The U.S. Department of Justice on Friday charged two Sudanese brothers, Ahmed, 22, and Alaa, 27, Omer, for orchestrating severe cyberattacks against Israel during the Hamas terror attack on October 7.
According to the indictment filed in California, the brothers led a hacking group called “Anonymous Sudan,” which the U.S. Attorney’s Office has labeled as "the most dangerous cyber group in the world."
The cyberattacks disabled life-saving alert systems, which provide real-time notifications of rocket attacks and infiltrations. The attacks occurred alongside the Hamas terror attack and continued until October 9, leaving the systems offline during critical moments. The U.S. Department of Justice noted that the cyber attack targeted the Iron Dome defense system, aiming to incapacitate it during the attacks, thereby undermining Israel's defensive capabilities.
On October 7, Anonymous Sudan announced on its Telegram channel, "We are currently targeting several critical endpoints in Israel's alert systems. We honor the Palestinian resistance—we stand with you." The brothers are also accused of attacking the website of the Jerusalem Post, which was down for 50 consecutive hours, and deleting content from the site. The publication reported that ""The Jerusalem Post has been targeted by multiple cyberattacks, causing our site to crash." Additional targets included essential sites such as the Israel Electric Corporation and the Mekorot Water Company.
The indictment states that the group’s attacks against Israel began before October 7. Earlier in the year, Anonymous Sudan had also targeted service providers for the IDF and the Supreme Court. In May 2023, the group struck the Iron Dome defense system amid rocket fire from Gaza, claiming that the attack disrupted enough alert systems that the Iron Dome failed to intercept all incoming rockets.
Of the 22 rockets fired from Gaza, only four were intercepted, while 16 landed in open fields and two struck urban areas. Military data indicated that the Iron Dome's success rate that day was about 71%, compared to its usual 90-95%. The IDF stated that the incident was under investigation and attributed the lower success rate to the high volume of launches.
Anonymous Sudan claimed responsibility for the Iron Dome's poor performance that day, stating in their Telegram group that it was "one of the reasons for the Iron Dome's terrible performance." In a message from that time, the group warned that it would coordinate its future attacks with those of Hamas, writing, "Now we are playing with Israel again. The real heavy attacks will come when there is a missile assault from Gaza." However, the indictment does not indicate that the brothers had knowledge of or coordinated with Hamas for the October 7 attack.
In April of the same year, the group also attacked university websites in Israel, causing them to crash for several hours. The attack method mirrored what is described in the U.S. indictment—a DDoS attack that floods servers with commands to cause them to crash. The group remarked at the time on its Telegram channel that "the education sector in Israel collapsed because of what they (Israelis) did in Palestine." In February, the brothers targeted critical computer systems belonging to Cedars-Sinai Medical Center in Los Angeles, forcing emergency services to temporarily divert patients to other hospitals, according to the indictment. The brothers claimed the attack was retaliation for Israeli bombings of hospitals in Gaza.
The brothers were arrested in an undisclosed location and are currently under investigation by the FBI while awaiting further proceedings. It is unclear when, or if, they will be extradited to the U.S. According to the indictment, if convicted, Ahmed Omer faces a maximum sentence of life in prison, while Alaa Omer could be sentenced to five years.
The indictment alleges that the brothers aimed to disrupt the lives of millions of Israelis during a crisis, compromising essential services that could impact civilians during the war. The charges also detail actions taken against the U.S., Denmark, France, and Sweden. The prosecution deemed their actions so harmful and life-threatening that it sought a maximum life sentence—marking the first time the U.S. has threatened a cybercriminal with such a penalty.
Get the Ynetnews app on your smartphone: