Israel-Hamas conflict extends to cyberspace

Amid the ongoing conflict between Israel and Hamas, a new battleground has opened up in cyberspace, with hackers from both sides trying to attack each other's infrastructure.

“Analysts have noted public instances of DDoS attacks, website defacements, and increased dark web discussions from various threat actor groups," said Ian Gray, vice president of cyber threat intelligence operations at cybersecurity company Flashpoint. "Ongoing physical conflict within the region is likely to attract additional hacktivist groups that are either ideologically, politically, or opportunistically supporting either Israel or Palestine."

Data from cloud security and content delivery company Cloudflare, meanwhile, show signs of cyberattacks in the form of DDoS attacks impacting both Israel and Palestine.

"Two autonomous systems in the Gaza Strip went offline a few hours after the Hamas attacks on October 7. Subsequently, on October 9, two additional networks also experienced outages. We also saw an uptick in cyberattacks targeting Israel, including a 1.26 billion HTTP requests DDoS attack, and Palestine," Cloudflare said in a blog post.

Leading the pro-Palestine offensive are a couple of Russian-backed hacker groups -- Killnet and Anonymous Sudan -- that took to Telegram and claimed responsibility for the recent attacks on Israeli government websites and the Jerusalem Post, respectively. Anonymous Sudan also claimed responsibility for targeting Israel's Iron Dome, the country's all-weather, air defense system.

Other hacktivist groups have also joined the conflict. On October 7, pro-Palestine hacktivist group Mysterious Team Bangladesh announced its support for Hamas on Telegram, using trending pro-Palestinian hashtags including #FreePalestine and #OpIsraelV2.

"Mysterious Team Bangladesh claims support for Anonymous (Sudan)," Flashpoint’s Gray said. "Their channel also promotes multiple pro-Muslim and pro-Palestinian hacktivist campaigns. Mysterious Team Bangladesh has amplified content from several pro-Palestinian hacktivist groups."

These groups include Team_Azrael_Angel_of_Death, GanosecTeam, HacktivistIndonesia, GarudaAnonSecurity, KEPTEAM, TeamInsanePakistan, and Xv888. The groups have claimed responsibility for attacks across numerous Israeli internet domains.  

There have also been cyberattacks targeting Palestine by an India-based hacktivist group called Indian Cyber Force. The group has shown solidarity with Israel in the current conflict and has taken responsibility for bringing down the websites of Hamas, Palestine National Bank, Palestine Web Mail Government Services, and Palestine Telecommunication Company.

"Indian Cyber Force has previously initiated several cyber campaigns in support of India. Their previous targets include Bangladesh and Canada. It appears that Bangladesh was targeted regarding their relationship with Pakistan," Flashpoint said in a report.

India caught in the crossfire

India's open support for Israel in the ongoing conflict has also dragged the country into this cyber warfare. Several hacktivist groups objected to India's support for Israel in the current conflict and its departure from a traditional neutral stance in the Israel-Palestine conflict.

Hacktivist group Ghosts of Palestine posted a message on Telegram channel claiming that it was targeting India. The message clearly highlighted that the cause of the attacks was India's support for Israel.

On October 9, several media reports cited undisclosed sources confirming attempts of cyberattacks on Indian government websites, including those of the Delhi government and India's top medical sciences institute, AIIMS.

On the same day, multiple hacktivist groups were found planning cyberattacks on India due to India's extended support toward Israel, cybersecurity firm CloudSEK's contextual AI digital risk platform XVigil discovered.

"The cyberattacks on India are to be conducted under their hacktivist campaign #OpsIsrael #OpIsraelV2," said Rishika Desai, cyber intelligence lead at CloudSEK. "The motivations behind these attacks primarily revolve around political factors and the attack vector for the campaign will likely be mass defacement, data breaches, credential leaks, and DDoS attacks."

A CloudSEK report on the discovery noted that several hacktivist groups were found attacking Indian government domains between October 7 and October 9. The groups included Syhlet Gang, Garnesia Team in alliance with Moroccan Black Cyber Team, System Admin BD, and Cyber Error System.

As the physical conflict rages between Hamas and Israel on the ground, according to experts, the cyber warfare could extend to other countries that are seen supporting either side.