The Israeli government has confirmed that it was the victim of a cyberattack on Monday that brought down a number of government websites for a short period of time.
‘In the last few hours, a denial of service (DDoS) attack has been identified on a communications provider which, as a result, has for a short time prevented access to a number of sites, including government sites,’ Israel’s National Cyber Directorate (INCD) said on Twitter.
The Directorate did not provide any other details on the cyber incident, but said that normal operations were quickly resumed.
In the past few hours, a DDoS attack against a communications provider was identified. As a result, access to several websites, among them government websites, was denied for a short time. As of now, all of the websites have returned to normal activity.@Israelgov
— Cyber Israel (@Israel_Cyber) March 14, 2022
A senior Israeli defence source told Israeli publication Haaretz that the hack was the “largest-ever” cyberattack carried out against Israel.
The websites of the ministries of health, justice, interior, and welfare, as well as the Prime Minister’s Office, were all attacked, according to the publication.
The cyber actors targeted websites with the .gov.il domain, which is used by the Israeli government for its websites, apart from those related to defence.
The Haaretz source also said that the attack was likely carried out by a state actor or a large organisation, although that has yet to be proven as officials are currently investigating the attack.
NetBlocks, a web monitoring group, said late Monday that Israel’s government network was unreachable worldwide late Monday and that the attacks on Israeli telecommunications carriers Bezeq and Cellcom were to blame for the widespread outage.
Israel’s Ministry of Communications said it reviewed the situation with the emergency services following a widespread targeting of government websites.
According to Haaretz, the INCD and the Ministry of Defence jointly declared a state of emergency after the incident to assess the extent of damage to vital Israeli websites and government infrastructure, such as Israel’s electricity and water suppliers.
DDoS attacks aim to flood websites with traffic, thereby overloading their ability to process the messages and leaving genuine users unable to access them.
The huge volume of traffic in such attacks usually comes in the form of fake packets, requests for connections, and incoming messages.
Hackers linked to Iran have been blamed for previous attacks on Israeli websites.
Israeli publication The Jerusalem Post claimed that the latest cyberattack was carried out by the Black Shadow group, which is closely linked to Iran.
While INCD did not confirm that claim, The Jerusalem Post stated that the attack may have been carried out in revenge for an alleged attempted sabotage on Iran’s Fordow Fuel Enrichment Plant.
Iran and Israel are engaged in a covert war that encompasses cyber strikes as well as physical site targeting.
Iran’s Revolutionary Guards stated on Sunday that they had launched missiles against an Israeli ‘strategic centre’ in the northern Iraqi city of Erbil.
However, Kurdish officials in control of the Erbil region denied Israel had any site there.
The missile attack happened about a week after two Iranian commanders were killed in a rocket attack in Syria, which Iran blamed on Israel.
In 2020, a cyber attack allegedly carried out by Israel-backed hackers caused extensive fires and an explosion at the Natanz nuclear facility in Iran.
The attack was carried out in retaliation for alleged attempts by Tehran to hack into Israel’s water infrastructure in April 2020, an effort that was spoiled by Israeli cyber defences.
In 2010, the Stuxnet virus, which is thought to have been jointly developed by the US and Israel, was used to attack the Natanz facility. During the attack, the virus caused around 1,000 centrifuges to spin out of control and damaged the equipment.