On October 7, 2023, amid a real-world conflict, Israeli websites providing critical information and alerts to civilians on rocket attacks were hit by a series of DDoS attacks. Cloudflare systems detected and mitigated these attacks, which were as intense as 1M requests per second. Pro-Palestinian hacktivist groups also targeted various Israeli websites and apps, including compromising an app alerting civilians about incoming rockets by sending fake alerts. Cloudflare's Threat Operations team discovered malicious mobile applications impersonating legitimate alert apps, which could access sensitive user data. These cyberattacks occurred alongside physical threats, creating a complex situation for Cloudflare and the affected organizations to manage, emphasizing the intersection of physical and cybersecurity domains during times of conflict.
Source: https://blog.cloudflare.com/cyber-attacks-in-the-israel-hamas-war
TPRM report: https://scoringcyber.rankiteo.com/company/cloudflare
"id": "clo420051124",
"linkid": "cloudflare",
"type": "Cyber Attack",
"date": "10/2023",
"severity": "100",
"impact": "8",
"explanation": "Attack that could bring to a war"{'affected_entities': [{'customers_affected': 'Israeli civilians',
'industry': 'Cybersecurity',
'location': 'Global',
'name': 'Cloudflare',
'type': 'Technology Company'}],
'attack_vector': ['DDoS', 'Malicious mobile applications'],
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Sensitive user data'},
'date_detected': '2023-10-07',
'description': 'On October 7, 2023, Israeli websites providing critical '
'information and alerts to civilians on rocket attacks were '
'hit by a series of DDoS attacks. Cloudflare systems detected '
'and mitigated these attacks, which were as intense as 1M '
'requests per second. Pro-Palestinian hacktivist groups also '
'targeted various Israeli websites and apps, including '
'compromising an app alerting civilians about incoming rockets '
"by sending fake alerts. Cloudflare's Threat Operations team "
'discovered malicious mobile applications impersonating '
'legitimate alert apps, which could access sensitive user '
'data. These cyberattacks occurred alongside physical threats, '
'creating a complex situation for Cloudflare and the affected '
'organizations to manage, emphasizing the intersection of '
'physical and cybersecurity domains during times of conflict.',
'impact': {'brand_reputation_impact': 'Potential loss of trust',
'data_compromised': 'Sensitive user data',
'identity_theft_risk': 'High',
'operational_impact': 'Fake alerts sent, User trust compromised',
'systems_affected': ['Israeli websites', 'Mobile alert apps']},
'initial_access_broker': {'entry_point': 'Mobile applications',
'high_value_targets': 'Critical alert systems'},
'investigation_status': 'Ongoing',
'lessons_learned': 'The importance of monitoring and mitigating cyber threats '
'during times of conflict, especially when physical and '
'cybersecurity domains intersect.',
'motivation': 'Political, Disruption',
'post_incident_analysis': {'corrective_actions': 'Enhanced monitoring and '
'mitigation strategies',
'root_causes': 'DDoS attacks and malicious mobile '
'applications'},
'recommendations': 'Enhance monitoring and mitigation strategies, improve '
'communication and coordination with affected '
'organizations, and increase public awareness about the '
'risks of malicious mobile applications.',
'references': [{'source': 'Cloudflare'}],
'threat_actor': 'Pro-Palestinian hacktivist groups',
'title': 'DDoS and Hacktivist Attacks on Israeli Websites and Apps',
'type': 'DDoS, Hacktivism, Malware'}