IDF official says military foiled ‘dozens’ of Iran cyberattacks on civilian sites

Army believes Iran has focused offensive cyber efforts mainly on nonmilitary infrastructure, in attempt to instill fear in Israeli society

Emanuel (Mannie) Fabian is The Times of Israel's military correspondent

An Israeli soldier of the C4I Corps works at a computer, in an undated photo published by the military on September 21, 2022. (Israel Defense Forces)
An Israeli soldier of the C4I Corps works at a computer, in an undated photo published by the military on September 21, 2022. (Israel Defense Forces)

A senior Israel Defense Forces officer said Wednesday that the military has foiled dozens of attempted Iranian cyberattacks — mostly on Israeli civilian infrastructure — over the past year.

Israel and Iran have been engaged for years in a largely clandestine cyberwar that occasionally bubbles to the surface. Israeli officials accused Iran of attempting to hack Israel’s water system in 2020, while Iran has also blamed Israel for cyberattacks on the country’s infrastructure.

“In the past year, the IDF thwarted dozens of Iranian cyberattack attempts. In recent years, the friction between Israel and its enemies has intensified,” the officer said, speaking to reporters on condition of anonymity.

The military identified an increase of some 70 percent in Iranian cyberattacks against Israel in the past year.

“The IDF and the [cyber] defense community have developed breakthrough capabilities to defend against the enemy,” the senior officer added.

Israel’s cyber defense community includes the National Cyber Directorate, the Defense Ministry’s director of security of the defense establishment, and units within the Shin Bet security agency, Mossad spy agency and the IDF.

According to assessments by the IDF’s C4I Corps, there are more than 20 Iranian cyber units, of which at least 10 operate against Israel.

Israeli soldiers of the C4I Corps work at their computers, in an undated photo published by the military on September 21, 2022. (Israel Defense Forces)

The IDF believes that one of Iran’s main goals when it comes to cyberattacks is to instill fear within Israeli society. Therefore, Iran primarily targets civilian sites that do not necessarily cause damage to the military, but cause panic among the public.

Aside from the attempted attack on Israel’s water systems in 2020, a recent cyberattack thought to have been carried out by an Iranian group caused false rocket sirens to ring out in Jerusalem and Eilat.

Last year, a hospital in central Israel came under a major cyberattack, and its systems remained down for several days until military officials and other experts assisted in restoring its data.

A ward at Hillel Yaffe Medical Center on October 14, 2021, as staff try to manage without regular IT systems (courtesy of Hillel Yaffe Medical Center)

The IDF says it has assessed that Iran has invested enormous resources into the development of offensive cyber capabilities.

At the same time, the IDF says it has invested its own resources into expanding its existing cyber defense capabilities, including holding routine drills with American counterparts at the United States Cyber Command, most recently in August.

Meanwhile, Iran has accused the United States and Israel of cyberattacks that have impaired the country’s infrastructure.

A screenshot from what is believed to be closed-circuit footage obtained from Iran’s Khuzestan Steel Co. factory floor where a piece of heavy machinery on a steel billet production line malfunctions and causes a massive fire, June 27, 2022. (Screenshot: Twitter)

In June, an alleged Israeli cyberattack caused a large fire at a major Iranian steel plant. The attack was claimed by an anonymous group, but footage of the incident was published by Israeli TV, hinting that the operation had been carried out by Military Intelligence.

Iran disconnected much of its government infrastructure from the internet after the Stuxnet computer virus — widely believed to be a joint US-Israeli creation — disrupted thousands of Iranian centrifuges in the country’s nuclear sites in the late 2000s.

In a major incident last year, a cyberattack on Iran’s fuel distribution system paralyzed gas stations across the country, leading to long lines of angry motorists. The same anonymous hacking group, Gonjeshke Darande, claimed responsibility for the attack on fuel pumps.

Israel generally maintains a policy of ambiguity regarding its operations against Iran, and does not disclose its responsibility for them.

Most Popular
read more: