In light of recent developments in the Middle East, the National Cyber Coordination and Command Centre (NC4) is closely monitoring the cyber campaign centred around this conflict. Multiple hacktivists have reportedly gathered and launched cyber attacks, which, based on historical data, include web defacement, document leaks, and distributed denial of service (DDOS) attacks. NC4 would like to remind System Administrators and Network Administrators to implement adequate cyber security measures to ensure systems and networks are always secure.
Possible information leakage includes personal identifying information (PII), web defacement and service disruption.
All operating systems, web servers and online services.
Since the outbreak of hostilities on 7 October 2023, around 100 threat actors have gathered and focused their cyber activities on entities connected to Palestine and Israel, primarily using DDoS attacks. Notable tactics involve the leaking of credentials for Israeli websites and systems, the publication of stolen data, the launching of DDoS attacks, and one of the latest Tactics, Techniques, and Procedures (TTPs) involves the hijacking of application programming interfaces (APIs) to send fake alerts on mobile apps. It is important to note that this campaign will also rely heavily on social media psychological warfare. As of now, there are approximately 77 threat actors who support the Palestinian cause, while 20 threat actors align themselves with Israel. Additionally, there are 3 threat actors who remain neutral. Several Pro-Israeli threat actors have been identified with a history of launching cyber attacks against Critical National Information Infrastructure (CNII) sectors in Malaysia in the past.
Based on NC4's most recent cyber threat intelligence analysis, there has been an increase in cyber activities observed in Malaysia over the past 30 days, particularly malware and DDoS. These activities have witnessed a significant surge, reaching a peak of 40 million events by 25 October 2023. In the upcoming weeks, it is anticipated that there will be an increase in activity by Pro-Israel threat actors due to the fact that current cyber activities have expanded beyond the two conflicting sides and are now affecting other countries that support either side, whether openly or historically. One example of the spillover effect is the new operation called #OpSingapore, which was initiated by a threat actor in the SEA region.
Therefore, it is crucial for organisations to take immediate action to safeguard against potential attacks that could disrupt daily operations.
Organisations are advised to be vigilant and to take the following actions: