Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



False Air Raid Sirens in Israel Possibly Triggered by Iranian Cyberattack

Air raid sirens sounded in the Israeli cities of Jerusalem and Eilat on Sunday evening and it appears that they were triggered by a cyberattack, possibly conducted by Iranian hackers.

Air raid sirens sounded in the Israeli cities of Jerusalem and Eilat on Sunday evening and it appears that they were triggered by a cyberattack, possibly conducted by Iranian hackers.

The sirens, which warn the population about rocket attacks, blared for nearly an hour, according to local media reports.

An investigation conducted by the Israeli military found that the alarms were likely triggered by a cyberattack that appears to have targeted municipal public address systems rather than the military’s systems.

While it has yet to be confirmed, the main suspect is Iran, whose hackers often target Israeli organizations and systems.

“Whether this siren attack by Iran was a false flag or accidental triggering remains to be seen but the lack of municipal cybersecurity is clear,” said Ilan Barda, co-founder and CEO of industrial cybersecurity firm Radiflow. “If this was meant to cause disruption to civilian life, it would make more sense to conduct this incident during a religious holiday or time of large gatherings to shatter any sense of security.”

“It is possible that the sirens were triggered while hackers were still exploring for vulnerabilities within the municipality’s security system or that it was a false flag, being used as a distraction as another not yet published cyber attack was carried out,” Barda added. “An example of this was the 2017 Iranian cyber attack on Saudi Arabia’s Aramco, where a breach was discovered, only to have thousands of computer systems compromised later, causing a devastating meltdown or explosion. Going after a municipality would bring a city or region to a halt, impacting supply chains, food deliveries, and more- putting a city under siege.”

This incident comes roughly two years after hackers targeted several water and wastewater facilities across Israel. Those attacks were linked to Iran and experts noted at the time that the attackers appeared to have knowledge of industrial control system (ICS) hacking.

Advertisement. Scroll to continue reading.

The rocket siren incident comes just months after Iran claimed to have foiled what it described as massive cyberattacks aimed at public services owned by the government and private entities.

More recently, an exiled Iranian opposition group claimed that it had taken control of many websites run by Tehran’s municipality and thousands of the city’s surveillance cameras.

In recent years, Iran’s critical infrastructure has often been targeted in cyberattacks, including airlines, nuclear facilities, railroad systems, ports, fuel services, and communication infrastructure. Some of these attacks have been blamed on Israel.

Related: Israel Says Its Fighter Jets Bombed Buildings Used by Hamas Cyber Unit

Related: Wiper Used in Attack on Iran National Media Network

Related: Microsoft Exposes Iran-Linked APT Targeting U.S., Israeli Defense Tech Sectors

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.