Iranian cyber terrorism since Oct. 7 is a global threat, warns Israel cyber czar
Israel’s State Comptroller is looking into potential cyber breaches of the PMO, and drone systems as part of a cyber threat preparedness report leading to and since the Hamas war
Sharon Wrobel is a tech reporter for The Times of Israel.
Cyber defense chief Gaby Portnoy warned on Tuesday that the nature of cyber attacks by Iran since the outbreak of the Hamas war on October 7 has been more aggressive, not just against Israel, but also against its allies.
“We have identified that Iran is attacking its allies and other countries for information extortion and damaging digital services,” said Portnoy, head of the Israel National Cyber Directorate (INCD) speaking at the Cyberweek annual conference held at Tel Aviv University. “The information stolen from government systems is then used for Iranian cyberterrorism.”
“That makes Iranian cyber aggression an international problem, not only an Israeli one, and therefore the solution needs to be international,” he demanded.
Among the countries Portnoy mentioned that Iran is attacking worldwide, often not identifying as being Iranian, are Saudi Arabia, Oman, Canada, the US, the UAE, India, the UK, Germany, Australia, and Austria.
Portnoy stated that since October 7, the intensity of cyberattacks against Israel has tripled adding that Iran has expanded the scope of its attacks on the country, “crossing humanitarian red lines, such as the thwarted attack on Ziv Hospital in Safed,” that nevertheless managed to steal sensitive medical information.
Among the “new players,” of hacker groups, Portnoy cited Homeland Justice, which he said is probably operated by Iran’s Ministry of Intelligence and Security (MOIS) and has been active in cyberattacks in Albania.
“We see the Imperial Kitten work, operated by the IRGC [Islamic Revolutionary Guard Corps], both in Israel and the US, where – 4 activists and 4 straw companies were sanctioned for operating against federal facilities,” he elaborated.
“Iran’s actions constitute a complete violation of international privacy laws and conventions, causing worldwide damage to innocent civilians.” Portnoy asserted.
Portnoy called for a joint international front not only in defense, but also for building a deterrence, and “charging together a price from Iran for the world damage they cause.”
“The war in the cyber space made us look again to where we need to go – a trustworthy and secure digital space,” Portnoy said. “We need to step up from securing the cyber space to securing a holistic concept of the digital space.”
“In the digital age, the loss of trust in digital services and information can cause damage to businesses, democratic values, and to governments,” Portnoy cautioned.
He also spoke about cyber defense actions the INDC has been working on during the war period, such as building a “cyber dome” against online attacks, and the “crystal ball,” a multilateral threat intelligence platform powered by Microsoft technology.
“We need to step up the way we work together, where we have national-level cyber dome defense, sectoral and organizational cloud SOCs [security operations center], like the CyberShield project we are developing, to detect and defend against cyberattacks, while protecting all sides’ interests and privacy,” Portnoy remarked.
Also speaking at the conference, Israel’s State Comptroller Matanyahu Englman said that the cost of handling cyberattacks in Israel 2024 is estimated at around NIS 12 billion ($3.2 billion).
Englman disclosed that the ombudsman is currently probing Israel’s preparedness to cyber incidents since the outbreak of the Hamas war.
“We are checking 30 main public bodies,” Englman said. “This audit includes a few sections – the first deals with gaps in the level of cyber protection and the resilience of Israel, and the actions the regulatory bodies took in order to strengthen the resilience.”
“The second examines the preparedness of critical bodies to cyberattacks and how those attacks were dealt with,” he said.
Specifically, Englman’s office is probing the protection of IT systems in the Prime Minister’s Office, the cyber protection of remotely manned aerial vehicles or drones, protection against cyber threats on control systems of the Home Front Command, and the “continuity of IDF’s ICT systems at the opening day of the war.”
“I see great importance in these audits in light of higher risks we might be facing,” Englman said.