On October 7th, 2023, the Izz ad-Din al-Qassam Brigades, the Gazan militia linked to Hamas, launched an Air, Land and Sea operation called “Deluge of al-Aqsa" (طوفان_الأقصى). The conflict transposed in cyberspace with the mobilization of a wide range of actors in support of one side or the other.
CERT OWN categorized the online activity into cybercrime and hacktivism activities, disinformation and misinformation campaigns and advanced persistent threats operations. CERT OWN observations were compiled into a situational report showing that :
• Real life alliances apply in cyberspace. Hacktivists taking parti in the conflict on both sides are mostly launching DDoS attacks and sharing tips and tools to facilitate attacks.
• The Hamas attack on the 7th of October resulted in a “flood” of contents with accounts openly relaying disinformation, and among these accounts some specialized in conspiracy theories increase the volume of fake news currently flooding social media.
• Iranian and Palestinian APT such as MuddyWater or AridViper) are either continuing or resuming their activity with campaigns targeting Israeli entities.
