A suspected cyberattack caused missile attack sirens to sound in two cities in Israel this weekend. Although initially believed to be a malfunction, Israel’s cybersecurity agency said today that it believes the false alarms were triggered by a cyberattack.
Local reports have speculated that the attack originated from Iran. Cyberattacks between Israel and Iran are intensifying, with civilian targets coming under increasing fire.
On Saturday evening, missile attack warning sirens were activated in Jerusalem and Eilat, and rang for almost an hour. The Israeli Defence Force reassured civilians that the sirens were a false alarm, which it attributed to a ‘malfunction’.
This morning, however, the Israel National Cyber Directorate confirmed reports that it suspects the alarms were caused by a cyberattack on the municipal alarm systems.
Following the news, the Israel Internet Association called on local authorities to bolster their cybersecurity defences. The incident revealed “how much damage to civilian systems disrupts the lives of Israeli citizens, and a gap between Israel’s excellent cyber defence capabilities on infrastructure that it defines as critical and the deficient protection of other civilian infrastructures,” it said.
Escalating cyberattacks between Israel and Iran
Local reports have speculated that the cyberattack was carried out by Iran, as cyberattacks from Israel’s geopolitical rival have been mounting. Last week, Israeli security provider Check Point revealed a spearphishing operation by Iranian hackers that targeted high-ranking Israeli officials, including former foreign minister Tzipi Livni.
In April, the Israel Airport Authority’s website was knocked offline by a DDoS attack by the Altharea Team, a group “suspected to be operated by Iran, or Iraqis that support Iran”.
Iran-linked cyberattacks have also struck UK-based targets. Last month, the Port of London Authority’s website was taken down by a denial of service attack by Altahrea Team.
Israel carries out cyberattacks against Iran too. Last year, petrol stations across Iran were disrupted by a cyberattack that US officials attributed to Israel. And Stuxnet, the malware that targeted Iranian nuclear facilities, was developed by the US and Israel.
According to a New York Times report last year, both countries have expanded their offensive cybersecurity programmes to include civilian targets. Iranian hackers reportedly retaliated against the petrol station attacks by targeting an Israeli LGBTQ dating app.
Last month, Israel announced plans to create a cybersecurity equivalent of its Iron Dome missile defence system. Proposed regulation would oblige telecommunications providers to increase their cybersecurity monitoring.
“There isn’t a vital infrastructure that’s not connected to a server that’s connected to the field of communications somehow.” said communications minister Yoaz Hendel at the time. “The latest attacks show that political actors and others identify communications infrastructure as a preferred target that leads to strategic targets.”