Cyber attacks flare up alongside Israel–Hamas conflict
There has been a marked increase in cyber threat activity since the beginning of the latest conflict between Israel and Hamas, which is putting businesses at greater risk of network denial-of-service attacks, according to SecurityHQ.
Researchers from the company have identified a notable increase in the number of attacks since the flare-up of the conflict in October, with a significant number of threat actors pledging their support and services to both sides in the conflict, the company’s November threat advisory states.
The majority of threat actors have been siding with pro-Palestinian groups, with many adopting the stance of their home nation, such as pro-Russian groups taking Russia’s side in the conflict and taking up digital arms against Israel and their supporters. To date, SecurityHQ has observed 93 pro-Palestinian groups and 17 pro-Israeli groups.
The most common techniques include DDoS attacks, exploits of public-facing applications, data manipulation, attempts at supply chain compromise and system information discovery, SecurityHQ said.
One pro-Palestinian actor has also published a mobile app called Red Alert: Israel, which purports to be an early-warning app for rocket attacks, but appears instead to be spyware and to have the objective of intercepting alert requests and stealing sensitive data.
Many industries are being caught in the crossfire, with organisations associated with entities or nations that have already taken a public or political stance backing either side of the conflict at risk of being targeted, the threat advisory states.
To address the threat, SecurityHQ recommends hardening IT environments against attacks, particularly DDoS attacks.
Options include enabling rate limiting to restrict network requests, adopting filtering services for DDoS traffic, implementing IP blocking using threat intelligence, enabling CAPTCHA to differentiate between bots and legitimate users, and employing anomaly-based detection to identify abnormal traffic and trigger defensive actions.
CrowdStrike to buy Adaptive Shield
CrowdStrike is augmenting its SaaS security capabilities through the acquisition of Israeli-based...
LockBit named nastiest malware of 2024
LockBit, a ransomware malware known to have been used to attack Australian targets, has been...
Extreme Networks launches ZTNA solution
Extreme Networks' new ExtremeCloud Universal ZTNA solution combines cloud network access...