Hamas-Israel Cyber War Escalates: What We Know So Far

Why Trust Techopedia

Just days ago, Hamas militants launched an unprecedented attack on Israel, plunging Palestine and Israel into horrific conflict.

So far, an estimated 2,200 rockets have been fired toward Israel by Hamas militants since October 7, with the total death toll totaling over 1,500

With the conflict between the two countries escalating, cyberthreat actors and hacktivists have been engaging in offensive operations on both sides. Reportedly, around 15 known cybercriminal and hacktivist groups have participated in cyber attacks.

Some of the most notable groups among them are Anonymous Sudan and Killnet, allegedly Russian-state-sponsored groups, which have each publicly claimed they will target Israeli government systems.  

Key Takeaways

  • Approximately 15 cybercriminal and hacktivist groups have engaged in offensive cyber operations on both sides of the conflict.
  • Notable groups include Anonymous Sudan and Killnet, which have publicly declared their intent to target Israeli government systems.
  • Pro-Hamas threat actors have targeted Israeli government sites and engaged in DDoS attacks, while pro-Israel groups like the Indian Cyber Force have launched cyberattacks on Palestinian targets.
  • The conflict’s cyber aspect poses risks of misinformation spread, and experts warn that it could escalate into a cyber war, with potential synchronization between cyber and on-ground military operations.

A Look at the Offensive Operations of Pro-Hamas Threat Actors

At this stage in the war between the two countries, there has been a substantial amount of activity leveraged against Israel by Pro-Hamas and Pro-Palestine threat actors. 


Perhaps the most vocal has been Killnet, which issued a statement on its Telegram alleging that the Israeli government “supported the terrorist regime of Ukraine”  and had “betrayed” Russia before warning that Israeli government systems would be targets.

However, one of the biggest attacks so far has been the sustained DDoS attacks against The Jerusalem Post’s website. Although the publication hasn’t confirmed who was behind the attack, Anonymous Sudan has claimed responsibility for the campaign. 

Another active group, known as the Ghost of Palestine, has allegedly targeted over 20 government sites, including the Ministry of Foreign Affairs. FalconFeeds, which has been monitoring the group, has been questioning whether the group has been receiving support from external allies to enable these operations. 

More broadly, Senior threat researcher at Proofpoint, Joshua Miller, told Techopedia that the organization had found that the Palestine-aligned threat actor TA402, aka Molerats, has consistently targeted Ministries of Foreign Affairs for the Gulf States. 

The Other Side: Pro-Israel Cyber Operations

On the other side of the conflict, a number of threat actors have begun acting to support the Israeli state or, at the very least, taken a neutral or anti-Palestine stance. 

One of the most active groups so far has been the Indian Cyber Force, which first announced plans to launch cyberattacks on Palestine from October 8th onwards.

Since then, the group claims to have taken down a range of target sites, including the Ministry of Transportation, webmail government services, U Buy, and the Hamas official website

In addition, a group called ThreatSec has declared itself “neutral,” in this instance stating that it will target both Israeli and Palestinian targets. The group also claims to have compromised AlfaNext, the largest internet service provider (ISP) in Palestine. 

What a New Cyber War Means for The Wider World 

Although the Israel-Palestine conflict has seen a high degree of violence so far, the malicious cyber activity engaged in on both sides has largely been contained. 

Nation Security Agency senior cybersecurity advisor Rob Joyce explained yesterday at a security conference in Sea Island, Georgia:

“One of the big worries, of course: is there a cyber component at this point? I’d say not yet.” 

That being said, Joyce did acknowledge the U.S. had observed “small denial-of-service” attacks and warned that he expected “significant events” in the future. 

Joyce isn’t alone in expecting the conflict to worsen, with Risk consulting, markets, and emerging business leader at PwC, Siddharth Vishwanath, also warning that the war is “Escalating in the physical world, and it is likely [to] escalate into a full-blown cyber warfare.” 

While organizations outside of Israel and Palestine shouldn’t panic, it’s essential to prepare for an uptick in activity among decentralized threat actors. 

For instance, security researcher Will Thomas has noticed an increase in posts for DDoS-for-hire or Initial Access Broker services, which would enable third parties to use another entity to target Israeli and Palestinian targets. The more profitable these services are, the greater their potential to multiply.  

The Major Risk: Synchronized Cyber and On-the-Ground Operations

According to the senior manager of cyberthreat research at MDR provider Critical Start, Callie Guenther, the main risk factor presented by the cyber operations seen so far is if they become synchronized with military objectives. 

“While a vast number of hacktivist attacks are symbolic, aiming to gain attention or make political statements, the involvement of groups with alleged state ties like Anonymous Sudan and Killnet changes the narrative,” Guenther said.

“Their operations could transition from being symbolic gestures to strategically aligned offensives that complement on-ground military actions.” 

As a result, Guenther highlights it’s important not to merely dismiss these groups as taking symbolic actions and to consider that their operations can provide tactical advantages or provide strategic intelligence gathering. 

In any case, given the severity of the conflict, organizations affiliated with Israel or Palestine, or allied states of either area, should remain vigilant against potential hacktivist activity. After all, threat analysts have already discovered hacktivist groups targeting nations like India and France. 

At the same time, if U.S. and European involvement in the conflict increases, there is the potential that hacktivist groups will target these entities, too. 

Don’t Forget Misinformation

With so many direct cyber-attacks going back and forth, it’s easy to forget that threat actors are also attempting to use misinformation as a weapon. Cyabra, a social media threat intelligence provider, shared research with Techopedia suggesting that Hamas had been using platforms like X and Tiktok to spread propaganda. 

Cyabra analyzed over 1 million posts, pictures, and videos and uncovered Hamas-controlled fake online accounts created to spread disinformation or gather information about targets. 

The firm found that 1 in 5 social media accounts participating in the online conversation are actually fake, with fake accounts most actively spreading disinformation on X and Tiktok. 

This highlights that cyber warfare isn’t just about disruption but spreading a narrative. The Russia-Ukraine war has also demonstrated this with Russian-sponsored actors using fake social media accounts, forged documents, manipulated videos and images to undermine support for Ukraine. 

The Bottom Line

With the Israel-Palestine conflict intensifying, while important for organizations not to panic, it’s also important to recognize that the threat landscape has the potential to change rapidly. 

In a world where volunteers can take up digital arms for any cause they desire, organizations can’t anticipate that these entities will agree on centralized rules of engagement. 


Related Reading

Related Terms

Tim Keary
Technology Specialist
Tim Keary
Technology Specialist

Tim Keary is a freelance technology writer and reporter covering AI, cybersecurity, and enterprise technology. Before joining Techopedia full-time in 2023, his work appeared on VentureBeat, Forbes Advisor, and other notable technology platforms, where he covered the latest trends and innovations in technology.