Fifteen Israeli Defense Computers Hacked by Email Virus

Attack Is Similar To Gazan Cyber Warfare

By Reuters

Published January 26, 2014.
  • Print
  • Share Share

Hackers broke into an Israeli defence ministry computer via an email attachment tainted with malicious software that looked like it had been sent by the country’s Shin Bet secret security service, an Israeli cyber security firm said on Sunday.

Aviv Raff, chief technology officer at Seculert, said the hackers earlier this month temporarily took over 15 computers, one of them belonging to Israel’s Civil Administration that monitors Palestinians in Israeli-occupied territory.

Raff told Reuters that Palestinians were suspected to be behind the cyber attack, citing similarities to a cyber assault on Israeli computers waged more than a year ago from a server in the Hamas-ruled Gaza Strip.

While the latest attack was conducted from a server in the United States, experts noticed writing and composition similarities with the earlier attack, he said.

Israeli officials declined to comment on Raff’s findings. “We are not commenting on it, we don’t respond to such reports,” said one of the officials, Guy Inbar, a spokesman for the Civil Administration.

There was no immediate Palestinian comment on the report.

Securlet had not determined what the hackers did after the initial infection with “Xtreme RAT” software, Raff said. “All we know is at least one computer at the Civil Administration was in control of the attackers; what they did we don’t know.”

The Civil Administration is a unit of Israel’s defence ministry that oversees the passage of goods between Israel and the West Bank and Gaza Strip, territories Israel captured in a 1967 war and which Palestinians want for a state.

The administration also issues entry permits to Palestinians who work in Israel.

DEFENCE CONTRACTORS ALSO HACKED?

Raff declined to identify the other 14 computers targeted by the hackers. An Israeli source who spoke on condition of anonymity said these included companies involved in supplying Israeli defence infrastructure.

Based on Raff’s analysis the 15 computers were in the hackers’ grip for at least several days after the Jan. 15 dispatch of the email, which included an attachment about ex- Israeli prime minister Ariel Sharon who had just died.

Hacking activity has surged in the Middle East over the past three years as both governments and activist groups have targeted the military, other state agencies, critical infrastructure, businesses as well as dissidents and criminal groups in order to gain information about their operations and also disrupt them.

The email that burrowed into the Israeli defence ministry computer looked like it had been sent from the Shin Bet security service, Raff said.

Raff’s firm was able to “sinkhole” the operation, tricking the Xtreme RAT software into communicating with servers that Seculert controlled in order to figure out which computers were infected and to deactivate the attack.

Xtreme RAT is a remote access trojan, which gives hackers complete control of an infected machine. They can steal information, load additional malicious software onto the network or use the compromised computer as a beachhead from which to conduct reconnaissance and attempt to gain deeper access into the network, Raff said.

Word of the cyber attack came a day before a three-day Israeli cybertech conference being held in Jerusalem, and just after Prime Minister Benjamin Netanyahu plugged Israeli technological advances at the World Economic Forum in Davos.

Raff denied there was any irony in the timing of his warning so soon after Netanyahu’s remarks. “Unfortunately there is no such thing as 100 percent safety either when it comes to physical risks or information security,” he said.


The Jewish Daily Forward welcomes reader comments in order to promote thoughtful discussion on issues of importance to the Jewish community. In the interest of maintaining a civil forum, The Jewish Daily Forwardrequires that all commenters be appropriately respectful toward our writers, other commenters and the subjects of the articles. Vigorous debate and reasoned critique are welcome; name-calling and personal invective are not. While we generally do not seek to edit or actively moderate comments, our spam filter prevents most links and certain key words from being posted and The Jewish Daily Forward reserves the right to remove comments for any reason.





Find us on Facebook!
  • Is pot kosher for Passover. The rabbis say no, especially for Ashkenazi Jews. And it doesn't matter if its the unofficial Pot Day of April 20.
  • A Ukrainian rabbi says he thinks the leaflets ordering Jews in restive Donetsk to 'register' were a hoax. But the disturbing story still won't die.
  • Some snacks to help you get through the second half of Passover.
  • You wouldn't think that a Soviet-Jewish immigrant would find much in common with Gabriel Garcia Marquez. But the famed novelist once helped one man find his first love. http://jd.fo/f3JiS
  • Can you relate?
  • The Forverts' "Bintel Brief" advice column ran for more than 65 years. Now it's getting a second life — as a cartoon.
  • Half of this Hillel's members believe Jesus was the Messiah.
  • Vinyl isn't just for hipsters and hippies. Israeli photographer Eilan Paz documents the most astonishing record collections from around the world:http://jd.fo/g3IyM
  • Could Spider-Man be Jewish? Andrew Garfield thinks so.
  • Most tasteless video ever? A new video shows Jesus Christ dying at Auschwitz.
  • "It’s the smell that hits me first — musty, almost sweet, emanating from the green felt that cradles each piece of silver cutlery in its own place." Only one week left to submit! Tell us the story of your family's Jewish heirloom.
  • Mazel tov to Chelsea Clinton and Marc Mezvinsky!
  • If it's true, it's pretty terrifying news.
  • “My mom went to cook at the White House and all I got was this tiny piece of leftover raspberry ganache."
  • from-cache

Would you like to receive updates about new stories?




















We will not share your e-mail address or other personal information.

Already subscribed? Manage your subscription.