The Middle East has seen a significant increase in cyberattacks in recent months, particularly those posing serious threats to various institutions in the region.
Fyodor Chumakov, an information security analyst at Positive Technologies, shed light on the actual threats facing the Middle East, he emphasized that rapid technological advancements, coupled with increased reliance on the internet, have provided attackers with new and innovative ways to exploit vulnerabilities and launch malicious cyberattacks.
In this context, Positive Technologies identified the ten worst cyberattacks witnessed in the Middle East over the past 18 months:
1. Adalat Ali Group:
In early 2022, an Iranian infiltration group known as “Adalat Ali” managed to intervene in the Telibeon service, a broadcasting service operating in the Islamic Republic of Iran, the group broadcasted 50-second messages encouraging youth to protest and revolt against the Khamenei regime.
2. DDoS Attacks on Bezeq and Cellcom:
This attack, the largest cyberattack targeting Israel, occurred in March 2022, a strong and prolonged Distributed Denial of Service (DDoS) attack resulted in emergency status, it disrupted internet access for Israeli government agencies by targeting Bezeq and Cellcom communication companies.
3. Attack on Public Address Systems in Palestine:
In June 2022, attackers breached the public address systems in Jerusalem and Eilat, triggering false air raid alarms that lasted nearly an hour during the attack.
4. Cyberattack on Iranian Steel Plants:
In June 2022, a significant cyberattack targeted three Iranian iron and steel plants, the “Ganjshak Dande” cyber group managed to disrupt operations, causing a molten iron ladle to collapse in one plant, leading to a fire that halted production.
5. Attacks on the GamkenBot Program:
GamkenBot is an appointment scheduling software developed by Israel to streamline interactions with government agencies, attackers exploited its source code to develop software that identified and reserved all available appointments, then sold these slots to citizens, significantly disrupting public services.
6. Celebrite Data Breach:
Celebrite, an Israeli digital data collection and analysis company, was targeted by hackers who stole around 1.7 terabytes of data, including diagnostic tools, backups, content transfers, recovery tools, and licensing tools.
7. Attack on Fars News Agency:
Iran’s official Fars News Agency suffered a cyberattack in November 2022, with the “Black Reward Team” stealing up to 250 terabytes of sensitive information and manipulating the site.
8. “Wise Society” Ransomware Attack on IKEA:
In November 2022, the “Wise Society” group, specializing in ransomware attacks, targeted IKEA stores in Morocco and Kuwait, breaching data and publishing it on their website.
9. Pro-Palestinian Attacks on Israeli Companies:
In January 2023, the “Jerusalem Brigade Electronic” group launched a massive campaign targeting Israeli chemical production companies, they sent employees emails urging them to quit their jobs and find new ones.
10. Jordan Valley Irrigation Systems Attack:
Attackers targeted agricultural irrigation systems and sewage treatment control systems managed by the Galilee Sewage Authority, successfully disabling the irrigation systems.
In light of these attacks, Positive Technologies urged companies to adopt the latest technologies and tools to protect their employees, data, and networks from advanced cyber threats.”