Latest Developments
Russia is responsible for recent cyberattacks against Israel, a senior Ukrainian official told Politico on November 10. Victor Zhora, deputy chair of the State Service of Special Communications and Information Protection of Ukraine, explained that Kyiv is seeing the “same tactics as Russia used in Ukraine in the Israeli conflict,” including distributed denial of service attacks by the pro-Kremlin KillNet group. Calling Russia a “global evil” that is targeting both countries, Zhora affirmed that Ukraine “consider[s] Israel to be a partner.” Zohra made the comments on the sidelines of a cybersecurity conference in Washington, DC.
Expert Analysis
“Russia and Iran both have a history of using proxies to conduct cyberattacks against the democracies they are trying to harm. Russia has been conducting a non-stop cyber malicious activity campaign against Ukraine since February 2022, and Iran’s surrogates are doing the same against Israel today.” — RADM (Ret.) Mark Montgomery, Senior Director of FDD’s Center on Cyber and Technology Innovation and FDD Senior Fellow
“While it is unclear whether these alleged cyberattacks occurred at Moscow’s direction, Russia’s security services have a well-known history of cooperation with cybercriminal groups. At the very least, the cybercriminals who have attacked Israel evidently perceived a call to action from Moscow’s criticism of Israel’s war against Hamas.” — John Hardie, Deputy Director of FDD’s Russia Program
Russia and Iran Launch Disinformation Campaigns
U.S. adversaries are targeting Israel and Ukraine with vast disinformation campaigns. A France 24news report identified a sophisticated Russian influence campaign to use the Israel-Hamas war to promote the narrative that Ukraine should push for a ceasefire. The campaign argues that this step is necessary due to the flow of Western aid to the Middle East, effectively pitting Israel and Ukraine against each other in competition for funds. The campaign uses bots to flood social media with disinformation and mimics the websites of news organizations to trick readers.
Both Russian and Iranian state media are also pushing anti-Israel and anti-American disinformation. While The New York Times found no direct evidence of coordination between Moscow and Tehran, American government officials did not rule out the possibility, with James P. Rubin, the head of the State Department’s Global Engagement Center, noting that the United States is in “an undeclared information war with authoritarian countries.”
Iranian State Hackers Target Israeli Logistics
Researchers with cybersecurity firms, meanwhile, revealed new campaigns by Iranian state-backed hackers to target Israel. CrowdStrike observed an uptick in attacks against Israeli transportation, logistics, and communications firms by a group affiliated with Iran’s Islamic Revolutionary Guard Corps (IRGC). Palo Alto Networks identified a campaign against the Israeli education and tech sectors.
Simeon Kakpovi, senior threat intelligence analyst in Microsoft’s Threat Intelligence Center, described opportunistic attacks by upwards of nine groups affiliated with Iran’s Ministry of Intelligence and another seven affiliated with the IRGC. Over the weekend, Israel’s National Cyber Directorate released technical details to help companies identify and remediate Iranian malware targeting Israeli organizations. Gaby Portnoy, head of the directorate, told CNN last week that he is “very concerned” about Iranian cyberattacks.
“FBI Director Warns of Increased Risk of Iranian Cyberattacks,” FDD Flash Brief
“Russia’s alarming axis with Iran is in plain view and should stiffen resolve behind Ukraine,” by Peter Doran and Ivana Stradner
“Hamas Network Spreads Dangerous Disinformation,” FDD Flash Brief
Subscribe to FDD Flash Briefs