Hackers Attack Israel’s Defence Sector

Uploaded on 2020-08-24 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

North Korea is hacking Israeli defence businesses with fake job offers with the intention to steal sensitive data. 

Israel’s Ministry of Defence say the hackers are part of the Lazarus Group which has been linked to N. Korea by the US Intelligence. Using a method seen previously in 2019, the hackers created false LinkedIn accounts impersonating CEOs and top officials at multinational companies to place the fake jobs on the market.

The attackers are interested in compromising the employees’ computers, infiltrating their networks, and stealing sensitive security information, the Ministry of Defense said.

The leading Israeli cyber security firm, Clears has been tracking the campaign and report that the hackers impersonate major defense companies  the likes of Boeing, McDonnell Douglas, and BAE. After making contact with targets, the hackers continued conversations with victims over WhatsApp and ClearSky. Israel’s Ministry of Defense said it had blocked the attempts in “real time,” adding that “no harm or disruption was made to their networks.” 

The attack was deflected “in real time” and that there was no “harm or disruption” to its computer systems, according to Israeli Defense sources.

However, security researchers at ClearSky, say the North Korean hackers penetrated the computer systems and were likely to have stolen a large amount of classified data.

Israeli officials fear the data could be shared with North Korea’s ally, Iran. Also according to ClearSky, the North Korean hackers’ campaign has succeeded on a number of occasions, infecting “several dozens” of companies and organisations both in Israel and around the world.

North Korean government-linked hackers have continued to pose as job recruiters or send fake job offers even though it is not apparent if any of their previous efforts have been successful.

The North Korean attack on Israeli’s defense industry began with a LinkedIn message in June, ClearSky researchers said. North Korean hackers posing as a Boeing headhunter sent a message to a senior engineer at an Israeli government-owned company that manufactures weapons for the Israeli military and intelligence.

Some officials fear that classified data stolen by North Korea could be shared with Iran, who are the main suspects in a sophisticated attempt to poison Israels's water sytem earlier this year.

Now this attack adds Israel to the list of countries and companies that have been targeted by North Korea’s hacking unit, known to private security analysts as the Lazarus Group. American and Israeli officials have said the Lazarus Group, also known as Hidden Cobra, is backed by Pyongyang.

Since the start of the year, Israel has reported attempted cyber-attacks on power stations and water utilities, with officials pointing the finger at Iran or Iranian-backed groups.

Reuters:           New York Times:         Deccan Herald:         CyberScoop

You Might Also Read:

Hackers Attack Israel’s Water Infrastructure:

 

« Creating Post-Modern Intelligence
Industrial Robots Are Not Safe From Cyber Attack »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cloud Credential Council (CCC)

Cloud Credential Council (CCC)

The CCC is a leading provider of vendor-neutral certification programs that empower IT and business professionals in their digital transformation journey.

Qualitèsoft Technology

Qualitèsoft Technology

Qualitèsoft Technology is a leading Software Development and Quality Assurance organization. We specialize in Custom Development, Mobile Application, Software Testing and Quality Assurance.

Proofpoint

Proofpoint

Proofpoint provide the most effective cybersecurity and compliance solutions to protect people on every channel including email, the web, the cloud, social media and mobile messaging.

Trust Guard

Trust Guard

Trust Guard services provide complete security for your website.

Advanced Software Products Group (ASPG)

Advanced Software Products Group (ASPG)

ASPG offers a wide range of innovative mainframe software solutions for Data Security, Access Management, System Management and CICS productivity.

CSI

CSI

CSI is a Managed Service Provider (MSP) delivering Hybrid Multi-Cloud, Data Protection, and Cyber Security solutions to highly regulated industries.

Watchdata Technologies

Watchdata Technologies

Watchdata Technologies is a pioneer in digital authentication and transaction security.

Metro Systems

Metro Systems

Metro Systems offer fully integrated IT solutions & services covering Digital Transformation, Digital Infrastructure, Cyber Security and Training.

Dualog

Dualog

Dualog provides a maritime digital platform which ensures that services work reliably and securely onboard.

Uptycs

Uptycs

Uptycs combines the open source universal agent, osquery, with a scalable security analytics platform for fleet visibility, intrusion detection, vulnerability monitoring and compliance.

Vention

Vention

Vention (formerly iTechArt) is the partner of forward-thinking tech leaders around the globe.

CENSUS

CENSUS

CENSUS is a Cybersecurity services provider offering services to multiple industries worldwide such as Security Testing, Code Auditing, Secure SDLC, Vulnerability Research and Consulting Services.

Titan Labs

Titan Labs

Titan Labs is a Cyber Security Consultancy that provides advice and technical expertise to government, international finance and telecommunications providers.

Secora Consulting

Secora Consulting

Secora Consulting is a professional services company specialising in tailored cybersecurity assessments and cyber advisory services.

Tsaaro Academy

Tsaaro Academy

Tsaaro Academy is a unique privacy certification training platform and here you earn a privacy certification CEH, CISM and DPO from India’s No.1 Privacy training platform.

DACTA Global

DACTA Global

DACTA was established with the aim of simplifying the perception of complexity surrounding digital security challenges and solutions.