The Anonymous Sudan hacker group has declared its involvement in a cyberattack on Israeli ports, specifically targeting the Israel Ports Development & Assets Company and Haifa Port Company. The attack, revealed through a dark web portal, focused on critical components of the ports’ digital infrastructure, compromising network devices, administration devices, routers, SNMP & email servers, VPN, internal servers, and vital client-side endpoints. The damage reportedly extends to the overall digital well-being of the Israel Ports Development & Assets Company Ltd. and Haifa Port Company Ltd., impacting collateral and related services. This event follows a similar attack in November 2023, where Anonymous Sudan targeted Israel’s critical infrastructure, expressing allegiance to Russian interests and showing solidarity with Hamas during the ongoing Israel-Palestine conflict.
Anonymous Sudan has consistently aimed at disrupting Israel’s Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems, posing a significant cybersecurity threat. Originating as a Russian-speaking Telegram channel in January 2023, the group lacks direct evidence linking it to the Anonymous hacktivist group or the nation of Sudan. Despite exhibiting anti-Western and pro-Islamic tendencies, the group maintains a strong connection to Russian interests and has ties with the Russian hacktivist group, Killnet, known for executing Distributed Denial-of-Service (DDoS) attacks.
Utilizing DDoS attacks, Anonymous Sudan employs waves of UDP and SYN floods to overwhelm targets, rendering their services useless or sluggish. The group employs public cloud servers and free/open proxy infrastructures to conceal the source of their attacks. Previous targets include countries such as Sweden, Denmark, France, the United States, and now Israel. Motivated by various factors, including geopolitical agendas and retaliation against Western support for Ukraine during the Russian invasion, Anonymous Sudan’s focus on Israel raises concerns about the security of the country’s critical infrastructure and the potential impact of these cyberattacks.
