As regional tensions intensify, Israel is experiencing a significant surge in cyberattacks, with security experts pointing to Iranian state-backed actors and affiliated groups.
A new report from cybersecurity giant Radware reveals a dramatic 700% increase in cyberattacks targeting Israel in the two days following June 12, coinciding with the commencement of Israel’s military strikes on Iran.
The sharp escalation in malicious network activity highlights the hybrid nature of the ongoing conflict, where digital warfare amplifies and complements conventional military operations. Ron Meyran, VP of Cyber Threat Intelligence at Radware, commented on the situation, describing it as an “unprecedented wave of cyberattacks directed against Israel.”
John Hultquist, Chief Analyst, Google Threat Intelligence Group said: “We expect Iranian cyberthreat actors to rededicate themselves to attacks against Israeli targets in light of the recent military actions, though it’s too early at this time to measure any changes. Iranian cyber activity in Israel is already persistent and aggressive, and has been for several years.”
Increased attack frequency
Iranian cyber capabilities, developed over recent years, are now being deployed with increased frequency and intensity. These attacks span a wide range of targets, including Israeli government websites, financial institutions, telecommunications companies and critical infrastructure. The tactics employed vary from distributed denial-of-service (DDoS) attacks, designed to overwhelm and disrupt online services, to more insidious infiltration attempts, data theft and the deployment of destructive malware.
Hultquist said: “Iranian cyber activity has not been as extensive outside of the Middle East but could shift in light of the military actions. Targets in the US could be reprioritised for action by Iran’s cyberthreat capability. Iranian cyber espionage activity already targets the US government, military, and political set, but new activity may threaten privately owned critical infrastructure, or even private individuals.
While Iranian state-sponsored cyber groups have historically engaged in espionage and disruptive activities, the current surge suggests a heightened level of coordinated retaliation. Cybersecurity analysts anticipate that these groups will continue to intensify their operations, aiming to disrupt essential services and exert psychological pressure on Israel.
Greater sophistication
The concern among experts extends beyond Israel’s borders, with warnings that Iranian cyber operations could potentially target American interests, particularly critical infrastructure. While Iran’s past large-scale destructive attacks have sometimes lacked technical sophistication, their persistent nature and willingness to exploit vulnerabilities remain a significant threat.
The escalating cyber dimension underscores the complex and multifaceted nature of the current regional instability, posing ongoing challenges for cyber defence authorities in Israel and its allies. Organisations are urged to reinforce their digital defences and maintain vigilance against evolving threats.
Hultquist added: “Iran has the ability to carry out cyber espionage and disruptive cyberattack as well as information operations like hack and leak campaigns. Many of these activities have met with limited success. For instance, though Iran has carried out some serious disruptive cyberattacks, many have failed and actors have repeatedly made false and exaggerated claims to bolster their impact. The goal of many of these operations is psychological rather than practical, and it is important not to overestimate their impact.”
