Cyber Warfare Escalates: Iran-Linked Groups Target Israel Amidst Conflict

During the recent ‘Roaring Lion’ operation, the cyber landscape saw an intense surge of activity, with ‘חדשות סייבר - ארז דסה’ reporting approximately 1,300 cyberattacks publicly announced against Israeli organizations. These claims were primarily disseminated across Telegram, attacker websites, and forums. The reporting highlights that over 100 distinct attack groups participated in this offensive campaign. While many groups engaged in relatively low-impact activities like DDoS attacks and rehashed leaked data, a significant portion of the threat originated from Iran.

According to ‘חדשות סייבר - ארז דסה’, Iranian-backed groups, including notable names like Handala, Homeland Justice, Sons of Ishmael, Anonymous for Justice, Ababil of Minab, and APT Iran, were at the forefront. Their operations spanned various tactics, such as data wiping against an estimated 50 organizations (aligning with broader cybersecurity authority reports) and significant data exfiltration targeting high-profile individuals in Israel’s defense sector, the INSS think tank, and various business entities. Notably, the Handala group seemed to focus its intelligence gathering on senior defense figures.

Beyond direct attacks on Israel, these groups extended their operations to other nations in the context of the ongoing conflict. ‘חדשות סייבר - ארז דסה’ points to Handala, APT Iran, and Minab targeting entities in the United States, while Homeland Justice reportedly hit government bodies in Albania. In contrast, ‘חדשות סייבר - ארז דסה’ suggests Israel’s offensive cyber operations remain largely unpublicized, focusing on tangible impact rather than PR, with limited reports of disruptions to Iranian banking systems and infrastructure related to their cyber apparatus.