By using ECSS site, you agree to the Privacy Policy and Terms of Use.
Accept
ECSS - Egyptian Center for Strategic StudiesECSS - Egyptian Center for Strategic Studies
  • Home
  • International Relations
    International Relations
    Show More
    Top News
    African Natural Resources: Opportunities and Challenges
    June 14, 2020
    Quartet ends boycott of Qatar
    January 9, 2021
    Talibanistan or Civil War: Scenarios for the Afghanistan Crisis
    August 30, 2021
    Latest News
    Structural Causes of Economic Decline in South Africa
    March 18, 2023
    Consolidation of Presence: Israel Heads to West Africa via Sudan and Chad
    March 11, 2023
    Opportunities and Challenges: Turkish Rapprochement with the Syrian Regime
    March 9, 2023
    Challenges and Risks: Nigeria’s General Elections
    March 8, 2023
  • Defense & Security
    Defense & Security
    Show More
    Top News
    Egypt’s Vision for Combating Terrorism
    June 22, 2020
    Strategic partnerships: Al-Sisi’s messages on Egyptian-Iraqi relations at Baghdad Summit
    September 5, 2021
    Egypt-Kenya military and defense pacts
    June 10, 2021
    Latest News
    ChatGPT: Promising Applications, Potential Difficulties
    March 6, 2023
    Coping with Challenges:
    ISIS from Operation Kayla Mueller to the Syria Earthquake
    March 4, 2023
    Reasons and Ramifications of Al-Shabaab’s Retreat from its Positions
    January 30, 2023
    Task Force 59: The New US Military Deployment Pattern in the Middle East
    November 30, 2022
  • Public Policy
    Public Policy
    Show More
    Top News
    Human Rights in Egypt: Pragmatic Translation of Political Will
    June 22, 2020
    Lebanon’s economic crunch and fuel shortages
    September 12, 2021
    New Policies to Provide Effective Training for Teachers
    August 24, 2022
    Latest News
    Imminent Challenges: Hunger and Global Food Security Disruption
    March 14, 2023
    How will Forward Exchange Contracts Affect Egypt’s Market Stability?
    January 24, 2023
    Egypt’s Economic Gains from COP27
    December 14, 2022
    Global Crisis: Whither Inflation?
    December 8, 2022
  • Analysis
    • Analysis
    • Analytical article
    • Opinions Articles
  • Activities
    • Conferences
    • ECSS Agenda
    • Panel Discussion
    • Seminar
    • Workshops
  • ECSS Library
    • Books
    • Digital Editions
    • Periodicals
    • Special Editions
  • العربية
  • Advertise
All Rights Reserved to ECSS © 2022,
Reading: Iran’s Cyberattack on Israel: Background and Significance
Share
Notification Show More
Latest News
Structural Causes of Economic Decline in South Africa
African Studies
Reflecting on the Arab Regional System
Opinions Articles
A Gray Phase: Have the West and Iran Agreed on the Red Lines?
Analytical article
Imminent Challenges: Hunger and Global Food Security Disruption
Economic & Energy Studies
New Tactics and Multiple Challenges Evaluating Combat Efficiency of Russian-Ukrainian Air Operations
Analytical article
Aa
ECSS - Egyptian Center for Strategic StudiesECSS - Egyptian Center for Strategic Studies
Aa
  • اللغة العربية
  • International Relations
  • Defense & Security
  • Special Edition
  • Public Policy
  • Analysis
  • Activities & Events
  • Home
  • اللغة العربية
  • Categories
    • International Relations
    • Defense & Security
    • Public Policy
    • Analysis
    • Special Edition
    • Activities & Events
    • Opinions Articles
  • Bookmarks
Follow US
  • Advertise
All Rights Reserved to ECSS © 2022, Powered by EgyptYo Business Services.
International Relations

Iran’s Cyberattack on Israel: Background and Significance

Dr. Raghda al Bahi
Last updated: 2022/03/29 at 12:02 PM
Dr. Raghda al Bahi
Share
15 Min Read
SHARE

On 14 March Israel came under a cyberattack that hit several government websites on the domain “.gov.il” that is being used by government entities except the Ministry of Defense. The attack took down several websites, primarily those of the ministries of Interior, Health, Justice, Welfare and Social Affairs, and the Prime Minister’s Office. 

The Nature of the Attack

A Denial-of-Service (DoS) attack flooded the government domain with traffic and access requests causing several Israeli government websites to go down. The attack was carried out through hacking servers of two internet suppliers, namely Cellcom and Bezeq that provide their services to the Israeli government. A few days after the attack, the affected websites became accessible not only from inside Israel but also from outside, as has been confirmed by internet watchdog NetBlocks.  

Amid the wide-ranging debate within the Israeli security institutions geared towards analyzing the attack to identify its possible ramifications, determine how likely other public utilities are subject to such attacks, and ascertain the capacity of electricity and water companies, among others, to provide their services to the public if similar attacks occur, analyses of Israeli newspapers and the defense institutions varied significantly in their characterization of the attack. On the one hand, the defense ministry described it as extraordinarily dramatic, the “biggest in Israel’s history”, and the most comprehensive, intimating that a state or a major organization may be behind it and warning of its repercussions. On the other hand, the Israeli Ministry of Communications led by Yoaz Hendel downplayed the attack and denied any possible leak of critical information or any targeting of sensitive security government sites, describing it as being non-advanced that didn’t affect the day-to-day business.

Official and unofficial Israeli media pointed the finger at Iran. Haaretz, for instance, warned against underestimating the Iranian threats that would leave Israel facing a possible violent confrontation. Jerusalem Post attributed the attack to the Iranian hacking group Black Shadow which already claimed responsibility for the attack that targeted dozens of Israeli government websites which the Mossad and other concerned institutions failed to secure, causing the Israeli cyberspace to collapse and satellite communications to cease operating. Israel Hayom accused Iran of carrying out the attack against the backdrop of Iranian allegations of an Israeli attempt to target one of its nuclear facilities. According to Israel Hayom, Iran’s Islamic Revolutionary Guard Corps (IRGC) sharing an ominous message with the word “surprise” in Hebrew on its Instagram account hours before the cyberattack supports this argument. 

Explicative Drivers

Simultaneously with the cyberattack on Israel, the Iranian Students News Agency (ISNA) announced that websites of the Iranian Ministry of Culture and Islamic Guidance have been attacked, where hackers posted the phrase “Death to Khamenei” and pictures of Maryam Rajavi, leader of the People’s Mujahedin of Iran (MEK) and her husband Massoud Rajavi.

While several Iranian media outlets indicated the involvement of Mujahedeen-e-Khalq in this attack, the Iranian government didn’t confirm or deny this. Hours later, the IRGC claimed responsibility for the cyberattack on Israel, leading analysts to suggest that the Iranian government had another suspect.

In fact, the cyber-attack on Israel can be linked to Iran’s desire for revenge after thwarting a sabotage attempt by the Mossad against the Fordow Fuel Enrichment Plant (FFEP) northeast of the city of Qom, south of Tehran. In a statement following the attack on FFEP, the IRGC Intelligence Unit announced the arrest of all elements involved in the act of vandalism. According to the IRGC report, the sabotage act was planned by a Mossad officer who recruited a neighbor of a staff member of the FFEP and provided him with cash and a laptop to send him information through secure communications. Notably, the employee in question used to work at FFEP on advanced IR6 centrifuges before the plot was revealed. Noteworthy, the FFEP is the second Iranian uranium enrichment facility, after the Natanz facility. Under the 2015 nuclear agreement, FFEP turned into a research center. However, with the US withdrawal from the agreement in 2018, Iran reneged on its commitment and boosted uranium enrichment to 20 percent last December

Additionally, in the past period, Iran claimed to have arrested several Mossad agents, which perhaps explains its targeting of the Mossad’s secret sites in Erbil on 13 March 2022 with ballistic missiles. In Syria, a week before the attack, two IRGC leaders were killed in an Israeli airstrike on Iranian arms and ammunition depots near Damascus International Airport, which Iran vowed to respond to stating, “Israel will pay the price for this crime.”  

Relatedly, some analyzes associated the cyberattack on Israel with Israel’s  “war-between-wars” campaign that has been going on between the Israel and Iran for at least three years (at least in Syria) in what could be called a cold war between the two countries that  militate against a comprehensive military confrontation yet gives rise to several cyberattacks by both sides, particularly given their lower cost and ability to target sensitive intelligence and impact critical IT systems and infrastructure facilities.

Vicious Cycles of Attack and Retaliation

In 2021, Iran and its proxies hacked dozens of Israeli public and private institutions to achieve different goals, including espionage and theft of sensitive information, among others. Towards achieving that, Iran has recruited some of the popular hacking groups, including the Musa Stick Group, which first came to be known in October 2021 and aims at inflicting major damage on Israeli companies by leaking their stolen sensitive data. In effect, Musa Stick has previously hacked databases of Rafael Dynamic Defense Company, Israel Aerospace Industries, and three Israeli engineering firms. The attack on the engineering companies took place in November 2021 and resulted in theft of their data, engineering schemes, customer data, and business agreements.

Additionally, the Black Shadow group managed to leak the medical records of 290,000 patients, which necessitated convening emergency meetings of the security and medical agencies to prevent the hacking of databases of 9 Israeli hospitals. In a related development, Hillel Yaffe Medical Center in Hadera came under an Iranian ransomware attack in October 2021 where a ransom of $10 million was demanded. The attack paralyzed the hospital for a quite some time, inflicting damage on all the hospital systems, causing the Israeli Ministry of Health to admit its incapacity to confront the attacks, following secret investigations by the security services, which in turn confirmed that Israel isn’t not ready for cyber warfare.

Relatedly, the Iranian APT35 group, otherwise known as Charming Kitten, exploited vulnerability in the open source Log4J logging service –integrated with a variety of popular frameworks used by millions of service and web applications, including Apple, Google, Amazon, Microsoft products– against targets in Israel. Further, seven Israeli government and commercial websites were hit by a cyber-attack in December 2021; however, it was thwarted by CheckPoint cybersecurity provider.  

In vicious cycles of attacks and counter-attacks, Israel, too, carried out several cyberattacks on Iran, the most serious of which targeted Iran’s nuclear facilities. Over the past decade, the Natanz nuclear facility suffered several cyberattacks. The beginning was in 2010 with the Stuxnet worm disabling centrifuges in the facility. Then, in 2020, the facility witnessed a massive explosion that was described by Iranian authorities as being an act of sabotage. In 2021, upon the start of mechanical tests on the top-of-the-line IR9 centrifuge, a blackout hit the electrical distribution grid of the Natanz, causing fingers to be pointed at Israel for a potential cyberattack.

Remarkably, the Israeli cyberattacks on Iran went beyond nuclear facilities to include various industrial, commercial, and energy facilities as well. In November 2021, Israel launched a cyberattack on Iran’s gas stations, paralyzing 4,300 gas stations and causing them to cease functioning for 10 days. This attack, which hit civilian targets, marked a major shift in the shadow war that Israel and Iran have been engaged in for years on land, sea, air, and cyberspace. 

Considerable Implications

The timing of the cyberattack on Israel was no accident. It came at a time the world’s attention was directed towards the Russo-Ukrainian war which made it seem as if it was a Russian act against Israel as a punishment for its opposition to Russia or its efforts to mediate between Russia and Ukraine. However, given the relentless conflict that has been intensifying between the two countries for years, it can be argued that the Iranian cyberattack on Israel wasn’t abrupt or unexpected. 

Overall, DoS attacks do not pose a major risk as they do not usually result in leakage of sensitive data. So, they are generally considered less dangerous and less complex. Further, there is no evidence that these attacks result in major sensitive data breaches. Nevertheless, this doesn’t mean they are less effective or non-significant. In effect, cyberattacks of different types have proven effective in achieving salient goals, including sparing direct confrontation between the two parties, particularly given the high cost of direct war and the international condemnations it may give rise to.    

The Iran-Israel cyber conflict revealed Israel’s incapacity to go to a direct war with Iran, which pushes it to engage in cyberwar or a “shadow war” through the assassination of nuclear scientists with the aim of undermining the Iranian nuclear program, demonstrating the threats Iran’s nuclear program poses to the region in view of capabilities of neighboring countries, and legitimizing the Israeli position opposing the Iranian nuclear program by demonizing Iran’s security threats and exaggerating their potential threats not only to Israel but to the West as well.

Iran, in return, managed to evince the Israeli vulnerability and failure of the Israeli security institutions to protect their cyberspace at a time Tel Aviv has been promoting its security and military industries and boasting its technological superiority to boost its exports of technology and spyware. Coming under such attacks undermines Israel’s technological image worldwide and raises doubts about the solidity of its cyber security, failing several times to respond to DoS attacks despite their prevalence and uncomplicated nature. Attack after another, Iran managed to achieve this gradually through cyber-attacks that resulted in the leakage of personal information about the Israeli Defense Minister and hundreds of soldiers as well as hacking of Mossad’s chief phone, among other prominent security figures.

In short, the growing cyber conflict between Israel and Iran, described as being a cyberwar, will likely remain a major arena of confrontation at the present time. Given the scale of attacks that Israel has been facing since 2020 the cyberwar will perhaps prove to be more critical in the short term amid a massive global rise in cyberattacks since the outbreak of the Covid-19 pandemic and in the aftermath of the Russo-Ukrainian war that led to an increase in cyberattacks against Israel by 21 percent. Arguably, this shadow cyberwar may escalate into an open warfare driven by the move of Iran’s security agencies in this direction.

Related Posts

Structural Causes of Economic Decline in South Africa

Imminent Challenges: Hunger and Global Food Security Disruption

Consolidation of Presence: Israel Heads to West Africa via Sudan and Chad

Opportunities and Challenges: Turkish Rapprochement with the Syrian Regime

TAGGED: Cyberattack, Featured, Iran, Israel
Dr. Raghda al Bahi March 29, 2022
Share this Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Telegram Email Copy Link Print

Stay Connected

Facebook Like
Twitter Follow
Instagram Follow
Youtube Subscribe

Latest Articles

The Security and Democracy Conundrum in West Africa: The Case of Burkina Faso
The Security and Democracy Conundrum in West Africa: The Case of Burkina Faso
International Relations March 17, 2022
Employing identity Conflicts: Turkey between Secular Ruins and Ottoman Caliphate Endeavors
Analysis Analytical article September 13, 2020
Five Barriers: Taliban’s Psychology and Challenges of Transforming into a Government
Analysis September 19, 2021
Parallel War: Nord Stream Bombings Increase Frontlines Between Russia and the West
International Relations November 1, 2022

Latest Tweets

International Relations

  • African Studies
  • American Studies
  • Arab & Regional Studies
  • Asian Studies
  • European Studies
  • Palestinian & Israeli Studies

Defence & Security

  • Armament
  • Cyber Security
  • Extremism
  • Terrorism & Armed Conflict

Public Policies

  • Development & Society
  • Economic & Energy Studies
  • Egypt & World Stats
  • Media Studies
  • Public Opinion
  • Women & Family Studies

The Egyptian Center for Strategic Studies is an independent non-profit think tank, providing decisions-makers by Policy alternatives, the center was establised in 2018 and comprises a group of experts and researchers from diffrent generations and scientific desciplines. 

All Rights Reserved to Egyptian Center for Strategic Studies - ECSS © 2022

Removed from reading list

Undo
Welcome Back!

Sign in to your account

Lost your password?