Governance & Risk Management , Next-Generation Technologies & Secure Development
Malware Attack Slams Israeli Electricity AuthoritySome Government Systems Offline After 'Severe Cyberattack'
Israel has reportedly foiled a "severe cyberattack" launched against the Israeli Electricity Authority, which was discovered on Jan. 25. The malware attack doesn't appear to have resulted in any disruption to the country's power grid.
Yuval Steinitz, Israel's Minister of National Infrastructure, Energy and Water, told attendees at the two-day CyberTech Conference in Tel Aviv that the attack was being "handled" by his agency, as well as Israel's National Cyber Bureau, Israeli daily Harretz reports.
"The virus was already identified and the right software was already prepared to neutralize it," Steinitz told the conference on Jan. 26, The Times of Israel reports. "We had to paralyze many of the computers of the Israeli Electricity Authority. We are handling the situation and I hope that soon, this very serious event will be over ... but as of now, computer systems are still not working as they should."
The country's Electricity Authority has confirmed in a statement that as a result of the malware attack, it shut down many of its computer systems on Jan. 25, although it has been working hard to clean and bring all systems back online. But the agency has yet to detail what type of malware was involved, although Israeli news portal Ynet reports that it was a ransomware outbreak delivered via a phishing attack.
Contrary to some press reports that Israel's power grid was under attack, Robert M. Lee, CEO of critical infrastructure cybersecurity firm Dragos Security, says in a blog post that the targeted regulatory agency is only about 30 people strong, and that it does not run "the networks of the Israeli electric companies, transmission, or distribution sites."
The malware attack comes just one month after Ukraine's computer emergency response team reported that attackers had managed to disrupt the power grid in the western part of that country after gaining remote access to systems. While full details have yet to come to light, security experts say that attackers apparently deployed BlackEnergy Trojan as well as wiper malware in an attempt to delay the utilities' ability to restore power, which they had to do manually (see More Phishing Attacks Target Ukraine Energy Sector).
Critical Infrastructure Concerns
Steinitz, meanwhile, told information security conference attendees that the attack against the Electricity Authority is a reminder of "the sensitivity of infrastructure to cyberattacks, and the importance of preparing ourselves in order to defend ourselves against such attacks."
The Israeli government hasn't named any suspects who might have been behind the attack. In the past, however, Israeli officials say that government systems are frequently targeted by attackers, and they ascribe many of these attacks and infiltration attempts as being the work of the Shiite militia Hezbollah or the Iranian government.
Netanyahu Heralds National Cyber-Force
Also speaking at the CyberTech Conference, Israeli Prime Minister Benjamin Netanyahu on Jan. 26 discussed his government's efforts to prepare the country to better defend itself against cyberattacks, detailing related efforts in "the realm of national security and the realm of industry." He also restated his intention for Israel "to be one of the five leading cyber powers in the world."
On the national security front, he said that the government has launched a national cyber-force. "This is like the Air Force or like the Navy or like the ground forces. This is an arm of the military," he said. "I won't enlarge on that."
On the industry front, meanwhile, he noted that the cabinet last year created a national cybersecurity authority, which is designed to work with the country's National Cyber Bureau, which sets national policies and was launched in 2012. With the new cybersecurity authority, "we are coordinating all our civilian cybersecurity efforts in one [place]," he said. "This is something that we do because if we don't, we're just not going to move in the direction that we need to try to give greater cybersecurity to our companies, to our vital infrastructure, to our civilians, our citizens."