Cyber Incident Victim: Bank Leumi

In late June 2021, a coordinated cyberattack targeted Israeli banking websites over a weekend, involving hundreds of Malaysian hackers operating under the anti-Israel group DragonForce. The attackers launched a multi-wave distributed denial-of-service (DDoS) campaign aimed at disrupting banking services and attempting to take down websites by overwhelming systems with fraudulent traffic. The assault peaked during its final wave late Friday night, reaching approximately 200 megabits per second—a significant volume that caused measurable slowdowns and service interruptions across multiple bank platforms. On Saturday morning, Bank Israel's systems came under renewed attack, with at least one report indicating operational impact. The hackers publicly claimed success by releasing screenshots purportedly showing crashed bank computers, though some evidence appeared exaggerated or falsified upon closer examination.

DragonForce's primary objective was service disruption rather than data theft, leveraging participant numbers to overwhelm infrastructure. The group simultaneously published a file allegedly containing names and addresses of hundreds of thousands of Israeli students, expanding their anti-Israel activities beyond the banking sector. Banking cybersecurity experts mobilized defensive measures during the attacks, noting advance warnings from the perpetrators had allowed some preparatory actions. Bank Israel confirmed its external websites—hosted on separate government servers through the "Gov.il" platform—experienced typical DDoS attempts like other government entities, but emphasized these systems remained isolated from core banking infrastructure. This architectural separation prevented operational impacts despite visible website disruptions, with the bank characterizing such attacks as routine occurrences in public-facing systems.