Israel Says Foiled Cyber Attack on Its Defence Firms

The Israeli defence ministry said on Wednesday that it had foiled an attempted cyber attack by a foreign group targeting the country’s defence manufacturers.

It said the attempt was made by “an international cyber group called ‘Lazarus,’ an organisation that is backed by a foreign country.”

The United States has linked Lazarus to North Korea’s regime, but the Israeli statement did not identify the foreign country concerned, nor did it say when the attempted attack took place or which firms it targeted.

Contacted by AFP, the defence ministry declined to provide further details.

“The cyber-attacks were identified in real time, and thwarted,” it said in an English language statement, adding that “no harm or disruption” was caused.

In March the US Treasury sanctioned two Chinese citizens and accused them of working with Lazarus Group, sponsored by North Korea and blamed for the April 2018 hack of an unnamed crypto-currency exchange in which about $250 million was stolen.

Last September, Washington issued sanctions against three North Korean entities accused in cyber attacks, including the Lazarus Group, which was involved in the theft of around $80 million from the central bank of Bangladesh.

It was also accused of being behind the WannaCry attack in 2017 that affected approximately 300,000 computers worldwide including in the US, Canada and New Zealand.

The heaviest hit was Britain’s public health system, with hospitals virtually shut down and thousands of patients turned away, costing the government ultimately more than $112 million.

Created in 2007, Lazarus Group has been known to authorities for years and was sanctioned by the United Nations in 2016.

The US Treasury said it was tied to the Reconnaissance General Bureau, Pyongyang’s main intelligence agency.

In the Israeli incident, the defence ministry statement said, “the attackers impersonated managers, CEOs and leading officials in HR departments… and contacted employees of leading defence industries in Israel.”

It said they posed as personnel recruiters and sought to tempt the employees with lucrative employment opportunities.

In the process, it said, they attempted to hack employees’ computers “and gather sensitive security information”.

Israel is a constant target of hacking attacks and has an extensive network of agencies tasked with countering the threats.

Israeli defence exports totalled $7.2 billion in 2019, with the bulk going to Asia and the Pacific region.

Related: Vulnerable Cellular Routers Targeted in Latest Attacks on Israel Water Facilities

Related: Hackers Knew How to Target PLCs in Israel Water Facility Attacks