Hacktivist Group GhostSec Attack Israel

Uploaded on 2022-10-10 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Production-Utilities

A hacking group called GhostSec has claimed that they breached the network at Berghof, an Israeli company specialising in municipal industrial applications and operating technology, including filtration & separation which uses Programmable Logic Control devices (PLCs). 

In the message it published on social media, GhostSec attached a video demonstrating a successful log-in to the Berghof's PLC admin panel, together with an image of a screen showing its current operating status and a second image showing that at least one PLC had stopped.

Industrial cyber security firm OTORIO has analysed the incident and reports that the breach was made possible because the PLCs were accessible through the Internet and were secured by weak and guessable password and access credentials. OTORIO said the system dumps and screenshots were exported directly from the admin panel following unauthorised access to the controllers through their public IP addresses.

Details of the compromise first came to light after GhostSec shared a video on its Telegram channel demonstrating a successful login to the Berghof admin panel, in addition to dumping data from the hacked controllers.

The attacks against Israeli targets, dubbed "#OpIsrael," is said to have commenced on June 28, 2022, citing "continuous attacks from Israel towards Palestinians."  In the intervening period, GhostSec has carried out a number of attacks, including those aimed at internet-exposed interfaces belonging to telecoms firm Bezeq and a MATAM  electrical power meter. 

OTORIO:    GhostSec:     HackerNews:     Cyebresecuiity-Help:    Industrial Cyber

You Might Also Read: 

Hackers Fail To Contaminate Florida Water:

 

« US Defence Needs New Software at the Centre of its Operations
Check Point Launches Horizon Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Apcon

Apcon

Apcon's mission is to provide valuable network insights that enable security and network professionals to monitor, secure and protect their data in both physical and virtual environments.

CERT-PY

CERT-PY

CERT-PY is the national Computer Emergency Response Team for Paraguay.

Sentia

Sentia

Sentia is an IT and infrastructure firm, with focus on Outsourcing, IT operation and management, Hosting, Co-location, Network, and IT security.

Cradlepoint

Cradlepoint

With Cradlepoint customers leverage the speed and economics of wired and wireless Internet broadband for branch, mobile, and IoT networks while maintaining end-to-end visibility, security and control.

Inky Technology Corp

Inky Technology Corp

Inky® Phish Fence is an email protection gateway that uses sophisticated AI, machine learning and computer vision algorithms to block deep sea phishing attacks that get through every other system.

Coursera

Coursera

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online. Subject areas include Computer Security & Networks.

Samoby

Samoby

Samoby provide a subscription solution for Mobile Threat Protection and usage control on Android and iOS devices.

National Cybersecurity Student Association (NCSA) - USA

National Cybersecurity Student Association (NCSA) - USA

The National Cybersecurity Student Association is a one-stop-shop to enhance the educational and professional development of cybersecurity students through activities, networking and collaboration.

Mosaic 451

Mosaic 451

Mosaic451 is a bespoke IT managed services provider and consultancy specializing in information security, operations and design.

PAX Momentum

PAX Momentum

PAX Momentum is the Mid-Atlantic’s premier startup accelerator, specializing in cyber, enterprise software, telecom, CleanTech, FinTech, InsureTech, and AI.

CertiPath

CertiPath

CertiPath create products and services that ensure the highest levels of validation for digital identities that attempt to access customers’ networks.

HolistiCyber

HolistiCyber

HolistiCyber provide state-of-the art consulting, services, and solutions to help proactively and holistically defend against a new era of constantly evolving cyber threats.

Open Source Security Foundation (OpenSSF)

Open Source Security Foundation (OpenSSF)

OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all.

Crayon

Crayon

Crayon is a customer-centric innovation and IT services company. We provide guidance on the best solutions for our clients’ business needs and budget with software, cloud, AI and big data.

Kivera

Kivera

Kivera enforces your organisation governance and security policies across cloud deployments preventing misconfigurations turning into attack vectors.

International Maritime Cyber Security Organisation (IMCSO)

International Maritime Cyber Security Organisation (IMCSO)

The IMCSO mission is to be the standard in the maritime cyber security industry, a collective voice, working towards alignment and standardisation.