While Israeli children were listening to their teacher on Zoom, the screen lit up with a picture of a man in fatigues holding a pistol, according to a Reuters screenshot. Another clip showed a billboard in Holon, a central Israeli city, showing rockets and an Israeli flag burning. A group of Israeli information security experts are joining forces to offer free cyber security services to Israeli businesses amid a surge in hacktivism fueled by the Gaza war, volunteers said.
Zoom released a statement that it was "deeply upset" about the disruption and that it will continue to provide help to allow schools in Israel to operate with remote attendance.
"It is possible that communications and command-and-control digital infrastructure have been targeted by nation-states involved in the conflict (including Israel and Iran) and as more information becomes available, we will begin to learn more about what has been targeted", SANS Institute's Rob T. Lee said. According to Lee, Israel's enemies may begin with cyberattacks first, before moving on to kinetic attacks, in order to avoid drawing in more nations. When it comes to nation-state offensive capabilities, intelligence gathering is the primary focus, Lee said. Lee also noted that the cybersecurity industry is aiding Israel in its war effort.
As CEO of BlackCloak, Chris Pierson believes Israel's "substantive cybersecurity intelligence and strike capability" will give it an advantage, as he believes Israel is home to some of the best commercial cybersecurity companies in the world.
Still, Israel has been the target of DDoS attacks, and experts predict that other types of attacks against Israeli businesses and organizations will increase. These attacks could target civilians in addition to infrastructure and military targets. They could be carried out by state-backed and non-state-backed operators with far larger arsenals than a DDoS botnet.
It would be wise for all Western organizations to take note of these attacks and make investments in a strong foundation of security. Some of the most highly recommended ways Western companies could enhance their cybersecurity include:
Develop and implement a comprehensive cybersecurity strategy. This strategy should be tailored to the specific needs of the company and should include a risk assessment, controls to mitigate those risks, and a plan for responding to incidents.
Educate and train employees on cybersecurity best practices. Employees are often the weakest link in the cybersecurity chain, so it is important to teach them about common threats and how to protect themselves and the company.
Use strong security tools and technologies. This includes antivirus software, firewalls, intrusion detection systems, and encryption.
Keep software and systems up to date. Software updates often include security patches, so it is important to install them promptly.
Monitor networks and systems for suspicious activity. This can help to detect and respond to attacks quickly.
Have a plan for responding to incidents. This plan should include steps to contain the damage, identify the cause of the incident, and prevent it from happening again.
In addition to these general recommendations, there are some specific steps that Western companies can take to enhance their cybersecurity:
Secure their supply chain. Many companies rely on third-party vendors for software, hardware, and services. It is important to ensure that these vendors have adequate cybersecurity measures in place.
Protect their data. This includes encrypting sensitive data at rest and in transit, and restricting access to data to only those who need it.
Use multi-factor authentication (MFA). MFA adds an extra layer of security to accounts by requiring users to enter a code from their phone in addition to their password.
Segment their networks. This can help to limit the damage caused by a breach.
Have a plan for business continuity and disaster recovery. This plan should help the company to continue operating in the event of a cyber attack or other disaster.
Webcheck Security is a security consulting firm that can help clients accomplish their security objectives in a number of ways, including:
Security assessments: Webcheck Security can conduct security assessments to identify vulnerabilities in the client's network, systems, and applications. This can help the client to prioritize security risks and develop a plan to mitigate them.
Security architecture: Webcheck Security can help clients to design and implement a security architecture that meets their specific needs. This can include things like network segmentation, firewalls, intrusion detection systems, and encryption.
Security engineering: Webcheck Security can help clients to implement and manage security solutions. This can include things like installing software updates, configuring security settings, and monitoring for suspicious activity.
Security training: Webcheck Security can provide security training to the client's employees. This can help employees to understand common security threats and how to protect themselves and the company.
Security incident response: Webcheck Security can help clients to develop and implement a security incident response plan. This plan can help the client to quickly and effectively respond to cyber attacks and other security incidents.