In recent times, Israel and Iran have been caught up in a series of conflicts and tensions, both on the geopolitical stage and in cyberspace posing significant challenges to regional stability but have also made both nations targets for cybersecurity vulnerabilities. As tensions intensify, so does the risk of cyberattacks aimed at critical infrastructure, government institutions, and individual citizens.
Cybersecurity Vulnerabilities are Rising after Hamas Assault
At Constella, we’ve observed the escalating cyberwar between Israel and Iran manifesting through a series of high-profile data breaches. This ongoing cyber conflict not only reflects the heightened geopolitical tensions but also reveals a disturbing trend of sensitive data being weaponized. Our analysis shows that these breaches affect not only government institutions and key organizations but also impact millions of individual citizens, emphasizing the far-reaching consequences of cyber warfare.
- Israel insured information
On April 3rd, a threat actor named “MakhlabalNasr” claimed to have accessed data for 8 million Israelis insured with the Israel National Insurance Institute. The information includes bank account details, residential locations, and other personal data. This sensitive data is being shared in a Telegram group associated with the hacking group Makhlab_al_Nasr.
2. Israel Department of Defense
Later that week, on April 7th, a different threat actor claimed in the same breach forum to have access to sensitive information from the Israel Department of Defense. Although much of this data appears to have been previously exposed in 2023, the recent resurface of the breach compromised thousands of additional records containing the following information:
- National ID
- First Name
- Last Name
- Project
- Group
- Phone Number
- Email Address
- Date of Birth
- Age
- Hebrew Birth Date
- City
- Address
- Gender
- Status
- Father’s Name
- Country of Origin
- Level of Support
- General
- Injuries
3. Israel Election Campaign
In a separate incident, another breach potentially from an election app that was utilized by the Likud Party and other political affiliations exposed over 6.5 million records containing voter registration data and personal details of Israeli citizens. The compromised information included:
- Full names
- Phone numbers
- Identity card numbers
- Residential addresses
- Gender
- Age
- Political preferences
4. Israel Post
Earlier this week, on May 7th, a breach originally published in November 2021 resurfaced, with the threat actor group claiming it originated from Israel Post. This breach reportedly compromised 900K unique email addresses, along with associated personal information.
These are just a few examples of the many breaches we’ve observed over the last few days. The total number of Israel-related breaches has risen by 80% in recent months, reflecting the escalating cyberwar.
Similarly, Iran has not been immune to the dangers of cyber warfare. Collaborative efforts between Russia and Iran, as evidenced by the Crescent of Anon leak, have revealed a troubling alliance in cyberspace. The leak exposes not only email addresses, IP addresses, and domain names but also documents and agreements between Russia and Iran. These documents shed light on the depth of cooperation between the two nations in the realm of warfare, raising questions about their collective goals and potential targets.
In addition, the leak includes mentions of drone-related issues, suggesting discussions or plans for malicious operations beyond the traditional spheres of conflict.
Tips for Preventing Cybersecurity Vulnerabilities
Regardless of whether or not you are a citizen of countries embroiled in the ongoing cyberwar, as a member of the digital world, it’s crucial to protect yourself against the rising tide of cyber threats.
Follow these tips:
- Monitor Your Accounts Closely: Regularly check your bank statements, credit card statements, and any online accounts for unauthorized transactions or suspicious activity. Early detection can prevent further damage.
- Set Up Alerts: Many financial institutions offer free alert services that notify you of any unusual activity in your accounts. Enabling these alerts can provide you with immediate updates on any potential unauthorized transactions.
- Change Passwords Regularly: If your data has been compromised, change your passwords immediately. Use strong, unique passwords for each of your accounts and consider using a password manager to keep track of them.
- Be Wary of Phishing Attempts: Be cautious with emails, phone calls, or messages that ask for personal information or direct you to a website where you need to input personal data. Verify the authenticity of the request by contacting the organization directly using a trusted number or website.
