Virtual Event Today: Supply Chain Security Summit - Join Event In-Progress

Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Israel Says Foiled Cyber Attack on Its Defence Firms

The Israeli defence ministry said on Wednesday that it had foiled an attempted cyber attack by a foreign group targeting the country’s defence manufacturers.

The Israeli defence ministry said on Wednesday that it had foiled an attempted cyber attack by a foreign group targeting the country’s defence manufacturers.

It said the attempt was made by “an international cyber group called ‘Lazarus,’ an organisation that is backed by a foreign country.”

The United States has linked Lazarus to North Korea’s regime, but the Israeli statement did not identify the foreign country concerned, nor did it say when the attempted attack took place or which firms it targeted.

Contacted by AFP, the defence ministry declined to provide further details.

“The cyber-attacks were identified in real time, and thwarted,” it said in an English language statement, adding that “no harm or disruption” was caused.

In March the US Treasury sanctioned two Chinese citizens and accused them of working with Lazarus Group, sponsored by North Korea and blamed for the April 2018 hack of an unnamed crypto-currency exchange in which about $250 million was stolen.

Last September, Washington issued sanctions against three North Korean entities accused in cyber attacks, including the Lazarus Group, which was involved in the theft of around $80 million from the central bank of Bangladesh.

It was also accused of being behind the WannaCry attack in 2017 that affected approximately 300,000 computers worldwide including in the US, Canada and New Zealand.

The heaviest hit was Britain’s public health system, with hospitals virtually shut down and thousands of patients turned away, costing the government ultimately more than $112 million.

Created in 2007, Lazarus Group has been known to authorities for years and was sanctioned by the United Nations in 2016.

The US Treasury said it was tied to the Reconnaissance General Bureau, Pyongyang’s main intelligence agency.

In the Israeli incident, the defence ministry statement said, “the attackers impersonated managers, CEOs and leading officials in HR departments… and contacted employees of leading defence industries in Israel.”

It said they posed as personnel recruiters and sought to tempt the employees with lucrative employment opportunities.

In the process, it said, they attempted to hack employees’ computers “and gather sensitive security information”.

Israel is a constant target of hacking attacks and has an extensive network of agencies tasked with countering the threats.

Israeli defence exports totalled $7.2 billion in 2019, with the bulk going to Asia and the Pacific region.

Related: Vulnerable Cellular Routers Targeted in Latest Attacks on Israel Water Facilities

Related: Hackers Knew How to Target PLCs in Israel Water Facility Attacks

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Cyberwarfare

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.