hackers are starting to impersonate donation efforts.

"There are bad actors that like to take advantage via fake charities and fake donation sites that try to take advantage of the situation for monetary benefit," said Chris Nottingham, a Security Engineering Manager for Check Point Software.

According to Messing, the same coalition of hackers that shut down American airports one year ago also claimed responsibility for attacking the websites of critical infrastructure in Israel, including the Israeli Electric Grid and the Siren Alert Service.