The Silent Front: How the Israel-Hamas Conflict Exposes Risks in the U.S. Defense and Technology Supply Chain

On October 7th, 2023, at 6:30 a.m., Hamas launched rockets into Israel, breaking through the Gaza barrier to attack major cities.

On October 7th, 2023, at 6:30 a.m., Hamas launched rockets into Israel, breaking through the Gaza barrier to attack major cities. The physical impact was immediate and devastating. However, the digital landscape was also a battlefield, one that holds particular significance for U.S. defense and technology companies tied into global supply chains.

Hours before the rockets hit, the Jerusalem Post reported experiencing a cyber-attack. Soon after, Israel’s energy grid and critical infrastructure were also targeted. These digital strikes had ripple effects, compromising companies responsible for the security and monitoring of not only Israeli assets but global ones.

The Digital Battlefield: A Timeline

The Israel-Hamas conflict has been a crucible for escalating cyber activities, pulling in various state-sponsored actors and hacktivist groups. Here’s an expanded timeline of cyber events:

October 7th, 2023: Initial Attacks

6:30 a.m.: Hamas launches rockets at Israel.
Less than 1 hour after the initial attack: Anonymous Sudan targets Israel’s emergency warning systems and claims to have disrupted alerting applications.
Same Day: Jerusalem Post targeted by Anonymous Sudan.

Intensification and Escalation

Pro-Hamas group Cyber Av3ngers: Targets Israel Independent System Operator (Noga), shutting down its website and compromising its network. Also targets Israel Electric Corporation and a power plant.
Pro-Russian group Killnet: Launches cyber-attacks against Israeli government websites.
Ghosts of Palestine: Calls for global hacker participation to attack infrastructure in Israel and the U.S.
Libyan Ghosts: Begins defacing small Israeli websites in support of Hamas.

Types of Attacks

Majority of the attacks are Distributed Denial-of-Service (DDoS), aimed to disrupt and disable services. Some groups, like Killnet and Anonymous Sudan, have previously engaged in highly disruptive attacks against major companies like Microsoft and Telegram.

Counter-Attacks

ThreatSec: A pro-Israel group claims to have compromised the infrastructure of Gaza-based ISP AlfaNet.
Hacktivists from India: Attack Palestinian government websites.
Garuna and TeamHDP: Announce support for Israel and target Hamas and the Islamic University of Gaza.

Industry Reports

Microsoft: Reports activity from Gaza-based group Storm-1133 targeted at Israeli organizations in defense, energy, and telecommunications sectors. The group is believed to be aligned with Hamas.

For Business Executives: Tips to Remain Vigilant

Conduct a Rapid Third-Party Risk Assessment
Monitor Systems for Suspicious Activities
Change Passwords for Email and Other Critical Systems
Test Systems for Known Vulnerabilities

The Israel-Hamas war is a chilling reminder that physical conflicts are increasingly accompanied by digital ones. For business executives in the U.S. defense and technology sectors, safeguarding against these silent yet destructive battles are no longer optional—it’s a necessity.

Author(s): Greg Tomchick