Iran targets Israel with growing number of cyberattacks

Iranian cyberattack on Israeli sites  / Processing: Screenshot, Globes
Iranian cyberattack on Israeli sites / Processing: Screenshot, Globes

The vast majority of attacks have been thwarted in their early stages senior sources have told "Globes," with businesses more vulnerable than government.

Since the start of December, Iranian sources have been responsible for a growing number of cyberattacks targeting Israeli government and privately-held companies in Israel and abroad, sources close to the matter have told "Globes." The vast majority of the attacks have been thwarted in their early stages with others stopped later on and as far as is known no major damage has been inflicted.

According to a senior Israeli defense source, after several years of defensive operations and building digital protection systems with the assistance of agencies in China and Russia, the Iranians have now moved into the attack phase. The source added that last month saw a substantial rise in attack activities, perhaps to mark the first anniversary of the assassination of the head of the Islamic Revolutionary Guard Qasem Soleimani or following the assassination of Iranian nuclear scientist Mohsen Fakhrizadeh.

According to the source, disguised as a group of independent hackers, some linked to countries like Turkey, Iran has launched dozens of cyberattacks on Israeli sites, including government targets, most of which were neutralized early or failed to cause any real damage. An analysis of the attacks shows that those against privately-held companies were stopped at a slightly later stage, demonstrating the existing gap between the public sector and national infrastructures and the private and business sector.

The global cyber war is being fought around us on digital battlefields and in recent years more than ever. In this war, Israel is on the front line against global rivals hidden by superpowers, the best known of them headed by Iran.

The opening shot in this global cyber war was attributed to Israel - the Stuxnet attack in 2011, which damaged the digital network, which was developing systems for Iran's nuclear weapons. Since then the cyber warfare has spread to other national battle arenas (as well as commercial arenas).

Looking back it can be seen that the Iranian initiative began with an apparently simple attack by hackers on Israeli websites in which homepages were planted supporting the Palestinians, subsequently progressing to attempts to harm national infrastructures. The best known attack was on the computerized systems of the Mekorot National Water Company last April, which a short break in water supply to several locations in Israel. Shortly afterwards all activities at one of Iran's busiest ports was halted because of bad damage to its computer systems in another cyberattack that was attributed to Israel, as retaliation for the Mekorot attack.

The defense source said, "This is a battlefield in every sense and so when they shoot at you, you shoot back."

The source added that the best form of defense, in addition to the best defense installations, is attack. "When the enemy knows that its infrastructures are exposed to more powerful attacks that it can perform itself, then the hesitation exists. Therefore substantial efforts are made to discuss the country that is attacking through a group of unidentified attackers by demanding a ransom to make out it is as if it is a regular ransom attack by criminals."

The source added that, "Some of the attacks do not try to destroy or make changes but plant a dormant system that can be used later. Those are the most dangerous because they are passive and difficult to discover."

Are we protected? The State Comptroller's report in May 2019 said, "Despite the efforts in recent years, there is still as gap between the cyber defense of vital installations, government ministries and the civilian space."

The solution that the state is trying to provide is within the national cyber system. The protection of infrastructure installations at the start of the last decade was arranged by the General Security Services (Shin Bet) which mapped out several dozen organizations as 'critical infrastructures' including electricity, water, energy installations, chemical plants, and subsequently banks, the mobile phone companies, and more.

Subsequently, handling of the civilian organizations was separated and transferred to a special organization that was set up - the Israel National Cyber Directorate headed by Yigal Unna, a former head of the Shin Bet's Cyber and Technology Division. The directorate's advantages are civilian thinking, dialogue with commercial operations, and harnessing national resources for the job. The disadvantages are that unlike the Shin Bet, the reaction time is slow, 'civilian' regulation is less decisive than in the defense sector and the issue of enforcement over private bodies. The attack on the Shirbit insurance company, which was handled with the guidance and cooperation of the directorate, testifies to the fact that there is a lot of work to be done.

Israeli cybersecurity technology company Cyberreason Chief Revenue Officer Shai Horovitz thinks that at a national level the country's situation is actually relatively good and that through the National Cyber Directorate has created a relatively effective protection system. But he adds that the private sector, companies and factories, still lag behind. The attack on Shirbit epitomizes this and should serve as a real wakeup call to executives of these companies.

Horovitz categorizes cyberattacks into three types: national state level attacks in which countries like Russia, China and North Korea are mainly operating and their aim is military, defense surveillance and industrial espionage including stealing commercial secrets. For example in 2019, Cyberreason identified an attack, probably from China, which penetrated 25 mobile phone companies around the world, thus gaining access to information from hundreds of millions of phones belonging to the companies attacked.

Sound familiar? In 2019, it was reported that Shin Bet heads met with Benny Gantz to tell him that the Iranian secret services had breached his phone. Mobile phones can be accessed through sending a compromising link by text or email as well as through the operating system.

The latest and probably largest attack to date has been attributed to Russia and was against SolarWindows through which it penetrated hundreds of US government agencies and companies and probably elsewhere. The US government is still investigating the extent of the damage and how much and what information was exposed to the attackers. According to different estimates, there was also damage to tech giants including Microsoft.

A second type of attack is by ransomware, which locks the victim's computers with a demand for a ransom. These serve organizations and hackers and occasionally states and are often combined with stealing data or threats to expose embarrassing information. This was the type of cyberattack on Shirbit.

The third type of attack is by organized crime, which instead of robbing a bank in a holdup with guns and masks, does so by uncovering passwords of customers and companies and stealing money from their accounts cleanly and remotely.

Published by Globes, Israel business news - en.globes.co.il - on January 19, 2021

© Copyright of Globes Publisher Itonut (1983) Ltd. 2021

Iranian cyberattack on Israeli sites  / Processing: Screenshot, Globes
Iranian cyberattack on Israeli sites / Processing: Screenshot, Globes
Tel Aviv credit: Shutterstock Meitav sees Israel housing prices falling

More Israeli households are expected to prefer renting a home rather than buying their own apartment and the consequences will be negative, Meitav investment house chief economist Alex Zabezhinsky predicts.

Sasha Troufanov credit: IDF Spokesperson Amazon CEO welcomes release of employee Sasha Troufanov

Andy Jassy said that Amazon has not commented publicly on the hostages for fear that it would negatively impact their ability to be released, or how they were treated in captivity.

Israeli apartments Credit: Shutterstock Apartments sold and rented

A selection of recent real estate deals in Israel in Tel Aviv, Ra'anana, Netanya, Mazkeret Batya, Maalot-Tarshisha and Beersheva.

MK 84 bombs credit: Reuters IMAGO US shipment of MK-84 900 kilogram bombs arrives in Israel

One of the first steps taken by US President Donald Trump was to release the heavy deep-penetration bombs, which former President Joe Biden had halted the supply of.

BIG Glilot credit: Tel Aviv online BIG Glilot - Israel's biggest shopping center set to open

The shopping center will send shockwaves throughout the retail sector in Tel Aviv and the Sharon region and could put some of the area's malls out of business.

Inflation credit: Tali Bogdanovsky January CPI reading lifts inflation, housing prices rise

In the twelve months to the end of January 2024, inflation has risen to 3.8%, the Central Bureau of Statistics reports.

Credit Card payment terminal credit: Seika Chujo Shutterstock Cyberattack again disrupts Israel's credit card payments

Check Point chief of staff Gil Messing: "These are the capabilities of a state actor. This does not necessarily mean Iran, but in the past Iranian entities have been behind such attacks.

CyberArk offices credit: Eyal Izhar CyberArk buys US co Zilla Security, reports strong Q4

CyberArk, which will pay $165 million for the US identity governance and administration company, has surpassed Teva to become Israel's second most valuable company.

mSphere credit: Mer Group Mer launches armored vehicle awareness protection system

mSphere's comprehensive monitoring eliminates blind spots, enhances detection capabilities, and enables crews to identify and respond to potential threats swiftly and accurately.

Mortgage taking credit: Shutterstock Steep fall in mortgage taking in Israel in January

Mortgage taking was down 50% from the preceding month but up 30% from January 2024, the Bank of Israel reports.

Shekel-dollar ASAP Creative Shekel rebounds against dollar

Bank Leumi: The possibility of further appreciation of the shekel, raises the question of whether portfolio owners with high exposure to foreign exchange have a reason to hedge their investment portfolio.

Amnon Shashua  credit: Eyal Izhar Shashua's Mentee Robotics unveils robot for manual work

MenteeBot V3.0 takes on lifting tasks that would typically be strenuous for human workers over extended periods.

New housing credit: Satenik Guzhanina Shutterstock 50% of housing deals in 2024 were developer loans

What made 2024 distinct was that 50% of deals involved special offers by contractors and developers for apartments not yet built, the Ministry of Finance reports.

Donald Trump  credit: Reuters/Brendan McDermid Trump administration reaffirms AI chip restrictions on Israel

Sources say the US will demand Israel passes regulations to prevent tech leakage to China and may even include removal of the restrictions as part of a multilateral Middle East agreement.

Accountant General Yali Rothenberg credit: Cadya Levy Israel raises $5b international bond

Accountant General: This is an important public offering that indicates the financial stability of the State of Israel and the high confidence of global investors in the Israeli economy.

Check Point Chairman Gil Shwed and CEO Nadav Zafrir credit: Check Point Check Point teams with Wiz to challenge Palo Alto

The veteran cybersecurity company has formed a strategic partnership with Israeli company Wiz to provide end-to-end cloud security.

Twitter Facebook Linkedin RSS Newsletters גלובס Israel Business Conference 2018