In the next few days and throughout April, Israeli is expected to be under cyber-attacks from different cyber groups, associated with or sympathetic to the Palestinian struggle against Israel. It’s a ritual that has been happening since 2013.
OpIsrael is the name for the attack that occurred on Holocaust Day, April 7, 2013. The Anonymous and AnonGhost hackers allegedly participated in such cyberattacks in previous years.
The point of these attacks is to generate fear and a sense of lack of control among the citizens of Israel, the news, and media, and to promote violent calls for action against Israel and the occupation of Palestinian. OpIsrael mainly targets government websites and services to wreak havoc and damage. But these attacks also try to target civilians by stealing their private information, such as passwords, cards, ID numbers, financial data, and digital files. In previous attacks, OpIsrael hackers published leaked private information, and spread spam using phishing techniques and ransomware-as-a-service (RaaS) attacks.
The hackers usually prepare for these annual attacks (2022 will be the eighth consecutive year) by seeking opportunities and security sensitivities that they can manipulate. The cyber protection unit in the Israeli government is aware and proactive in preparing for the annual attack and issues a warning to all government employees and offices. This leaves small businesses and organizations the primary target for hackers.
How your business or organization can stay safe
During these attacks, small businesses might encounter data leakage, have their reputation damaged, or be exposed to penalties if sensitive information was illegally stored.
To prevent data from being leaked, it is essential to verify what information is stored. If such data is obsolete or not necessary, it might be wise to delete it. Holding unnecessary data is like storing diamonds in your drawer; if someone takes it, it can be very costly.
Next, we have website defacement. Website defacement is probably the most common attack on small businesses during OpIsrael. Your company website, where most customers go to order your goods, will no longer be the website you know. When customers go to your website, it will look like someone hacked it and be displayed with OpIsrael propaganda. Defacement does show a lack of security, resulting in some users refraining from providing sensitive information like credit cards or name and address information. In addition, it prevents users from making purchases or contacting your business. Preventing website defacement is somewhat easy and simply requires you to talk with your website provider. Ask them for a Web Application Firewall (WAF) and update the website's infrastructure to the latest version. The WAF can detect attempts of attacks and deny the threat actor from succeeding.
Finally, we have ransomware – the most sophisticated form of attack that OpIsrael uses. But because of its complexity, we see it used less during this time. Ransomware is usually delivered via email or through untrusted websites. It is best advised not to open attachments in emails that you’re not expecting or click on links that look suspicious. Another effective way to prevent this attack is by educating your users on what such an attack looks like and teaching them what to be wary of. There are many solutions in the market, ranging from awareness training to phishing simulations.
How can you minimize the ransomware impact? First, you should get a backup of your data. That includes email, documents, and databases used by the company. This way, you can be sure your data stays intact and comes back to somewhat regular operation should you be attacked. You will still have to pay the ransomware threat actors to get fully operational again, but I’d suggest bargaining the price. Remember, they want you to pay so they can be flexible. Cyber insurance is also helpful in these cases, so you won’t have to pay a significant amount of money out of pocket– you can activate the insurance for that.
To any private users during OpIsrael: it is best to avoid giving any personal information, like credit card numbers, through links coming in text messages. Often, these links are posing as the Israeli Postal Services or customs, which thousands of users have fallen victim to in the past, so beware!
Written by Maor Hizkiev Sr. Director, Software Engineering, Datto