Last week cyber news
An Iranian cyber group named Handala claims to have breached Israel’s radar systems and sent hundreds of thousands of threatening text messages to Israeli citizens. The group alleged it infiltrated the radar systems and dispatched 500,000 text messages to Israeli citizens. “You have only a few hours to fix the systems,” the message warned. While the attackers’ claims remain unverified by official Israeli sources, security experts in Israel are expressing increasing concern over the possibility of Iranian cyber-attacks aimed at critical national infrastructure, especially after last night’s escalation between the two countries.
Last week on 07.04 the anti-Israeli cyber operation, OpIsrael, took place and it seems that it passed relatively quietly
True, there was a significant increase in the number of attacks, but the vast majority were small and insignificant attacks. At this point it seems that the Iranian Jerusalem Day (5.4.24) was more significant in cyber aspects.
During OpIsrael small attack groups attacked websites in Israel, in some cases it was a short DDoS attack and in others the attackers vandalized the website with anti-Semitic messages. (The other things such as leaked information, etc. were mostly fake news or recycling of old information)
An attack group announced that it managed to penetrate the systems of the most sensitive office in the State of Israel
Security sources confirmed to “Israel Today” that there was indeed an intrusion, but refused to specify what information was leaked. The Ministry of Defense’s response: “The incident is known to the Ministry of Defense. The authorized officials in the Defense Division in cooperation with the Internal Security branch of the Ministry are examining the incident. These are websites accessible to the public. There is no risk to classified infrastructures and systems.”
Google announced a monthly paid enterprise version of Chrome with new security capabilities
The new version is currently available to organizations for $6 per user. In the premium version, features will be added such as: a broad virus scan, website filtering by categories, protection mechanisms against information leaks and more…
Cyber attacks during Operation “Iron Swords”
Head of the National Cyber System Gabi Portnoy at the Cybertech conference: “The intensity of cyber-attacks has increased since the beginning of the war – three times than before,” said Gabi Portnoy, head of the national cyber system, at the Cybertech Global conference held this week on April 9, in Tel Aviv. Portnoy also revealed at the conference the members of the hacker group “Black Shadow” which operates under the cover of a private company in Tehran but works for the Iranian Ministry of Intelligence.
Portnoy described the cyber space during the war and said that together with the war effort in the various arenas, “in the cyber arena according to the order of the Iranian leader Khamenei, all the cyber-attack groups operating on behalf of Iran and Hezbollah began to attack Israel around the clock.” Moreover, Portnoy noted that “the cooperation between Iran and Hezbollah increased during the war, as we saw in the coordinated attack against Ziv Hospital in Safed.”
At the conference, Portnoy revealed the Iranian attack group operating on behalf of the Iranian Ministry of Intelligence and known mainly under the nickname “Black Shadow”. Portnoy revealed that the group operates under the guise of the Jahat Perdaz company, established in 2013, which allegedly deals in the field of IT and software and works from an office building in the heart of Tehran. The Black Shadow attack group, whose name has previously been published several times in the Israeli media as being responsible for a series of cyber-attacks against Israeli companies, is also known by the names “Agrius” and “Malek Team”.
Recently, against the background of the war, the group tried to attack a wide variety of sectors in Israel, including organizations in the fields of academia, tourism, media, finance, transportation, health, government, and technology. The scope of the group’s activity increased during the “Iron Swords” war, at the same time as other attack groups from Iran and around the world. Despite the efforts to cause damage to the economy, recently the group’s ability to produce significant damage to the economy has been damaged.
The Black Shadow attack group is well known to the cyber defense community and was recently exposed in the Iranian media, on the “Iran International” website, including its location and the names and photos of the company’s employees. In doing so, it lost the dimension of secrecy in its activity, which is a cornerstone of offensive cyber activity.
Portnoy also said at the conference: “I’m worried about what might be hiding behind the veil that we still don’t see, and that might contain the next cyber surprise. I ask myself every day, what will happen on October 7 of the cyber world.” According to Portnoy, “Influence campaigns that are empowered by artificial intelligence carry with them scenarios of damage that involve risks and can affect trust between people in the digital world. In the digital age, the loss of trust in digital services and information can cause damage to functional continuity and governance.”
