The worst Middle East cyber-attacks over the last 18 months, according to Positive Technologies

Positive Technologies, a global provider of information security solutions, has revealed what it considers to be the worst Middle East cyber-attacks to have taken place over the last 18 months.

According to Fedor Chunizhekov, an Information Security Analyst with the company: “The threat to the Middle East is very much real.

“Rapid advancement in technology and the growing independence on the internet means that attackers have novel and innovative ways to exploit vulnerabilities.”

Positive Technologies’ list is as follows:

Adalat Ali

In early 2022, an Iranian group of hacktivists that go by the name “Adalat Ali” successfully managed to interfere with Telewebion, a streaming service from the Islamic Republic of Iran (IRIB). It was able to broadcast a 50-second message calling for protests.

Bezeq and Cellcom DDoS attack

According to Israeli defence sources, this attack was the largest cyber-attack ever launched against Israel. In March 2022, a state of emergency was declared due to a powerful and prolonged DDoS leading to the inaccessibility of web resources of Israeli government agencies by targeting telecommunications companies Bezeq and Cellcom.

Public address systems

In June 2022, the public address systems in Jerusalem and Eilat were compromised by unnamed attackers; residents heard the sound of false air raid sirens for an hour while the attack took place.

Iranian Steel Plants Attack

In June 2022, there was a major attack on three Iranian steel plants by a hacktivist group that goes by the name Goneshke Darande, meaning “Predatory Sparrow”. They were able to disrupt processes and collapse a ladle of liquid pig iron in one of the plants, resulting in a fire that stopped production.

GamkenBot Scalper Bots

GamkenBot is an appointment scheduling bot developed by Israel to expedite the appointment scheduling with government agencies. However, the developers made the source code available to the public, which led to attackers making scalper bots that found and booked all available appointments. This was then monetised by selling appointments to citizens.

Cellebrite Data Breach

An Israeli company that provides digital data collection, analysis and management services called Cellebrite was targeted by hackers. Hackers were able to steal 1.7 TB of data from the company in a massive data breach. It has not been revealed who carried out the attack or the techniques they used.

Iranian News Agency Attack

Fars News was subject to a cyber-attack in November 2022. The group of hacktivists known as the Black Reward Team managed to steal nearly 250 TB of confidential information, were able to deface the site and gain access to CCTV footage. The news agency denies the attack.

Vice Society attack on IKEA

Vice Society, a ransomware group, targeted IKEA in Morocco and Kuwait in November 2022. The IKEA outlets experienced a data breach and their data was posted on Vice Society’s website. The attack indicated that Vice Society had gained access to sensitive employee data through phishing emails.

Chemical production attacks

In January 2023, a hacktivist group called Electronic Quds Force launched a campaign targeting Israeli chemical production companies. The message sent to employees was to “Leave their employment. Look for a new one”. The hackers posted screenshots with the interfaces of the automated control system on its Telegram channel, which confirmed the compromise of one of the chemical plants.

Irrigation system disruption

Farm irrigation systems in the Jordan Valley, and wastewater treatment control systems that are operated by the Galil Sewage Corporation, were targeted by hackers. The attack appears to have been part of OpIsrael, an anti-Israel hacktivist campaign.