The horror movie that is cyberwars

In the past, hacker wars between pro and anti-Israel groups focused on breaking into prominent organizations and vandalizing their websites with slogans and epithets. The goal was to show contempt towards the enemy, while also demonstrating their (very limited) hacking skills.

However, the cyber battles of recent months between Israel and Iran are hitting deeper, at more sensitive targets. They are part of a war of perception, in which psychological warfare tools are used. Iranian infrastructure such as fuel supplying systems have been damaged, leading to long lines at gas stations and an erosion in the citizens' trust in the ability of the government to ensure them a normal life. In Israel, the attack was on a variety of entities that hold databases with sensitive information, that when leaked damages the privacy and personal security of citizens, and calls into question the state's ability to ensure secure digital infrastructure.

Evidence of this trend can be seen through the types of Israeli entities that were attacked. They are not randomly selected based on their level of vulnerability, but rather carefully chosen with an understanding of the types of data they may hold. On the one hand, small to medium-sized private entities such as public transport companies, dating sites, and groups are attacked, and on the other hand, supply chain links, such as voice response service providers and web hosting companies. The former hold user information; The latter hold information of their thousands of customers and countless consumers. This information has value in itself, and is sometimes technical in nature, and can be used for sub-breaches to customers and consumers to obtain even more sensitive and embarrassing information.

Further evidence of this new reality is the manner in which the stolen information is handled. The hackers did not dump it in mass on the Darknet like a factory that dumps sewage into the sea. Rather, they are assisted by analysts and volunteers to sort through the data, analyze it and select from it individual pieces of information, which showcase their superior capabilities, the depth of their breach, and its potential for damage. For example, in the case of Atref, a dating app for the LGBTQ community, the information stolen from it could out its users, harm them socially and endanger their personal safety.

The hackers' conduct vis-a-vis the media reinforces the sense that their goal is to shape perceptions. The hackers set up independent communication channels, such as telegram accounts, where they update on the hacks and the stolen information. The mainstream media is forced to chase their tails and the hackers hold control over the press. If it refuses to report on the story, the hackers will reach the Israeli public directly through their independent distribution channels, spamming the phone numbers and email addresses they collected, and even directly to the specific people whose information has been stolen.

Thanks to this independent distribution, the hackers also control the media agenda when they choose what, when and how much to publish. For example, in Atraf’s case, the hackers did not leak the full database to a particular journalist, but published details about only a thousand users, who they claim constitute "only 1%" of the information in their possession, in a kind of trailer to their horror film. The hackers understand that a continuous trickle of information keeps the story on the front page and in the public’s consciousness longer. It also prolongs the period of anxiety and uncertainty of people whose details have not yet been leaked but may be later.

In case we Israelis did not already know this, the Iranian hackers are trying to tell us: "The personal, private and sensitive information of all of you is in constant danger." If this was a real movie trailer, at this point, we would have heard a rolling and sinister laugh. 

Ido Kenan is VP Content, Cytactic cyber crisis management