Israel's Shin Bet domestic security service and the National Cyber Security Agency said in a joint statement on Wednesday that Iran has recorded hundreds of cyberattack attempts against senior Israeli officials over the past year. The attacks have targeted government structures, defense agencies, media and academia.
In recent weeks, Iranian hackers have claimed to have hacked the devices or online accounts of former Prime Minister Naftali Bennett, Prime Minister Benjamin Netanyahu's chief of staff Tsakhi Braverman and former minister Ayelet Shaked, according to the statement.
Officials say the incidents are part of a broader campaign targeting hundreds of senior Israeli officials. The number of attempted attacks has increased significantly in recent months, especially since the start of the war with Iran. Actors linked to Iranian intelligence are said to have attempted to hijack the Google accounts and messaging apps of current and former government officials, defense officials, defense industry experts, journalists, academics, and even some civilians.
The statement emphasizes that the purpose of these attacks is to collect personal and professional information. It is reported that this information can be used in terrorist, espionage, and influence operations. Attack methods include personalized appeals tailored to the interests of the targets, invitations to meetings or file downloads sent on behalf of well-known individuals, as well as phishing messages aimed at obtaining passwords and two-step verification codes for Google, Telegram, and WhatsApp accounts. The aim of these methods is to gain full control over the accounts.
The Shin Bet and the National Cybersecurity Agency said that in order to prevent attacks, targeted alerts are sent, unusual activities are monitored, unauthorized access is blocked and deleted, and senior officials are given instructions on account protection and personal cybersecurity measures.
The agencies recommend that all users activate two-step verification, update their recovery email addresses, and check linked accounts. They also urge users to be vigilant against requests from unknown individuals, not to share personal information, and not to click on links sent from unknown sources.
The statement noted that the Shin Bet will continue to work to detect hostile activity in a timely manner and prevent possible attacks, and will further strengthen defense measures against these threats together with the National Cybersecurity Administration.
