Cyber Incident Victim: רשות שדות התעופה בישראל

On April 20, 2022, Israeli media reported that a pro-Iranian hacking group known as Altahrea Team targeted the website of the Israel Airports Authority (רשות שדות התעופה בישראל). The group claimed its attack was retaliation for the January 3, 2020, U.S. assassination of Iranian Quds Force commander Qassem Soleimani and Abu Mahdi Al-Muhandes, commander of Iraq’s pro-Iranian Popular Mobilization Forces. The incident was first disclosed by Maariv and subsequently covered by JNS. Concurrently, a separate hacktivist group called DoomSec announced an attack on Israel’s official government portal (Gov.il) via their Telegram channel on the morning of April 19. DoomSec’s message included explicit anti-Israel rhetoric and the hashtag #DoomSecWasHere, though they did not explicitly align their actions with Iranian interests.

Later on April 19, DoomSec listed multiple Israeli websites they claimed to have compromised, but this post was subsequently deleted from their Telegram channel. The targeting of the Israel Airports Authority website and Gov.il portal represented a coordinated disruption effort, though no technical details of the attacks (e.g., defacement, data exfiltration, or service downtime) were disclosed in available reports. DoomSec’s historical activities included collaborations with the group AgainstTheWest to leak documents related to advanced persistent threat (APT) groups, indicating a broader focus beyond regional conflicts. The incident highlighted overlapping motivations, with Altahrea Team explicitly linking their actions to Iranian geopolitical grievances, while DoomSec’s involvement appeared ideologically opportunistic. No statements from the Israel Airports Authority or Israeli government regarding incident response, mitigation, or confirmed impacts were reported in the sourced material.