Campaigns that typically target Israel this year may also target its allies, including the US.
Members of OpIsrael and OpJerusalem, campaigns aimed at Israel’s websites and services through ransomware, DDoS, and various other cyberattacks, are calling on hacktivists to join forces ahead of the campaigns' anniversaries, cybersecurity company Radware warns.
OpIsrael is an annual coordinated cyber campaign, launched in response to Israel’s military operations in Gaza Strip. It typically occurs on April 7th, aligning with Holocaust Remembrance Day and, in recent years, the anniversary of conflicts involving Israel.
Meanwhile, OpJerusalem is another annual cyber campaign orchestrated by anti-Israel hacktivist groups to coincide with Iran's Al-Quds Day, which this year falls on March 28th.
In its report, Radaware claims to have observed growing mentions of campaigns signaling imminent attacks. The company also warns that this year hacktivists appear to also be targeting US allies, including the US and the UK.
Close to 50 hacktivist groups called to action
Radware has recently noticed a call to action on a private Telegram channel named ‘#OpIsrael’, urging hacktivist networks to oppose Israel's policies, particularly those related to the occupation of Palestinian territories.
Around 50 hacktivist groups were tagged in the channel. One of the most documented groups, Holy League, engages in a mix of DDoS attacks, website defacements, and the leakage of sensitive data.
“Such tactics aimed at spreading fear and disruption through high-profile data breaches. Holy League’s motivations are deeply rooted in geopolitical tensions, with a strong emphasis on support for Palestine and outspoken opposition to Western entities such as NATO,” the report reads.
Some of the other groups are persistent threat actors known for consistently claiming cyberattacks, while others focus on website defacements, data leaks, or breaches.
The report also notes that the OpIsrael threat landscape extends beyond the hacktivists explicitly mentioned in the call to action.
Last year, numerous groups were observed forming alliances with like-minded actors, while over the past year, alliances emerged between hacktivists of diverse nationalities and differing motivations.
More recently, DDoS threat groups shifted tactics from network-based DDoS attacks to acombination of network and application layer attacks.
Vulnerability scanning starts in March
OpIsrael was launched and initiated by the hacktivist group Anonymous in 2013. Over the years, it has drawn participation from various hacktivist groups worldwide, including pro-Palestinian and pro-Muslim collectives.
While the effectiveness of these attacks has varied, they have occasionally led to temporary disruptions of Israeli government, military, and private sector websites.
Radware claims that reparatory actions such as reconnaissance, vulnerability scanning, and light probing generally begin in late March and ramp up significantly during the first week of April.
Meanwhile, propaganda, recruitment efforts, and operational coordination via platforms like Telegram, X (formerly Twitter), Pastebin, and various public and private forums usually intensify between the end of March and April 5th.
Your email address will not be published. Required fields are markedmarked