The Israeli National Cyber Directorate (INCD) confirmed on the morning of June 20, local time, that the false rocket alerts activated in Jerusalem and Eilat on the evening of the 19th were likely caused by a cyber attack.
On Monday (20th), there was widespread speculation that Iran was the perpetrator of the hack, and many cyber experts expressed such views in interviews about the possibility of Iranian involvement. However, a diplomatic source said it was uncertain whether the Islamic Republic was the source of the attack. The diplomatic source also downplayed the significance of the attack, saying “there is constant cyber activity against Israel. In terms of Israel’s commitment to improving its cyber resilience, it’s doing fine. Part of [the country’s] multi-year plan is with other countries. Cooperate to build a cyber iron dome. Yesterday’s headlines overstated the siren.” Rocket sirens sounded for nearly an hour in Eilat and several Jerusalem communities including Talpiot, Katamon and Beit Hakerem on the evening of the 19th.
The Jerusalem Post reported that the IDF initially blamed a system glitch, and the alarm went off for nearly an hour. Rocket attacks in civilian areas remain an endemic danger to Israel.
The Israel National Cyber Agency now suspects the cyber intrusion was the cause. Deputy Economy Minister Yar Goran suggested on the 20th in state media that the culprit may come from Iran. “The Iranians are trying to harm Israel online, and this incident needs to be investigated quickly,” the former IDF deputy chief of staff told IDF Radio. On the other hand, they are trying best to do data disaster recovery, minimizing losses.
The IDF Home Front Command said the siren that was damaged was a municipal system, not a military system. The civil protection authority said in a tweet that it “directed local authorities to take prompt protective measures on the local public address system”. The tweet acknowledged “suspected cyber incidents at the interface of the municipal public address system that led to the activation of public address in a few locations in Eilat and the city of Jerusalem.”
INCD did not immediately respond to Information Security Media Group’s request for comment.
Tensions between Iran and Israel are rising as Tehran blames the Jewish state for a recent spate of attacks on its nuclear infrastructure, while Israel urges its citizens to leave Turkey over fears that Iranian operatives could attack Israelis in Istanbul.
Israeli cybersecurity firm Check Point this week unveiled a spear-phishing campaign targeting prominent Israeli and U.S. executives, blaming Iran.
Targets identified by Check Point include former Israeli foreign minister and deputy prime minister Tzipi Livni; an unnamed former major general who held a highly sensitive position in the Israel Defense Forces; and an unnamed senior executive in the Israeli defense industry.
The same day the Check Point article was published, June 14, the Israel National Cyber Agency issued a warning about “aggressive phishing campaigns targeting various users in Israel” and issued an alert containing information that would allow users to block the attack.
It’s hard to explain the idea that anyone other than Iran would support the idea of hacking. There was no ransomware or monetary extortion element in this attack, which rules out ordinary cybercriminals.
With the exception of Iran, few countries with strong cyber programs have come into conflict with Israel. For example, even if Russia decides to retaliate for Jerusalem’s support of Ukraine, it seems unconscionable to play with the siren.
By contrast, infiltrating a non-essential and less-protected system, such as a siren, could draw extensive media attention that would be appropriate for Iran’s previous cyberattacks.
Omree Wechsler, a senior researcher at the Blavatnik Center for Interdisciplinary Cyber Research, commented: “The incident of the Iranian cyber attack may be the story behind the false rocket warning sirens in Jerusalem. Specifically, the hackers targeted the public address systems in Jerusalem and Eilat. As a A distinctly Israeli symbol, it shows that this was an opportunistic attack, not a sophisticated and well-orchestrated attack that was launched years ago. Hackers attacked where they found vulnerabilities.” Wechsler added: “As many of the world’s networks Attacks are focused on financial or espionage targets, and Iran’s activities against Israel fit a pattern of causing damage or creating panic. Such attacks are common and part of everyday life, including thousands of attempts to break into any system or server, The damage will lead to media coverage.”
The ground as well as the network have been reduced to battlefields. In the online world, the conflict is more intense, and the situation is more chaotic. This forces us to acknowledge that the game between great powers is no longer restricted to traditional military and political confrontations, but now encompasses a series of comprehensive strength clashes such as money, network, and intelligence. Because of its low cost and superior stealth, cyber warfare has become the preferred choice for modern warfare. Businesses and organizations must fully comprehend the significance of data security. A data breach may damage a company and an organization. As a result, organizations should employ appropriate methods to safeguard enterprise data, such as virtual machine data protection, vm backup solutions, and so on.
