In recent weeks, the exchange of cyber attacks between Iran and Israel, two countries in hostile relations for decades, seems to have entered a new phase. While cyber attacks over the years were aimed mainly at members and structures of the government and the army, today they also affect civilians, on a large scale. In the last month alone there have been two attacks, respectively against the Iranian fuel distribution network and against a dating site and a large network of private clinics in Israel – both affecting millions of people.
– Read also: The “cyberwarfare” explained
For decades Israel and Iran have been engaged in an indirect conflict that has not yet resulted in open war, but which is one of the most intense rivalries in the Middle East. For years it has been proceeding under the radar in ways that are sometimes not very explicit: for this reason, expressions such as “shadow war” are used to describe it.
Among the means used by both sides there is also the implementation of cyber attacks, aimed at spying or sabotaging the activities of the enemy government, and for some time to put the civilian population in difficulty. They are not physical or fatal attacks, therefore, but operations that create inconvenience on a very large scale. For those who perform them there is also another advantage: they are easier to organize, because the computer systems in question are much less protected than the physical government and military ones.
In fact, up to now the attacks between Iran and Israel have mainly concerned people and entities linked to armies and governments. One of the first and most effective cyber attacks in this confrontation, for example, occurred between 2008 and 2009, when Mossad, Israel’s foreign intelligence agency, developed and in all likelihood inserted a computer virus into the Natanz nuclear plant, the most important center of the Iranian nuclear program. For months the virus, known as Stuxnet, slowly and silently sabotaged Iranian centrifuges, preventing them from working. It was not the last time: also in April of this year there was a sabotage at the Natanz plant, most likely organized by Israel, which as often happens in cases like these has not denied or confirmed its involvement in the operation. In 2020, however, Israel rejected a cyber attack against its water network, attributing it to Iran.
– Read also: When did Israel and Iran become enemies
The attacks last month, however, are unprecedented in extent, affecting millions of people.
On October 26 this year, a cyberattack – attributed to Israel by two US defense members, interviewed anonymously by the New York Times – blocked some 4,300 petrol stations in Iran, causing inconvenience for nearly two weeks. The attack affected the system that regulates state subsidies for the purchase of fuel. In Iran such an attack is potentially disastrous: only two years ago there were huge protests against the increase in the cost of fuel, then violently repressed (according to Amnesty International, more than 300 people had died), and the state subsidy benefits most Iranians.
In practice, around 11 am on October 26th, thousands of distributors suddenly stopped working, and on a series of electronic panels and billboards in the country – for example those that in Italy, on the motorways, indicate speed limits or give information on traffic – messages appeared encouraging citizens to protest against the Iranian Supreme Leader, Ali Khamenei, for the lack of fuel. Instead of the usual advertisements, the billboards showed signs like “Khamenei, where’s my gas?” and then your office phone number.
Rumors then spread that the government had engineered the crisis to raise fuel prices, and local media reported that some Iranian taxi companies had doubled and tripled their fares.
The government was quick to limit the damage with numerous emergency meetings, a public apology on television promising an extra 10 liters of subsidized fuel for all car owners (60 planned per month), and sending technicians. at each of the service stations affected by the attack. It took about two weeks to restore the damage and reactivate the subsidy system.
About four days after the attack on the fuel distribution network in Iran, another attack occurred in Israel, affecting roughly 1.5 million people (about 17 percent of the entire Israeli population). .
The attack hit the databases of the Atraf website, an Israeli dating site for LGBT + people, the Machon Mor Medical Institute, which controls a network of private medical clinics in the country, and the Israeli insurance company Shirbit. The sensitive data contained in the databases was published on a channel of the Telegram instant messaging app. At the request of the Israeli government, Telegram then closed the channel, but the hackers continued to republish the data on other channels.
The information contained names, addresses, and very private details such as sexual preferences and habits, medical information (for example, whether HIV was positive or not), as well as videos and photographs shared between users of the site. The attack is believed to have been carried out by Black Shadow, a little-known group of hackers considered close to Iran, which according to some Israeli government officials interviewed anonymously by the New York Times would have commissioned the attack.
For some years now there has been talk of the escalation of the conflict between Israel and Iran, and that there is fear of its transformation into open war. In recent years, the main battlefield has become the Syria, but according to some opinions, the expansion of cyber attacks on civilians could strongly contribute to the degeneration of the conflict. According to analyst Maysam Behravesh, if the attacks increase, the two countries would end up “one step away from military confrontation”.
– Read also: The Iranian scientist killed with artificial intelligence