"Cyber Flood Al-Aqsa" penetrates Israel's largest cybersecurity company

Israel faces an increasing number of cyberattacks affecting its digital infrastructure (Medgerny)

Every day of this week, daily personal information about millions of Israelis is released via Telegram on the social network known for its moderate content moderation policies.

Radwer, an Israeli cybersecurity firm, was the latest casualty. But its client, Signature-IT, was the main target from whom most of the information was stolen.

According to a report published by the technology website Ctech, a data breach was carried out by the operations of the "Cyber Flood of Al-Aqsa," a newly formed politically motivated group founded on November 18 whose name appears to be inspired by the recent operation by the Islamic Resistance Movement "Hamas", which it called "Al-Aqsa Flood."

Over the past week, the group has distributed sensitive information belonging to Israelis associated with Signature IT customers, including Max Security, a cybersecurity and geographic intelligence firm, the Israel Innovation Authority, the Israeli Government National Archives, Shefa Online, an Israel-based service used by IKEA, and Radwyer itself.

The group says it will abide by the planned ceasefire and temporarily halt its data dumps, but it is not known how much information the group has gathered and how long it will continue to disseminate information if the war resumes again.

So far, data on millions of people includes emails, phone numbers, names, and business interactions, but not credit cards or bank information.

Jill Messing of information security firm Check Point said: "Israel is experiencing a huge wave of cyberattacks."

While its military is engaged in a war on the ground with Izz al-Din al-Qassam Brigades fighters in Gaza, Israel is facing an increasing number of cyberattacks affecting its digital infrastructure. According to Mesteeng who adds: "Cyber warfare is certainly imminent and increasing day by day."

"We are talking about more than 120 groups actively attacking Israel. "We should expect more leaks and people should be aware of that."

According to Mesingh, Israel has seen a nearly 22 percent increase in total attacks on Israeli targets since the beginning of the war following the attack on Israel on October 7. These attacks included ransomware attacks, attacks on mobile devices, as well as an increase in attacks on IoT devices such as security cameras and other internet-connected elements.

Check Point assists clients in Israel and around the world to ensure that the impact of attacks is kept to a minimum.

Ronen Ahdot, head of attack monitoring and management at Israeli firm Cynet Security, said: "In recent years, a lot of people have become more willing to carry out cybersecurity attacks because the generation has changed, and people now have more time and can learn new things. A lot of people have learned during the pandemic how to carry out hacking."

For now, data from Radwir software leaks will continue to be dumped in one way or another outside of the so-called ceasefire periods. Information that has already been leaked can be reused and exploited in other ways, such as selling sensitive information that may cause serious harm in other areas.

All Israeli citizens, businesses, and government offices can do is remain vigilant and aware of the threat posed by groups linked to Hezbollah and Hamas.

"We are in the midst of a real cyber war, that's true, that's true, and what we've seen in these daily leaks is just one example," Ahdut stresses.

Source : Websites