Israel & Iran Locked In Cyber Conflict

Millions of people in Iran and Israel have found themselves in the crossfire as a result of the cyber conflict between their countries.

The shadow war between Israel and Iran is increasingly being fought in cyberspace and civilians are the latest targets in this long-running conflict. 

Where once only so-called hard targets, like weapons systems and critical infrastructure, would be regarded as fair game, now small businesses and even members of the public are finding themselves at risk.

Currently Israelis are assessing the wreckage after attacks by a suspected Iranian-linked hackers group Black Shadow on a medical institute which compromised  nearly thousands of patients medical files and Black Shadow also hacked a dating website that meant the leaking of tens of thousands of Israelis private data.

The exchange points to a new trend of targeting civilians and the two attacks appear to be the first that caused widespread harm to civilians, auguring an escalation in the cyber conflict as softer targets are drawn into the line of fire. “Black Shadow is a cover for an Iranian attack group which operates under a criminal cover,” Harel Menashri, an official with Israel’s internal security service Shin Bet, told the Kan television network. “Iran works through the cyber systems from a strategic point of view - to damage Israel’s financial and intelligence sectors.”

Iran-Israel cyber war has been going strong since at least April 2020. This comes on the heels of a recent cyber attack that disrupted people from purchasing  petrol at approximately 4,300 stations in Iran. The attack incapacitated a system used by Iranians to purchase gas at a subsidised rate, taking approximately 12 days before operations were fully restored. Iran as well as at least two US defense officials have pointed to Israel’s culpability in the attack.

In the past several months, those strikes have escalated. Fuel supply systems, railway controls, and an airline in Iran have all faced attacks. At the same time, hackers have posted the personal information of a million Israeli LGBTQ dating app users, and exposed certain details about the Israeli army. 

The high-profile hacks on Iranian infrastructure have been wide-ranging in their targets and attributed to both state-sponsored actors and independent hacking groups. But they have one thing in common: They’ve caused chaos and confusion for ordinary people and businesses in the country. Moreover, the offensive cyber warfare that Israel is encouraging attests to the fact that it is finding it difficult to understand the codes that guide the Iranian leadership. 

Israel  has  experienced cyber security failures in protecting its own facilities, while Iran has been retaliating, targeting Israeli targets. Iranian actors are alleged to have conducted attacks against Israeli water distribution plants that attempted to modify chlorine levels in the water supplied to Israeli homes.

While the two countries have engaged one another covertly in air, land, sea, and cyberspace, for the past year both have appeared to move away from traditional symbols of state power such as military sites, individuals of interest, or government facilities, to civilian infrastructure. A closer look at this new type of Israeli-Iranian exchange suggests that cyber warfare is maturing into a new phase, where new rules of engagement and deterrence are in the process of being established.

The intent of these attacks is quite clear: to inflict pain on the civilian communities in their respective countries in a show that neither government can protect them.

Whether one thinks of climate change, international terrorism, or cyber threats, all such challenging contemporary phenomena necessitate a framework for international co-operation. Even as cyber warfare becomes more established and moves into the public view, it is still an uncontrolled realm. There are no hard international rules resembling the accepted conventions of armed conflict. This leaves state actors to push boundaries, with dangerous margins for error.

Oodaloop:     Haaretz:      NYT:       Wired:       Foreign Policy:     CCDOOE / NATO   

Independent:       ArabNews:       BDNews:     Times Of Israel

You Might Also Read: 

Cyber Warfare Is The New Frontier:

 

« Best Programming Languages For Cyber Security In 2022
Volvo Falls Victim To Hackers »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Infosecurity Europe

Infosecurity Europe

Infosecurity Europe is Europe’s number one information security conference and exhibition.

ASIS International

ASIS International

ASIS International is a global community of security practitioners with a role in the protection of assets - people, property, and/or information.

Davis Wright Tremaine (DWT)

Davis Wright Tremaine (DWT)

Davis Wright Tremaine is a full-service law firm with offices throughout the US and in Shanghai, China. Practice areas include Technology, Privacy & Security.

Perspective Risk

Perspective Risk

Perspective Risk provides penetration testing, security assessments, risk management & compliance solutions, InfoSec training and consultancy services.

France Cybersecurity

France Cybersecurity

France Cybersecurity represents the French cybersecurity industry to raise international awareness of French cybersecurity capabilities and solutions.

Canadian Security Intelligence Service (CSIS)

Canadian Security Intelligence Service (CSIS)

CSIS collects and analyzes threat-related information concerning the security of Canada in areas including terrorism, espionage, WMD, cybersecurity and critical infrastructure protection.

Carson & SAINT

Carson & SAINT

Carson & SAINT is an award-winning consulting firm with deep experience in cybersecurity technology, software, and management consulting.

Sabasai

Sabasai

Sabasai specialises in all aspects of insider threat management from training and education to building security frameworks and insider threat programs to on-site risk & vulnerability assessments.

Bowbridge

Bowbridge

Bowbridge provides anti-virus and application security solutions for SAP systems.

Segusoft

Segusoft

With its encryption platform SEGULINK, Segusoft provides standard software for companies to securely transfer files and messages.

National Digital Exploitation Centre (NDEC) - United Kingdom

National Digital Exploitation Centre (NDEC) - United Kingdom

NDEC is a project to create a centre of cyber and digital development and education for the UK. It will offer training in digital practices, cyber security and research.

Slovenska Akreditacija (SA)

Slovenska Akreditacija (SA)

Slovenska Akreditacija (Slovenia Accreditation) is the national standards accreditation body for Slovenia.

ST Engineering Antycip

ST Engineering Antycip

ST Engineering Antycip (formerly Antycip Simulation) is Europe’s leading provider of professional grade COTS simulation software, projection & display systems, and related engineering services.

Central Intelligence Agency (CIA) - USA

Central Intelligence Agency (CIA) - USA

The CIA is an independent agency responsible for providing national security intelligence to senior US policymakers. This includes cyber security related activities.

Techmentum

Techmentum

At Techmentum, our mission is to utilize technology to help companies succeed. Our expertise includes fully managed IT services, cybersecurity, cloud, and custom technology solutions.

GoCloud Systems

GoCloud Systems

GoCloud is an IT consulting firm. We provide IT strategy and cloud adoption services to the New Zealand Government, Non-Profit Organisations and private industry.