Fingers point to Palestine after Israeli Defense Ministry breach
Network intrusion; Spear-phishing; Unauthorized use of user privileges
The perps used “phishing” emails laced with a virus to take control of at least one recipient’s machine, according to research firm Seculert.
Aviv Raff, CTO of the Israeli security company, said the way the code was deployed hints at Palestinian involvement.
The attack was initiated through a mass email purportedly from the Shin Bet, Israel’s internal security service, that claimed to contain information about the death of former prime minister Ariel Sharon.
An attachment inside was infected with ‘Xtreme RAT’ malicious software, controlled from a server in the United States. It had spread to 15 machines, including one belonging to Israel’s Civil Administration – a government body that operates in the occupied West Bank and monitors Palestinian activity.
Raaf said only the Civil Administration’s public network was affected and that no classified communications were compromised. He told Reuters the tools and methods used in this attack were similar to those favored by hackers linked to Palestine.
The attack came as Israel’s Prime Minister Benjamin Netanyahu was promoting the country’s technology and cybersecurity markets at the World Economic Forum in Switzerland.
ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.
January 27, 2014
Link to report
location of breach
location of perpetrators
date breach occurred
January 15, 2014
date breach detected