Cyber Incident Victim: Embassy of Russia in Israel

On January 16, 2016, the website of the Russian Embassy in Israel (russianembassy.org.il) was defaced by Turkish hackers, marking an escalation in ongoing cyber hostilities between Turkish and Russian entities. The attackers replaced the site’s content with Turkish, Turkmeni, and Azeri insignia, publicly displaying their intrusion. Russian authorities responded by temporarily taking the website offline to address the compromise. IT personnel subsequently identified and removed the source of the defacement, allowing the site to be restored. The Börteçine Siber Tim hacking group, based in Azerbaijan, claimed responsibility for the attack via a Twitter post. This incident occurred against the backdrop of heightened tensions following Turkey’s downing of a Russian aircraft near the Syrian-Turkish border, which had triggered a series of retaliatory cyber operations.

The embassy hack formed part of a broader, asymmetric cyber conflict predominantly driven by Turkish hacktivist groups. Prior to this incident, Anonymous had initiated #OpISIS, launching DDoS attacks against Turkey’s DNS infrastructure in retaliation for alleged Turkish support of ISIS through oil purchases and medical care for injured fighters. Turkish hackers responded by compromising the Instagram account of Russian Communications and Mass Media Minister Nikolay Nikiforov and executing DDoS attacks against the Central Bank of Russia and the Lokomotiv Moskow football club. Despite these provocations, no Russian-affiliated hacking groups had retaliated against Turkish targets at the time of the embassy incident, leaving the cyber conflict largely one-sided. The defacement caused temporary disruption to the embassy’s online presence but was contained through technical remediation efforts by Russian IT teams.