Hackers Attack Israel’s Defence Sector

Uploaded on 2020-08-24 in TECHNOLOGY-Key Areas-Social Media, TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

North Korea is hacking Israeli defence businesses with fake job offers with the intention to steal sensitive data. 

Israel’s Ministry of Defence say the hackers are part of the Lazarus Group which has been linked to N. Korea by the US Intelligence. Using a method seen previously in 2019, the hackers created false LinkedIn accounts impersonating CEOs and top officials at multinational companies to place the fake jobs on the market.

The attackers are interested in compromising the employees’ computers, infiltrating their networks, and stealing sensitive security information, the Ministry of Defense said.

The leading Israeli cyber security firm, Clears has been tracking the campaign and report that the hackers impersonate major defense companies  the likes of Boeing, McDonnell Douglas, and BAE. After making contact with targets, the hackers continued conversations with victims over WhatsApp and ClearSky. Israel’s Ministry of Defense said it had blocked the attempts in “real time,” adding that “no harm or disruption was made to their networks.” 

The attack was deflected “in real time” and that there was no “harm or disruption” to its computer systems, according to Israeli Defense sources.

However, security researchers at ClearSky, say the North Korean hackers penetrated the computer systems and were likely to have stolen a large amount of classified data.

Israeli officials fear the data could be shared with North Korea’s ally, Iran. Also according to ClearSky, the North Korean hackers’ campaign has succeeded on a number of occasions, infecting “several dozens” of companies and organisations both in Israel and around the world.

North Korean government-linked hackers have continued to pose as job recruiters or send fake job offers even though it is not apparent if any of their previous efforts have been successful.

The North Korean attack on Israeli’s defense industry began with a LinkedIn message in June, ClearSky researchers said. North Korean hackers posing as a Boeing headhunter sent a message to a senior engineer at an Israeli government-owned company that manufactures weapons for the Israeli military and intelligence.

Some officials fear that classified data stolen by North Korea could be shared with Iran, who are the main suspects in a sophisticated attempt to poison Israels's water sytem earlier this year.

Now this attack adds Israel to the list of countries and companies that have been targeted by North Korea’s hacking unit, known to private security analysts as the Lazarus Group. American and Israeli officials have said the Lazarus Group, also known as Hidden Cobra, is backed by Pyongyang.

Since the start of the year, Israel has reported attempted cyber-attacks on power stations and water utilities, with officials pointing the finger at Iran or Iranian-backed groups.

Reuters:           New York Times:         Deccan Herald:         CyberScoop

You Might Also Read:

Hackers Attack Israel’s Water Infrastructure:

 

« Creating Post-Modern Intelligence
Industrial Robots Are Not Safe From Cyber Attack »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Netsparker

Netsparker

Netsparker provide a web application security scanner to automatically find security flaws in your websites, web applications and web services.

France Cybersecurity

France Cybersecurity

France Cybersecurity represents the French cybersecurity industry to raise international awareness of French cybersecurity capabilities and solutions.

Convercent

Convercent

We offer comprehensive and integrated compliance management, reporting, and analytics. A 360-degree view of compliance drives efficiency by aligning initiatives and data into a single dashboard.

Protectimus

Protectimus

Affordable two factor authentication (2FA) provider. Protect your data from theft with multi factor authentication service from Protectimus.

FTAPI Software

FTAPI Software

FTAPI SecuTransfer is a software solution for end-to-end encrypted data exchange of large and sensitive data with customers and partners.

PSW Group

PSW Group

PSW Group is a full-service Internet solutions provider with a special focus on Internet security.

Secure IT Disposals

Secure IT Disposals

Secure IT Disposals specialise in professional Computer Recycling, Computer Disposals, Computer Destruction, Data Erasure and end-of-lifecycle solutions.

ConvergeOne

ConvergeOne

ConvergeOne is a leading global IT services provider of collaboration and technology solutions including cybersecurity.

CHEQ

CHEQ

CHEQ provides fully autonomous, preemptive technology for brand safety and ad-fraud prevention.

Truesec

Truesec

TRUESEC has an exceptional mix of IT specialists. We are true experts in cyber security, advanced IT infrastructure and secure development.

ACSG Corp

ACSG Corp

ACSG Corp is a Critical Infrastructure Protection Company with a multi-disciplinary focus on building analytics software for various industry sectors.

Aegis Security

Aegis Security

Aegis Security helps clients to secure their systems against potential threats through pre-emptive measures, such as security assessments, and cutting-edge solutions to security challenges.

SHI International

SHI International

SHI International deliver against your IT and business needs, helping you build strategies and solutions that will drive innovation, collaboration and security.

NetScout Systems

NetScout Systems

NetScout assures digital business services against disruptions in availability, performance, and security.

Guardsman Cyber Intelligence (GCI)

Guardsman Cyber Intelligence (GCI)

GCI provides proven cyber intelligence solutions to protect your business against ever present physical and digital threats shadowing your online business.

ConvergePoint

ConvergePoint

ConvergePoint is the leading compliance software provider on the Microsoft Office 365 SharePoint platform.