Iran’s Nuclear Site Attacked Following Attempts To Hack Israel's Water System

There have been cyber attacks on Israel’s water treatment plant from Iran, and an attack response from Israel on an Iranian Nuclear plantWhen Iran cyber attacked Israel’s water supply system on April 24 and 25, it did more than just shut down computers and disrupt water system operations.  

The water facility attack was intended to release large amounts of poisonous chlorine into Israel’s water delivery infrastructure, potentially poisoning tens of thousands of Israelis. Now, Israel is thought to be responsible for two major explosions at Iranian facilities, one related to uranium enrichment, the other for missile production.

Some Iranian officials have blamed possible cyber attack similar to the previous Stuxnet sabotage of their nuclear facilities.  Newly released satellite imagery showed the damage from what Iranian authorities attributed to a fire at the Natanz nuclear facility was far more extensive that previously disclosed.

It is thought n Israeli cyber attack caused a fire and explosion at the largely underground Natanz nuclear enrichment facility and in a separate attack Israeli F-35 stealth jets bombed a site located in the area of Parchin, which is believed to house a missile production complex, an area of particular concern for Israel, due to increasing sophistication of missiles and rockets in the arsenals of Iranian allies in Lebanon and Gaza. Neither of these claims were confirmed by Israeli officials.

The alleged Israeli attacks also came amid an ongoing campaign of so-called maximum pressure by the United States in the form of heavy sanctions on Iran and Iranian officials.

Iranian Cyber Attack On Israel’s Water Supply 

Israel successfully thwarted a major cyber attack against its water systems last month, widely thought to have been the work of  Iran. The assault was a "synchronised and organised" attempt at disrupting key national infrastructure, cyber chief Yigal Unna said in a video address to CyberechLive Asia, a digital international cyber conference.

The water facility attack was to release large amounts of poisonous chlorine into Israel’s water delivery infrastructure, potentially poisoning tens of thousands of Israelis. It may indicate a growing threat of cyber-attacks throughout the world.

Researchers at FireEye concluded that the malware developed for this kind of attack came out of Russia and specifically from the Central Scientific Research Institute of Chemistry and Mechanics, a Russian government-owned technical research institution in Moscow.

The first known use of the malware was against a petrochemical facility in Saudi Arabia in 2017. It would appear the Russia-developed cyber-weapon was shared with Iranian government hackers. The attack was routed through servers in Europe and the United States to try to hide its origin. 

These rising attacks are attributed by US officials to international actors like China, Russia, and Iran. Covid-19-linked cyber-attacks reflect the huge competition among global pharmaceutical companies for windfalls and market share if a successful vaccine is developed. 

A growing concern in the US is that foreign equipment, mainly coming from China, can have built-in back doors or include malware buried in the code of the firmware or software that comes with the hardware. 

The Israeli security cabinet decided on the subsequent port attack instead of stronger military action. Israel’s response would likely have been far harsher had the Iranian attack accomplished its poisonous objective. 

The US probably would likewise react harshly if a critical infrastructure attack did any real and lasting damage and resulted in civilian casualties. No one can say for sure when, or if, that will happen but the potential for a cyber-driven military confrontation is rising.

Military Aerospace:       Asia Times:         Deutsche Welle:     Times of Israel:

You Might Also Read: 

Do Not Underestimate Iran’s Cyber Threat:

 

« Hackers Extort $1.14m From University of California
Journalist’s Phone Hacked Using An ‘Invisible’ Technique »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cavirin

Cavirin

Cavirin’s Automated Risk Analysis Platform reduces risk and automates security and compliance.

Ionic Security

Ionic Security

Ionic provide a high-assurance data protection and control platform built on strong encryption, fine-grain control and contextual analytics.

Matta

Matta

Matta is a cyber security consulting company providing information security services and solutions including vulnerability assessments, penetration testing and emergency response.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

National Health Care Anti-Fraud Association (NHCAA)

National Health Care Anti-Fraud Association (NHCAA)

National Health Care Anti-Fraud Association is the leading national organization focused exclusively on the fight against health care fraud.

Japan Cybersecurity Innovation Committee (JCIC)

Japan Cybersecurity Innovation Committee (JCIC)

JCIC is an independent and not-for-profit thinktank to establish a secure and safe digital society.

CUJO AI

CUJO AI

CUJO AI is the global leader in the development and application of artificial intelligence to improve the security, control and privacy of connected devices in homes and businesses.

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF)

Enterprise Incubator Foundation (EIF) of Armenia is one of the largest technology business incubators and IT development agencies in the region.

ISARR

ISARR

The ISARR software platform - your bespoke Risk, Resilience & Security Management solution. Simple, cost effective and adaptable, now and into the future.

NodeSource

NodeSource

NodeSource helps organizations run production-ready Node.js applications with greater visibility into resource usage and enhanced awareness around application performance and security.

Internet Security Research Group (ISRG)

Internet Security Research Group (ISRG)

ISRG's mission is to reduce financial, technological, and educational barriers to secure communication over the Internet.

NSR

NSR

NSR provide trusted solutions that deliver positive business outcomes for our clients in cybersecurity and data protection challenges.

Oman Data Park

Oman Data Park

The Data Park is Oman’s premier IT Managed Services provider. We offer a superior Tier 3 Data Center network providing cyber security and cloud services.

GM Sectec

GM Sectec

GM Sectec is the world's largest independent Cyber Defense and Fraud Prevention firm laser focused on payment security.

QEDIT

QEDIT

QEDIT is leading the standardization of Zero-Knowledge Proofs through the ZKProof.org Workshops, and builds production-grade ZKP systems for blockchain.

Bleach Cyber

Bleach Cyber

Bleach Cyber helps small businesses with an affordable and user-friendly solution for managing cloud security.