Hackers Attack Israel’s Water Infrastructure

The Israeli government says that hackers have targeted its water supply and treatment facilities and has issued an alert to all organisations in the water sector following a series of cyber-attacks aimed at water facilities. 

According to news published by Israel’s National Cyber Directorate, the attacks targeted supervisory control and data acquisition (SCADA) systems at wastewater treatment plants, pumping stations and sewage facilities.

In a security alert sent by the Israeli National Cyber-Directorate (INCD), the agency is urging personnel at companies active in the energy and water sectors to change passwords for all internet-connected systems. If passwords can't be changed, the agency recommended taking systems offline until proper security systems can be put in place.

The Israeli government has issued these alerts in an attempt to improve the cyber-security posture of its industrial infrastructure, but also after it received a report from cyber-security firm ClearSky. The company is said to have identified an Islamic hacktivist group active on social media. Named the Jerusalem Electronic Army, the group has a presence on all major social networks, such as Facebook, Instagram, WhatsApp, Twitter, and Telegram, where it often posts screenshots from targets they claim to have hacked.

On some of these sites, the group has claimed to have gained access to various Israeli universities and government systems.

Organisations in the water and energy sectors have been advised to immediately change the passwords of internet-accessible control systems, reduce internet exposure, and ensure that all control system software is up to date.
There are a number of potential options for this initial access breach. 

Most local water supply and waste-water facilities are small sites and most of them are connected via cellular-based communication to the Internet for maintenance and other purposes. These cellular routers are rarely hardened in terms of password control, disabling unsecure management interfaces and facing public IP address. So, it is believed that that cyber-criminal activity had been conducted remotely by scanning for known vulnerabilities, open ports, and exploiting weak or default passwords.

According to local media reports, the attacks targeted facilities across the country and Israel’s Water Authority claimed the attacks did not cause any operational damage. Organisations have been advised to immediately report incidents that result in disruption. 

Hackers targeting water and other vital utilities is a rel threat and experts have issued warnings that internet-exposed industrial control systems (ICS) often leave such facilities at risk.

Times of Israel:      radiflow:       ZDNet:      Security Week:        

You Might Also Read: 

Selecting The Right SCADA Technology:

 

 



 

 

« British Government Advice Threatens Your Cyber Security
Effective Cyber Security Training Using The GoCyber App »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

SureCloud

SureCloud

SureCloud is a Governance, Risk and Compliance (GRC) and Cybersecurity Solutions provider.

Teradata

Teradata

Teradata is a leading provider of enterprise big data analytics and services. Applications include Cyber Security Analytics.

HPE Aruba Networking

HPE Aruba Networking

HPE Aruba Networking, a Hewlett Packard Enterprise company, is a leading provider of next-generation network access solutions for the mobile enterprise.

Trustelem

Trustelem

Trustelem offers European and global companies a ready-to-use access management service that respects the principles of sovereignty, territoriality and privacy.

Belle de Mai Incubator

Belle de Mai Incubator

Belle de Mai Incubator supports and funds innovative startup ideas in digital industries.

ProWriters

ProWriters

As a leading cyber insurance company, ProWriters offers flexible Cyber Liability Insurance coverage designed to cover privacy, data, and network exposures.

3wSecurity

3wSecurity

3wSecurity provides visibility to your company’s internet facing systems throughout the security life cycle, allowing for a more thorough approach to vulnerability management.

Dr Web

Dr Web

Since 1992 the Russian anti-virus Dr.Web has been helping companies to keep their digital assets protected and operate in a secure digital environment.

Gotham Digital Science (GDS)

Gotham Digital Science (GDS)

Gotham Digital Science is an international security services company specializing in Application and Network Infrastructure security, and Information Security Risk Management.

GTT Communications

GTT Communications

GTT are a global network provider that serves thousands of multinational and national enterprise, government and carrier customers with a portfolio of advanced connectivity and security services.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

6WIND

6WIND

6WIND deliver virtualized, cloud-native, distributed high performance & secure networking software solutions to support new applications such as 5G, IoT, SD-WAN.

Nuance Communications

Nuance Communications

From revolutionizing the doctor-patient relationship to reinventing the way brands connect with their customers, Nuance technology helps organizations push the boundaries of what’s possible.

Cybastion

Cybastion

Cybastion develops robust world-class cybersecurity solutions tailored to suit the needs of different businesses, governments and public sector entities.

Communications Fraud Control Association (CFCA)

Communications Fraud Control Association (CFCA)

CFCA is the premier International Association for fraud risk management, fraud prevention and profitability control.

Certera

Certera

Certera is a modern and affordable SSL Certificate, Code Signing Certificate, and Cyber Security Services provider.