CyberSecurityBoard
Sponsor Register Login

Hamas Cyberattacks Ceased After the Oct. 7 Terror Attack. But Why?

Cyber threat actors linked with Hamas have seemingly ceased activity ever since the terrorist attack in Israel on Oct. 7, confounding experts.
Russia's invasion of Ukraine - preceded and supported by historic waves of cyber destruction, espionage, and misinformation - is, of course, the quintessence.
If today's playbook is to support resource-intensive kinetic war with low-risk, low-investment cyber war, Hamas has thrown out the book.
Failing to ramp up cyberattacks prior to Oct. 7 might be construed as strategic.
For a case study in what that looks like, take BLACKATOM - one of the three primary Hamas-linked threat actors, alongside BLACKSTEM and DESERTVARNISH. In September, BLACKATOM began a social engineering campaign aimed at software engineers in the Israeli Defense Forces, as well as Israel's defense and aerospace industries.
The ruse involved posing as employees of companies on LinkedIn and messaging targets with fake freelance job opportunities.
The false recruiters would send a lure document with instructions for participating in a coding assessment.
The fake coding assessment required recipients to download a Visual Studio project, masquerading as a human resources management app, from an attacker-controlled GitHub or Google Drive page.
Recipients were then asked to add features to the project, to demonstrate their coding skills.
Contained within the project was a function that secretly downloaded, extracted, and executed a malicious ZIP file on the affected computer.
Inside the ZIP: the SysJoker multiplatform backdoor.
'Nothing Like Russia' It may seem counterintuitive that Hamas' invasion wouldn't have been paired with a shift in its cyber activity akin to Russia's model.
This may be due to its prioritization of operational security - the secrecy that made its Oct. 7 terror attack so shockingly effective.
Less explicable is why the most recent confirmed Hamas-related cyber activity, according to Mandiant, occurred back on Oct. 4.
Hamas likely has not fully retired its cyber operations.


This Cyber News was published on www.darkreading.com. Publication date: Wed, 14 Feb 2024 00:05:22 +0000


Cyber News related to Hamas Cyberattacks Ceased After the Oct. 7 Terror Attack. But Why?

Hamas Cyberattacks Ceased After the Oct. 7 Terror Attack. But Why? - Cyber threat actors linked with Hamas have seemingly ceased activity ever since the terrorist attack in Israel on Oct. 7, confounding experts. Russia's invasion of Ukraine - preceded and supported by historic waves of cyber destruction, espionage, ...
4 months ago Darkreading.com
The Dangerous Mystery of Hamas' Missing 'Suicide Drones' - Faced with the looming possibility that Hamas could leverage some of the same techniques, Israel began running drills, practicing with fighter jets to intercept UAVs. In February 2014, it announced a prototype of a new air defense system: The "Iron ...
7 months ago Wired.com
Iran Ramps Up Cyberattacks on Israel Amid Hamas Conflict: Microsoft - In the context of the Israel-Hamas conflict, Iran's offensive operations against Israel were initially reactive and chaotic, but quickly ramped up and expanded in scope, Microsoft says. Immediately after October 7, Iranian threat actors were seen ...
4 months ago Securityweek.com
Israel Battles Spike in Wartime Hacktivist, OT Cyberattacks - For Israel, 2023 will be remembered as the beginning of the war in Gaza after the devastating Hamas terror attacks on Oct. 7. The conflict spread to the cyber realm, with hacktivists on both sides declaring their intentions to conduct cyberattacks. ...
6 months ago Darkreading.com
The Hamas Threat of Hostage Execution Videos Looms Large Over Social Media - Hadley says his team of 20 typically knows about new terrorist content before any of the big platforms. While tracking verified content from Hamas' military wing or the PIJ, Hadey says the volume of content on the major social platforms is "Very ...
7 months ago Wired.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
6 months ago Esecurityplanet.com
Cyberattacks Intensify on Israeli and Palestinian Human Rights Groups - Hackers have stepped up efforts to take down the websites of Israeli and Palestinian humanitarian groups since Hamas attacked Israel on Oct. 7.The spike in cyberattacks on Israeli human rights organization B'Tselem has reached levels similar to ...
7 months ago Wsj.com
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
1 year ago Trendmicro.com
Top White House cyber aide says recent Iran hack on water system is call to tighten cybersecurity - WASHINGTON - A top White House national security official said recent cyber attacks by Iranian hackers on U.S. water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by ...
6 months ago Apnews.com
Top White House Cyber Aide Says Recent Iran Hack on Water System Is Call to Tighten Cybersecurity - A top White House national security official said recent cyber attacks by Iranian hackers on US water authorities - as well as a separate spate of ransomware attacks on the health care industry - should be seen as a call to action by utilities and ...
6 months ago Securityweek.com
Understanding Each Link of the Cyberattack Impact Chain - It's often difficult to fully appreciate the impact of a successful cyberattack. Other consequences aren't so obvious - from a loss of customer trust and potential business to stolen data that may surface as part of another cyberattack years later. ...
6 months ago Securityboulevard.com
CVE-2021-0263 - A Data Processing vulnerability in the Multi-Service process (multi-svcs) on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker ...
3 years ago
Breaches by Iran-Affiliated Hackers Spanned Multiple U.S. States, Federal Agencies Say - A small western Pennsylvania water authority was just one of multiple organizations breached in the United States by Iran-affiliated hackers who targeted a specific industrial control device because it is Israeli-made, U.S. and Israeli authorities ...
7 months ago Securityweek.com
Beirut Airport Cyberattack Targets Hezbollah - Screen displays at the Rafic Hariri International Airport in Lebanon were defaced with messages on Jan. 7, after hackers successfully compromised the flight information display systems at Beirut's main international airport. The messages criticized ...
5 months ago Darkreading.com
Iranian Phishing Campaign Targets Israel-Hamas War Experts - Iran-linked threat actors are targeting high-profile researchers working on the Israel-Hamas conflict via a sophisticated social engineering campaign, according to Microsoft Threat Intelligence. The threat actor Mint Sandstorm, which has ties to ...
5 months ago Infosecurity-magazine.com
Iran-linked hackers claim to leak troves of documents from Israeli hospital - A hacker group allegedly linked to Iran claimed to have leaked thousands of medical records from an Israeli hospital, including those of Israeli soldiers. In a cyberattack on Ziv Medical Center in the city of Safed, near the border with Syria and ...
7 months ago Therecord.media
Mideast Oil & Gas Facilities Could Face Cyber-Related Energy Disruptions - Middle East oil and gas operators will need to be vigilant about the risk of cyberattacks as the Israel-Gaza conflict continues, security experts warn, or else risk energy supply disruption globally. A recent report by S&P Global Ratings found that ...
7 months ago Darkreading.com
Meta Facebook, Instagram Iran's Supreme Leader - Iran's Supreme Leader, Ayatollah Ali Khamenei, has his Facebook and Instagram accounts permanently removed by Meta. Meta Platforms has stepped into the ongoing geopolitical tensions between the United States and Iran, with a notable move against that ...
4 months ago Silicon.co.uk
Microsoft ChatGPT faces cyber threat for being politically biased - Microsoft-owned ChatGPT, developed by OpenAI, is currently facing a cybersecurity threat from a group of individuals who identify themselves as Palestinians. They have declared their intention to carry out various cyber-attacks on the AI-based ...
6 months ago Cybersecurity-insiders.com
Q&A: The Cybersecurity Training Gap in Industrial Networks - Cyberattacks on critical infrastructure are steadily increasing, driven by geopolitical conflicts as well as the longtime problem of poorly secured devices that remain exposed and unprotected on the public Internet. Irfan Shakeel, the Dubai-based ...
4 months ago Darkreading.com
Lebanon Airport Screens Display Anti-Hezbollah Message After Being Hacked - The information display screens at Beirut's international airport were hacked by domestic anti-Hezbollah groups Sunday, as clashes between the Lebanese militant group and the Israeli military continue to intensify along the border. Departure and ...
5 months ago Securityweek.com
Multiple colleges, K-12 schools facing outages after cyberattacks - Several K-12 schools, colleges and universities are dealing with significant technology outages due to cyberattacks this week. A spokesperson for North Carolina Central University told Recorded Future News that the school was alerted to a cyberattack ...
7 months ago Therecord.media
Hamas-Linked APT Wields New SysJoker Backdoor Against Israel - Attackers linked to the Palestinian militant group Hamas are using a revamped version of the SysJoker multi-platform backdoor to attack targets in Israel as the current conflict between the two continues despite a current pause in the fighting. An ...
7 months ago Darkreading.com
Meet the Ransomware Negotiators - We really thought it'd be really interesting for our listeners to know more about how it works in ransomware response process, how a company decides to pay the ransom, how that process works through a negotiator. I don't believe anybody really starts ...
1 week ago Darkreading.com
Congressmen Ask DOJ to Investigate Water Utility Hack, Warning It Could Happen Anywhere - Three members of Congress have asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting the nation's top cyberdefense agency to warn other water and sewage-treatment utilities that ...
7 months ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)