Hackers Attack Israel’s Defence Sector

Uploaded on 2020-08-24 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

North Korea is hacking Israeli defence businesses with fake job offers with the intention to steal sensitive data. 

Israel’s Ministry of Defence say the hackers are part of the Lazarus Group which has been linked to N. Korea by the US Intelligence. Using a method seen previously in 2019, the hackers created false LinkedIn accounts impersonating CEOs and top officials at multinational companies to place the fake jobs on the market.

The attackers are interested in compromising the employees’ computers, infiltrating their networks, and stealing sensitive security information, the Ministry of Defense said.

The leading Israeli cyber security firm, Clears has been tracking the campaign and report that the hackers impersonate major defense companies  the likes of Boeing, McDonnell Douglas, and BAE. After making contact with targets, the hackers continued conversations with victims over WhatsApp and ClearSky. Israel’s Ministry of Defense said it had blocked the attempts in “real time,” adding that “no harm or disruption was made to their networks.” 

The attack was deflected “in real time” and that there was no “harm or disruption” to its computer systems, according to Israeli Defense sources.

However, security researchers at ClearSky, say the North Korean hackers penetrated the computer systems and were likely to have stolen a large amount of classified data.

Israeli officials fear the data could be shared with North Korea’s ally, Iran. Also according to ClearSky, the North Korean hackers’ campaign has succeeded on a number of occasions, infecting “several dozens” of companies and organisations both in Israel and around the world.

North Korean government-linked hackers have continued to pose as job recruiters or send fake job offers even though it is not apparent if any of their previous efforts have been successful.

The North Korean attack on Israeli’s defense industry began with a LinkedIn message in June, ClearSky researchers said. North Korean hackers posing as a Boeing headhunter sent a message to a senior engineer at an Israeli government-owned company that manufactures weapons for the Israeli military and intelligence.

Some officials fear that classified data stolen by North Korea could be shared with Iran, who are the main suspects in a sophisticated attempt to poison Israels's water sytem earlier this year.

Now this attack adds Israel to the list of countries and companies that have been targeted by North Korea’s hacking unit, known to private security analysts as the Lazarus Group. American and Israeli officials have said the Lazarus Group, also known as Hidden Cobra, is backed by Pyongyang.

Since the start of the year, Israel has reported attempted cyber-attacks on power stations and water utilities, with officials pointing the finger at Iran or Iranian-backed groups.

Reuters:           New York Times:         Deccan Herald:         CyberScoop

You Might Also Read:

Hackers Attack Israel’s Water Infrastructure:

 

« Creating Post-Modern Intelligence
Industrial Robots Are Not Safe From Cyber Attack »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Indelible Data

Indelible Data

Indelible Data is an established information security and technology consultancy and a Cyber Essentials Certification Body.

AET Europe

AET Europe

AET Europe is specialised in creating technological solutions for user identification and authentication.

IABG

IABG

IABG offer independent, product-neutral consulting as well as technical and scientific services for the use of safety-relevant systems and technologies.

Thomas Miller Specialty

Thomas Miller Specialty

Thomas Miller Specialty is a commercial Managing General Agency providing specialty risks insurance including Cyber & e-crime insurance.

Hack The Box

Hack The Box

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field.

Consortium for Information & Software Quality (CISQ)

Consortium for Information & Software Quality (CISQ)

The mission of CISQ is to develop international standards for software quality and to promote the development and sustainment of secure, reliable, and trustworthy software.

Adzuna

Adzuna

Adzuna is a search engine for job ads used by over 10 million visitors per month that aims to list every job everywhere, including thousands of vacancies in Cybersecurity.

CSC Digital Brand Services

CSC Digital Brand Services

Our brand protection and security expertise give our customers peace of mind that no matter how fast the digital world changes, their intellectual property and digital assets will be secure.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

Kasada

Kasada

Kasada has developed a radical approach to defeating automated cyberthreats based on its unmatched understanding of the human minds behind them.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

Netography

Netography

Netography provides a scalable and reliable platform for detection & remediation of cyber threats found on your network.

CRI Group

CRI Group

CRI Group excels at deterring, detecting and investigating crimes against businesses using a global network of professionals specially trained in Anti-Corruption, Risk Management and Compliance.

Pristine InfoSolutions

Pristine InfoSolutions

Pristine InfoSolutions is a global IT services and Information Security Company focused on delivering smart, next-generation business solutions.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

Somerville

Somerville

Somerville are a full service IT partner with over 40 years experience delivering exceptional service and value to our customers.