Thursday, May 1, 2025
HomeCyber AttackIran Launched A Major Cyberattack Against Critical Infrastructure In Israel

Iran Launched A Major Cyberattack Against Critical Infrastructure In Israel

Published on

SIEM as a Service

Follow Us on Google News

Over the weekend, Iran launched missile and drone attacks on Israel, retaliating for a suspected Israeli strike on its Damascus consulate that killed 13 people last week.

This escalation arises from the ongoing Israel-Iran rivalry and Israel-Palestine conflict. 

Cyber activities predated the attacks by nearly a year, starting in late March when hacktivist groups announced digital offensives against both sides following Hamas’ large-scale offensive from Gaza towards Israel in October 2023 amid intensified Israeli-Palestinian tensions. 

- Advertisement - Google News

The tit-for-tat violence between Israel and Iranian proxies like Hamas shows no signs of decreasing.

SOCRadar observed cyber activities preceding and paralleling the physical Israel-Hamas conflict that began last year. 

Once again this week, cyber offensives foreshadowed the missile and drone attacks exchanged between Israel and Iran, demonstrating how cyber warfare often preludes and accompanies kinetic military operations.

Iran’s Attack On Israel

The cyber defense chief Gaby Portnoy of Israel indicated that the cyberattacks targeting Israel tripled since the conflict with Hamas began on October 7, driven by increased involvement from Iran, Hezbollah, and allied hackers.

Document
Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

While attack volumes were highest in the conflict’s initial months before tapering, certain days and events saw major spikes in activity. 

Recent weeks have witnessed an uptick in hacktivism by groups like OpIsrael and FreePalestine, reflecting the ebbs and flows of cyber offensives paralleling kinetic clashes.

Self-claiming Hezbollah-affiliated hacker groups on Telegram carry out various cyber attacks (Source – SOCRadar)

A threat on Telegram urged hackers to target Israel during Jewish holidays, citing symbolism in Israeli actions.

Various groups seized on holidays and conflict dates as opportunities for coordinated cyber attacks, SOCRadar said.

While many hacktivists merely signal impending events, wittingly or not, some groups like IRGC-linked, Hezbollah-backed, Iranian APTs, and Houthi hackers had more substantive cyber impacts during the Israel-Hamas conflict. 

The allegedly state-sponsored Cyber Toufan/Cyber Toufan Al-Aqsa conducted major operations and coordinated other groups to hit similar targets simultaneously. 

After a long break, their activity resurged in early April, potentially foreshadowing the latest Israel-Iran cyber/kinetic escalation.

Wake up call of Cyber Toufan Al-Aqsa (Source – SOCRadar)

During the Israel-Hamas conflict, a group called Cyber Toufan Al-Aqsa, allegedly sponsored by the state carried out major operations in which it mobilized other groups to hit the same targets simultaneously.

In the start of April this year, they came back after going silent for some time.

In late March, however, IRGC-linked Cyber attackers, popular for attacking OT systems and exposed before they were sanctioned again, reappeared, telling people about an upcoming “big” thing.

They consequently took credit for a huge cyber-attack as payback for Iran’s strikes on Israel.

Handala’s alleged hack of Israeli radar systems (Source – SOCRadar)

Cyber Av3ngers claimed responsibility for cutting electricity across “occupied territories” from south to north in retaliation for Israeli actions in Gaza. 

However, besides this, the widening scope to strike overflow targets like Saudi Arabia demonstrates how easily hacktivism can expand cyber confrontations.

Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Managing Shadow IT Risks – CISO’s Practical Toolkit

Managing Shadow IT risks has become a critical challenge for Chief Information Security Officers...

Application Security in 2025 – CISO’s Priority Guide

Application security in 2025 has become a defining concern for every Chief Information Security...

Preparing for Quantum Cybersecurity Risks – CISO Insights

Quantum cybersecurity risks represent a paradigm shift in cybersecurity, demanding immediate attention from Chief...

Securing Digital Transformation – CISO’s Resource Hub

In today’s hyper-connected world, securing digital transformation is a technological upgrade and a fundamental...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens

Darktrace's Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been...

Nitrogen Ransomware Uses Cobalt Strike and Log Wiping in Targeted Attacks on Organizations

Threat actors have leveraged the Nitrogen ransomware campaign to target organizations through deceptive malvertising...

TheWizards Deploy ‘Spellbinder Hacking Tool’ for Global Adversary-in-the-Middle Attack

ESET researchers have uncovered sophisticated attack techniques employed by a China-aligned threat actor dubbed...