Cyberattack on Israel: Biggest Ever or ‘Iranian Propaganda’?

Israeli government websites were targeted in what was called a ‘wide-scale’ attack, perhaps the biggest in Israel’s history. A day after, this is what we know – and what we don’t

Omer Benjakob
Omer Benjakob
Send in e-mailSend in e-mail
Israel said it was targeted by what could be "the biggest cyber attack" in its history on Monday. But the picture seems to be a little different.
Israel said it was targeted by what could be "the biggest cyber attack" in its history on Monday. But the picture seems to be a little different.Credit: Dado Ruvic/Reuters
Omer Benjakob
Omer Benjakob

With all eyes on Russia and Ukraine, a cyberattack hit Israeli government websites late Monday night. The attack, which was initially announced by Israeli defense sources, was said to be one of the biggest in the country’s history. However, a day later, with the digital fog of war clearing, the reality looks somewhat different.

The Israeli cyber authority confirmed that the attack had occurred late Monday. However, by Tuesday morning, claims about the biggest attack in Israeli history had all but dissipated. “This was a routine attack – albeit one with serious volume – but not rare or significant,” Erez Tidhar, head of the cyber authority's Computer Emergency Response Team, or CERT, told Haaretz through a spokesperson Tuesday. So what actually happened? What do we know and what remains to be seen?

What happened

Democracy or Putin: 'Israel must choose a side in Ukraine'

At 7:15 P.M., a number of Israeli websites fell offline, including the website for the Health Ministry and others. By 8:30 P.M., a defense source had briefed Israel’s military correspondents, saying that Israel was under a “wide-scale cyberattack”. The attack, the source said, was perhaps the biggest in Israeli history.

By 9:00 P.M., the truth was slowly starting to emerge: Israel, the cyber powerhouse that has long engaged in proxy cyber wars against enemies like Iran, was hit with what is called a DDoS attack. These attacks are considered to be the lowest rung of cyberattacks, the least sophisticated and the easiest to identify. A far cry from the complex attacks attributed to Israel, Iran, or even North Korea, the attack is tantamount to flooding a computer with multiple requests until it crashes. In this case, Israeli state websites were pummeled with traffic and queries until their servers buckled under the pressure.

By 9:00 P.M., full access had been restored. “The attack caused a short outage and temporarily prevented access to some Israeli websites,” the authority said this morning.

The Israeli Internet Association, which monitors traffic to and from Israel, said late last night that it did indeed register a massive uptick in traffic. However, it seemed traffic was flowing to all websites hosted by a local mobile provider, not just Israeli state sites. In other words, it is very possible that other websites that are not linked to the government crashed, but nobody noticed.

Iranian attack?

As soon as the attack was confirmed, social media was abuzz with claims that this was a state attack on Israel, one that had most likely been launched by Iran or Iranian-affliated hackers. The cyber authority maintains that it is still too early to know: “The event is still under investigation and potential ‘suspects,’ at this stage, include anything from criminal cyber groups to hacktivists to state agents.”

Omri Segev Moyal, a cyber security expert who has previously worked on state attacks, says that the unsophisticated nature of the attack is reminiscent of earlier attacks launched by Iranians, for example a 2013 DDoS attack that he described as “smaller in scale and volume.”

He and others note that the attack is more in line with pro-Iranian activists than a state operation intended to inflict debilitating harm on Israel. Other cyber experts took to social media, urging Israel to defend itself against Iranian aggression.

Segev Moyal remains a bit more skeptical about the spectacle: “Attacks like these, as is also the case with previous ransomware attacks [against Israel], are intended to create PR wins for the attackers.”

Another industry source goes one step further, saying that if the attack was indeed Iranian, the Israeli defense establishment’s scaremongering actually gave the “Iranian propaganda efforts a win.”

What’s the truth?

The research department at CheckPoint, perhaps Israel's biggest and most famous defense cyber security corporation, published some additional data Tuesday morning that may shed some light on the true nature of the attack. According to their findings, there has been a massive, global uptick in cyberattacks since the Russian invasion of Ukraine began. In fact, this rise comes on the tail of another one sparked by the coronavirus, sometimes called “cyber COVID.”

"In Israel, we have seen a 21 percent increase in attacks since the fighting started [in Ukraine],” says Gil Messing, CheckPoint’s spokesperson, in response to a question regarding Israel and the fighting in Ukraine.

Other experts all stress that there is no direct connection between Ukraine and Israel and the attack was not in response to Israel’s mediation efforts, for example.

“There is also a 22 percent increase of attacks focusing on government and military targets in Israel,” he says based on CheckPoint's researcher. In other words, according to the data, the increased attacks on Israel are completely in line with the global trend.

Per the cyber authority, as this is not a rare or unique attack, it actually shows how following protocol brought the attack to an end in under an hour.

Click the alert icon to follow topics:



Automatic approval of subscriber comments.

Subscribe today and save 40%

Already signed up? LOG IN


Trump and Netanyahu at the White House in Washington, in 2020.

Three Years Later, Israelis Find Out What Trump Really Thought of Netanyahu

German soldier.

The Rival Jewish Spies Who Almost Changed the Course of WWII

Rio. Not all Jewish men wear black hats.

What Does a Jew Look Like? The Brits Don't Seem to Know

Galon. “I’m coming to accomplish a specific mission: to increase Meretz’s strength and ensure that the party will not tread water around the electoral threshold. If Meretz will be large enough, it will be the basis for a Jewish-Arab partnership.” Daniel Tchetchik

'I Have No Illusions About Ending the Occupation, but the Government Needs the Left'

Soldiers using warfare devices made by the Israeli defense electronics company Elbit Systems.

Russia-Ukraine War Catapults Israeli Arms Industry to Global Stage

Flame and smoke rise during an Israeli air strike, amid Israel-Gaza fighting, in Gaza City August 6, 2022.

Israel Should End Gaza Operation Now, if It Can