On Sunday, Israel’s National Cyber Directorate issued its annual warning for possible cyberattacks to commemorate Iran’s Quds Day or Jerusalem Day as it’s called. This year it happens to fall at the end of Muslims’ holy month of Ramadan.
In 1979 as called the year of the Islamic Revolution, Iranians began celebrating this day through anti-Israel events and speeches. It is to show support to the people of Jerusalem and to “liberate” them from Israeli control.
According to the warning, Israeli websites should stay on high alert around 29th April, Friday this year. Apparently, they’re also backed by anti-Israel hackers worldwide using the hashtag “OPJerusalem”.
Over the last few years, many website breaches have taken place on this day or event in particular. They cyberattacked multiple websites and shared anti-Israel or pro-Palestinian messages. They often target web-hosting companies which house a huge number of websites to maximize the impact of attacks. They even attempted to hack into the systems of various organizations.
They were also responsible for information leaks released the same day. In 2020, the various hacked websites displayed stimulating videos of Israeli cities being bombed and destroyed. It also contained threatening messages stating the impending destruction of the country.
The Cyber Directorate shared all this information in a statement on Sunday.
As of late, tensions have been high. Israeli police have surrounded the Temple Mount compound. As a result of which there have been clashes between the Israeli police with Palestinian rioters in the last few weeks.
The Temple Mount holds a sacred position in the hearts of Muslims and Jews alike. It is considered one of the holiest places in Judaism and sitting atop it, Al-Aqsa Mosque is the third holiest Muslim shrine in Islam. Because of the sensitive status quo, Jews are allowed to visit; however, they cannot pray or practice their religious rites.
The directorate further said that the cyberattack attempts have significantly increased over the last month or so. Among these attacks, most have been DDoS or denial-of-service attacks. The hackers take control of the websites, bombard them with junk traffic and disrupt the availability of said websites. They also deface the websites by changing their visual appearance.
Just last week, Israel Airports Authority’s website was a target of a DDoS cyberattack. As a result of which, they had to take it down temporarily. A group of pro-Iranian hackers claimed responsibility for it.
The breach happened to coincide with the second anniversary of Qassem Soleimani, the head of the Quds Force of the Islamic Revolutionary Guard Corps, a US-designated terrorist organization which was carried out by the US.
In 2020, Israel became a victim of multiple cyberattacks suspected to be carried out by Iran, including one which targeted Israel’s water infrastructure in particular.
According to Einat Meyron, a cybersecurity consultant and cyber resilience expert, attackers “try to deface websites where they gain access, erase the homepage, and replace it with pro-Palestinian messages.”
On Sunday, she told The Times of Israel how the attacks had been just attempting to cause panic among the people.
“The goal is to sow panic and generate alarm. But we know from past years that [these types of attacks] are not very serious.”
She also said:
“There are situations where defacement is used as a smoke-screen to hide a more serious attack, so it’s good to be aware of the possibility.”
Meyron shared ways through which websites and organizations can keep them safe. For starters, updating all software is a must. Followed by implementing patches where necessary and enabling multi-factor authorization would also strengthen security considerably.
“Another thing website owners can do is ask their hosting companies about changing their passwords and how often they do so to stay ahead of breaches,” said Meyron, adding that she recommends password changes every three months or so.
She also said,
“These are all very simple, very basic things that people can do to secure their sites. Of course, systems like hospitals will likely have additional layers of protection than, say, a site that sells balloons for Yom Ha’atzmaut [Independence Day], but these are some simple precautions.”
Additionally, the directorate has instructed the general public to avoid downloading files sent from unknown sources and clicking on any dubious hyperlinks. If you encounter any such links, shut down the browser. Implement the use of a strong password for all your social media handles.
In case of cyberattacks or suspected ones, the cases should be reported directly at 119 to the directorate.