Pierluigi Paganini
October 10, 2023
Both pro-Israeli and pro-Palestinian hacktivists have joined the fight in the cyber realm. Industrial control systems (ICS) seem to be one of the most lucrative targets for them, and there are hundreds exposed.
After Hamas gunmen killed hundreds of Israelis and took an unknown number of people hostage, Israel has now retaliated with airstrikes on Gaza.
Some people took to social media to, for example, show support for Israel by adding the country’s flag to their profile pictures. Thousands marched on the streets to express support for the Palestinian side.
Others turned to cyber weapons to voice their opinion and sow chaos. Hacktivists are already launching attacks on various systems amid a grave escalation of the Israeli-Palestinian conflict.
We’ve already reported on a multitude of attacks, mostly distributed denial of service (DDoS), against Israel. Hacktivists have targeted the Israeli government and media, among other organizations.
Some threat actors, such as ThreatSec, haven’t claimed any allegiance and are boasting about attacking both sides alike.
“As you might know, we don’t like Israel, but… We also don’t like War! Soooo, as we have attacked Israel in the past, we now attack the Gaza region, where many of the Hamas fighters are located!” the gang wrote on Telegram, claiming that it had shut down nearly every server owned by Alfanet.ps – including Quintiez Alfa General Trading, which is one of the biggest ISPs (internet service providers) in the Gaza Strip.
ThreatSec is part of the “Five Families” – notorious and highly organized gangs (the others are GhostSec, Stormous, Blackforums, and SiegedSec) that collaborate on launching big cyberattacks.
Mantas Sasnauskas, head of the Cybernews research team, highlighted that many hacktivists go after various ICSs in an attempt to disrupt critical infrastructure and draw international attention.
Since a cyberattack on critical infrastructure can have serious repercussions, including operational disruptions, safety hazards, economic costs, and reputational damage, cybersecurity should be a top priority in the organizations that administer them.
Unfortunately, that’s not always the case. An analysis by the Cybernews research team reveals that many ICSs are exposed, and threat actors can easily take advantage of sloppy security practices.
An ICS is a computerized system used to monitor and manage machinery and processes in industries, ensuring that they work effectively and safely. SCADA, which stands for supervisory control and data acquisition, is a type of ICS capable of gathering data and applying operational controls over long distances.
As per Cybernews’ findings, some Israeli organizations are exposing their Modbus, a SCADA communications protocol.
More info on exposed occurrences are available in the original post
Original post at https://cybernews.com/cyber-war/palestine-israel-scada-under-attack/
About the author: Jurgita Lapienytė, Chief Editor at Cybernews
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, hacktivists)
