On October 7, 2023, as Hamas fighters breached the Israeli border, Ahmed Omer, a young Sudanese man skilled in technology, initiated a cyberattack targeting Israel's early warning systems. This cyberassault temporarily disabled systems designed to alert citizens of danger, resulting in a failure to deliver crucial warnings during Hamas's attack, which claimed approximately 1,200 lives and involved over 200 abductions.
This action forms part of the criminal indictment against Ahmed and his brother Alaa Omer, unsealed in California this week. The United States Attorney for the Central District of California, E. Martin Estrada, described their group, known as Anonymous Sudan, as “the most dangerous cyber group in terms of DDoS attacks in the world.”
The brothers are alleged to have conducted up to 35,000 distributed denial of service (DDoS) attacks over the course of a year. These attacks targeted numerous government and media websites, including those of the FBI, the Justice Department, and major news organizations like CNN and The Washington Post, as stated in the indictment.
Additionally, the indictment details cyberattacks against hospitals in various countries. It claims jurisdiction on the grounds that the attacks involved American entities. In February 2023, the brothers reportedly caused a disruption at Cedars-Sinai hospital in Los Angeles, leading to a temporary diversion of emergency services, which they justified as retaliation for Israeli military actions in Gaza.
Prosecutors have included a charge against Ahmed Omer that carries a potential life sentence, marking the first instance of the U.S. pursuing such severe penalties against a cybercriminal. Estrada emphasized the life-threatening nature of their attacks, especially those against medical facilities.
The attacks launched by Anonymous Sudan during Hamas's assault were noted for their severity. Within an hour of the onset of hostilities, the group targeted applications providing danger alerts to Israeli citizens, such as Tzofar - Red Alert, which confirmed experiencing a significant DDoS attack on the day of the border breach.
Anonymous Sudan claimed responsibility for cyberattacks against various Israeli organizations, including The Jerusalem Post. Although there is no evidence suggesting coordination with Hamas, the group’s rapid response suggested advanced capabilities. Cybersecurity experts pointed out that the group appeared on Telegram in January 2023 and was suspected of being a front for Russian cybercriminals, previously operating in Russian before shifting to Arabic.
The timeline of attacks against Israel indicates that the group had targeted various entities prior to October 7, including a utilities provider and the military. In May 2023, they reportedly sought to disrupt Israel’s Iron Dome defense system amid conflicts in Gaza, achieving a remarkable level of success by allowing numerous rockets to breach defenses.
As of now, the extradition timeline for the Omer brothers remains unclear, although they are currently in custody outside the United States and have undergone FBI interrogation. Their activities demonstrate a complex interplay between cyber warfare and geopolitical tensions, highlighting the evolving landscape of digital conflicts.