Cyberwarfare: How foreign wars can affect us at home

On April 13, 2024, for the first time from their own country, Iran launched a huge missile and drone attack against Israel. This is all over the news, but did you know there was a cyber-attack prior to the strike against the Israeli radar systems? The pro-Iranian cyber gang known as Handala claimed to have breached radar systems and sent 500,000 text messages to Israeli citizens. The attack was meant to soften up the Israeli defense system and intimidate citizens, although it appears not to have had the desired effect.

More and more, cyberwarfare is part of the multi-pronged attack in kinetic warfare. So far, it has not been something that wins wars directly, but it contributes to the effects of other strategies. Cyberwarfare encompasses a range of activities, from espionage and sabotage to propaganda and disinformation campaigns. It is characterized by its low visibility and high impact, making it an attractive tool for state and non-state actors seeking to achieve strategic objectives without resorting to conventional military force. Additionally, the cyber domain offers a level of deniability and the ability to strike at the heart of critical infrastructure and societal functions.

There are three types of cyberwarfare commonly used today: wipers, distributed denial of service (DDoS), and defacement. The objective of wipers is to delete information from a network. This denies users access to their own data. Wiper attacks may include ransomware. A DDoS attack aims to take down a website or online resource by overwhelming it with malicious traffic. This is usually done with botnets (remotely controlled malware infected computers). Both types of attacks deny the end user access to their information or network. The third type of attack goes about their objective slightly different. Defacement deletes or modifies information on a website. The objective is to mislead the public into thinking the malign planted news is reliable with the hopes of that news going viral. This can be part of a wider psychological operation in the campaign.

There are estimates that the Iranian Ministry of Intelligence (MOIS) carried out more than 2,000 attacks each in the first week of April. Together, they operate more than 10 different attack groups. A cybertracker from CyberKnow reveals that 65 groups were involved in the campaign against Israel from the 1st to the 8th of April 2024, carrying out DDoS, defacement, and other types of attacks.

The targets of these attacks are not always digital. During the April 13th missile attack, Iranian-backed hacktivist group, the “CyberAv3ngers,” caused power outages in several Israeli cities. The CyberAv3ngers became famous in the U.S. in November and December 2023 for targeting U.S water facilities. Water utilities in Pennsylvania, Texas, and Florida were compromised. Although the consequences of the compromises were not dire, the group was sending a message that it could compromise high value targets and do damage if it wanted. The group targeted U.S. utilities for the U.S. support of Israel.

Although Iran’s cyber-attacks are noted above, it is not specific to that country. Cyberwarfare is being employed by all major powers across the globe. Israel, the U.S.A, China, Russia, North Korea, the UK, and European Union countries use these activities as part of their wider strategy to affect their influence.

Even though a kinetic war is being waged over 6000 miles away, cyber-attacks can affect us at home. Public utilities should especially be cyber prepared for anything in this environment.

You can find the original article here from the Sierra Vista Herald.