Cyber Incident Victim: Bank Leumi
Date:
Aug 2014
Location:
Israel
Summary
Hackers affiliated with Anonymous launched cyberattacks against a major Israeli bank and key government websites, causing service disruptions and temporary takedowns in retaliation for alleged social media account suspensions. The group publicly listed targeted sites via Pastebin under the AntiSec alias, framing the attacks as solidarity with Gaza and opposition to Israeli military actions. Operational messages emphasized persistence despite individual setbacks, referencing prior compromises of Israeli defense platforms by other hacktivist groups. The incidents disrupted online services and mirrored previous disruptions to military communications infrastructure.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On August 24-25, 2014, hackers affiliated with the Anonymous collective conducted cyberattacks against multiple high-profile Israeli websites, including Bank Leumi, the Israel Defense Forces (IDF), the Bank of Israel, and the Israeli Prime Minister's official online presence. The attackers publicly claimed responsibility through a Pastebin post published under the alias AntiSec, framing their actions as retaliation against Israel's alleged shutdown of Anonymous-linked social media accounts. Their stated motivations included expressing solidarity with Gaza residents and attempting to halt Israeli military operations in the region. The operational details shared via Pastebin emphasized the group's persistence, with a message declaring that individual arrests would not stop their collective actions. The hackers reinforced their public claims through social media, with the @AnonymousGlobo Twitter account announcing the takedowns using the hashtags #OpSaveGaza, #AntiSec, and #Anonymous.
The coordinated attacks resulted in significant service disruptions, with multiple critical websites rendered inaccessible during the incident. IDF's primary domain (idf.gov.il) remained offline at the time of media reporting on August 25, indicating sustained operational impact. This incident continued a pattern of cybersecurity challenges for IDF's digital assets, following a July 2014 compromise of their official Twitter account by the Syrian Electronic Army, which had falsely warned of a nuclear leak after rocket attacks on the Dimona facility. While the article confirms Bank Leumi's inclusion among the affected entities, it provides no specific details regarding the bank's operational disruptions, financial impacts, or recovery timeline. The attackers' Pastebin statement included a philosophical justification for their actions, quoting Mahatma Gandhi's principle that inaction guarantees no results while action creates potential for change. No containment measures, technical responses, or forensic findings from victim organizations are documented in the available source material.