Hackers Attack Israel’s Defence Sector

North Korea is hacking Israeli defence businesses with fake job offers with the intention to steal sensitive data. 

Israel’s Ministry of Defence say the hackers are part of the Lazarus Group which has been linked to N. Korea by the US Intelligence. Using a method seen previously in 2019, the hackers created false LinkedIn accounts impersonating CEOs and top officials at multinational companies to place the fake jobs on the market.

The attackers are interested in compromising the employees’ computers, infiltrating their networks, and stealing sensitive security information, the Ministry of Defense said.

The leading Israeli cyber security firm, Clears has been tracking the campaign and report that the hackers impersonate major defense companies  the likes of Boeing, McDonnell Douglas, and BAE. After making contact with targets, the hackers continued conversations with victims over WhatsApp and ClearSky. Israel’s Ministry of Defense said it had blocked the attempts in “real time,” adding that “no harm or disruption was made to their networks.” 

The attack was deflected “in real time” and that there was no “harm or disruption” to its computer systems, according to Israeli Defense sources.

However, security researchers at ClearSky, say the North Korean hackers penetrated the computer systems and were likely to have stolen a large amount of classified data.

Israeli officials fear the data could be shared with North Korea’s ally, Iran. Also according to ClearSky, the North Korean hackers’ campaign has succeeded on a number of occasions, infecting “several dozens” of companies and organisations both in Israel and around the world.

North Korean government-linked hackers have continued to pose as job recruiters or send fake job offers even though it is not apparent if any of their previous efforts have been successful.

The North Korean attack on Israeli’s defense industry began with a LinkedIn message in June, ClearSky researchers said. North Korean hackers posing as a Boeing headhunter sent a message to a senior engineer at an Israeli government-owned company that manufactures weapons for the Israeli military and intelligence.

Some officials fear that classified data stolen by North Korea could be shared with Iran, who are the main suspects in a sophisticated attempt to poison Israels's water sytem earlier this year.

Now this attack adds Israel to the list of countries and companies that have been targeted by North Korea’s hacking unit, known to private security analysts as the Lazarus Group. American and Israeli officials have said the Lazarus Group, also known as Hidden Cobra, is backed by Pyongyang.

Since the start of the year, Israel has reported attempted cyber-attacks on power stations and water utilities, with officials pointing the finger at Iran or Iranian-backed groups.

Reuters:           New York Times:         Deccan Herald:         CyberScoop

You Might Also Read:

Hackers Attack Israel’s Water Infrastructure:

 

« Creating Post-Modern Intelligence
Industrial Robots Are Not Safe From Cyber Attack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Cyberlytic

Cyberlytic

Cyberlytic applies artificial intelligence to combat the most sophisticated of web application threats, addressing the growing problem of high volumes of threat data.

Swivel Secure

Swivel Secure

Swivel Secure is an award winning provider of multi-factor authentication solutions.

BSA - The Software Alliance

BSA - The Software Alliance

BSA is the leading advocate for the global software industry before governments and in the international marketplace.

S2 Grupo

S2 Grupo

S2 Grupo is the benchmark company in Europe and Latin America, for Cyber Intelligence and mission critical systems operations.

Total Defense

Total Defense

Total Defense solutions include anti-malware, anti-virus, intrusion prevention & mobile security.

NGS (UK)

NGS (UK)

NGS (UK) Ltd are independent, vendor agnostic, next generation security trusted advisors, providing all-encompassing solutions from the perimeter to the endpoint.

CyberCareers.gov

CyberCareers.gov

CyberCareers.gov is a platform for Cybersecurity Job Seekers, Federal Hiring Managers and Supervisors, Current Federal Cybersecurity Employees, Students and Universities.

Immuta

Immuta

Immuta empowers data engineering and operations teams to automate data governance, security, access control & privacy protection.

CyberLab

CyberLab

CyberLab (formerly Chess) is a specialist cyber security company that provides a wide range of security solutions and services.

ramsac

ramsac

ramsac provide secure, resilient IT management, cybersecurity, 24 hour support and IT strategy to businesses in London and the South East.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

SecurityStudio

SecurityStudio

SecurityStudio is a continuous cybersecurity risk management platform that allows decision-makers to quickly identify the most immediate threats and make confident risk informed decisions.

Zyber 365

Zyber 365

Zyber 365 are providing a robust, decentralized, and cyber-secured operating system which adheres to the fundamental principles of environmental sustainability.

Cyber Intell Solution (CIS)

Cyber Intell Solution (CIS)

Cyber Intell Solution provide expert consulting, specialized products, and tailored operational services to governmental and corporate industry worldwide.

Quantum Squint

Quantum Squint

Quantum Squint is a cutting-edge cybersecurity company specializing in the use of advanced regression management techniques to detect, analyze, and prevent vulnerabilities in digital systems.

CelcomDigi

CelcomDigi

CelcomDigi aspire to be Malaysia’s top Telco-Tech company, transforming beyond core connectivity to lead digitalization and innovation as part of nation-building.

Cloudsmith

Cloudsmith

Cloudsmith is the only cloud-native, global, universal artifact management platform for securely developing and distributing software.