Cyber directorate warns of anticipated attacks to mark Iran’s ‘Jerusalem Day’

Hackers expected to try corrupting websites with propaganda messages, hit Israeli information systems around May 7

A video posted on Israeli websites as part of a cyberattack, May 21, 2020 (Screen grab)
A video posted on Israeli websites as part of a cyberattack, May 21, 2020 (Screen grab)

The National Cyber Directorate warned Wednesday that coordinated attacks against Israel are expected next month to mark Iran’s annual Quds Day, and the end of the Muslim holy month of Ramadan.

The actions, expected to come around May 7 and to be coordinated by anti-Israel hackers around the world under the banner “#OPJerusalem,” will seek to spread propaganda messages by way of website corruption, text messages and attacks aimed at grabbing public attention, the directorate said in a statement.

“The directorate again warns organizations about attackers’ use of common current vulnerabilities and calls on them to implement the relevant security updates as soon as possible,” the statement said.

Iran initiated Quds Day, or Jerusalem Day, in 1979, the year of the Islamic Revolution. It commemorates it with anti-Israel speeches, events and threats to “liberate” Jerusalem from Israeli control. Each year the directorate warns against expected attacks linked to the day.

This year the day falls close to Israel’s own Jerusalem Day, celebrated on May 10, which marks the unification of the capital during the 1967 Six Day War.

Iranian demonstrators burn a representation of the Israeli flag during their annual protest to mark Quds, or Jerusalem Day, in Tehran, Iran, May 31, 2019 (AP Photo/Vahid Salemi)

The directorate noted that last year thousands of Israeli websites were temporarily corrupted in an attack on a web hosting company.

“The assessment is that this year there will be attacks that are focused not only on websites but also attempts to cause damage to information systems of Israeli organizations,” the statement warned.

It issued specific warnings about products with the most exploited vulnerabilities seen in attacks in Israel and around the world, listing Exchange servers, equipment from the F5 company, SharePoint interfaces, and VPN equipment produced by Palo-Alto Networks, Pulse Secure and Fortinet.

The directorate warned against opening hyperlinks or downloading files received via email from unknown, unofficial, or dubious sources.

Passwords should be strong, it said, and recommended implementing two-step verification for email access, social networks and messaging apps.

It also reminded the public to not give out passwords or personal details or to respond to requests for such information. Those who come across a corrupted website should not click any of its links but instead shut down their web browser.

In general, the directorate advised to only download applications from recognized online stores and not click on website links that make offers that seem too tempting.

Attacks can be reported directly to the directorate by dialing 119.

Illustrative image of a hacker and online fraud (scyther5; iStock by Getty Images)

In last year’s attacks, various affected websites displayed a video simulating Israeli cities being bombed and messages threatening the destruction of the Jewish state. Despite the number of websites that were defaced, cybersecurity experts said the scale of the attack was relatively small because all were attacked via a single access point.

The directorate recently launched a new program aimed at bolstering defenses for web-hosting companies by setting a uniform standard for protection, the statement said. It has also offered hosting companies a tool it developed that enables them to quickly identify certain malicious attacks, known as web shell, that aim to gain remote access and control of a server.

Tensions have risen between Israel and Iran, with the countries blaming each other for recent attacks on each other’s ships that have caused damage but no injuries or sinkings. In addition, Iran has blamed Israel for an explosion at a key nuclear facility that reportedly caused significant damage, but no injuries, by knocking out power systems.

read more:
Never miss breaking news on Israel
Get notifications to stay updated
You're subscribed