Threatwatch

Fingers point to Palestine after Israeli Defense Ministry breach

Network intrusion; Spearphishing; Unauthorized use of user privileges

The perps used “phishing” emails laced with a virus to take control of at least one recipient’s machine, according to research firm Seculert.

Aviv Raff, CTO of the Israeli security company, said the way the code was deployed hints at Palestinian involvement.

The attack was initiated through a mass email purportedly from the Shin Bet, Israel’s internal security service, that claimed to contain information about the death of former prime minister Ariel Sharon.

An attachment inside was infected with ‘Xtreme RAT’ malicious software, controlled from a server in the United States. It had spread to 15 machines, including one belonging to Israel’s Civil Administration – a government body that operates in the occupied West Bank and monitors Palestinian activity.

Raaf said only the Civil Administration’s public network was affected and that no classified communications were compromised. He told Reuters the tools and methods used in this attack were similar to those favored by hackers linked to Palestine.

The attack came as Israel’s Prime Minister Benjamin Netanyahu was promoting the country’s technology and cybersecurity markets at the World Economic Forum in Switzerland.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves. 

sector

Government (Foreign)

reported

January 27, 2014

reported by

TechWeekEurope

number affected

Unknown

location of breach

Israel

perpetrators

Palestinian Hacker

location of perpetrators

United States

date breach occurred

January 15, 2014

date breach detected

Unknown