Iran’s Nuclear Site Attacked Following Attempts To Hack Israel's Water System

There have been cyber attacks on Israel’s water treatment plant from Iran, and an attack response from Israel on an Iranian Nuclear plantWhen Iran cyber attacked Israel’s water supply system on April 24 and 25, it did more than just shut down computers and disrupt water system operations.  

The water facility attack was intended to release large amounts of poisonous chlorine into Israel’s water delivery infrastructure, potentially poisoning tens of thousands of Israelis. Now, Israel is thought to be responsible for two major explosions at Iranian facilities, one related to uranium enrichment, the other for missile production.

Some Iranian officials have blamed possible cyber attack similar to the previous Stuxnet sabotage of their nuclear facilities.  Newly released satellite imagery showed the damage from what Iranian authorities attributed to a fire at the Natanz nuclear facility was far more extensive that previously disclosed.

It is thought n Israeli cyber attack caused a fire and explosion at the largely underground Natanz nuclear enrichment facility and in a separate attack Israeli F-35 stealth jets bombed a site located in the area of Parchin, which is believed to house a missile production complex, an area of particular concern for Israel, due to increasing sophistication of missiles and rockets in the arsenals of Iranian allies in Lebanon and Gaza. Neither of these claims were confirmed by Israeli officials.

The alleged Israeli attacks also came amid an ongoing campaign of so-called maximum pressure by the United States in the form of heavy sanctions on Iran and Iranian officials.

Iranian Cyber Attack On Israel’s Water Supply 

Israel successfully thwarted a major cyber attack against its water systems last month, widely thought to have been the work of  Iran. The assault was a "synchronised and organised" attempt at disrupting key national infrastructure, cyber chief Yigal Unna said in a video address to CyberechLive Asia, a digital international cyber conference.

The water facility attack was to release large amounts of poisonous chlorine into Israel’s water delivery infrastructure, potentially poisoning tens of thousands of Israelis. It may indicate a growing threat of cyber-attacks throughout the world.

Researchers at FireEye concluded that the malware developed for this kind of attack came out of Russia and specifically from the Central Scientific Research Institute of Chemistry and Mechanics, a Russian government-owned technical research institution in Moscow.

The first known use of the malware was against a petrochemical facility in Saudi Arabia in 2017. It would appear the Russia-developed cyber-weapon was shared with Iranian government hackers. The attack was routed through servers in Europe and the United States to try to hide its origin. 

These rising attacks are attributed by US officials to international actors like China, Russia, and Iran. Covid-19-linked cyber-attacks reflect the huge competition among global pharmaceutical companies for windfalls and market share if a successful vaccine is developed. 

A growing concern in the US is that foreign equipment, mainly coming from China, can have built-in back doors or include malware buried in the code of the firmware or software that comes with the hardware. 

The Israeli security cabinet decided on the subsequent port attack instead of stronger military action. Israel’s response would likely have been far harsher had the Iranian attack accomplished its poisonous objective. 

The US probably would likewise react harshly if a critical infrastructure attack did any real and lasting damage and resulted in civilian casualties. No one can say for sure when, or if, that will happen but the potential for a cyber-driven military confrontation is rising.

Military Aerospace:       Asia Times:         Deutsche Welle:     Times of Israel:

You Might Also Read: 

Do Not Underestimate Iran’s Cyber Threat:

 

« Hackers Extort $1.14m From University of California
Journalist’s Phone Hacked Using An ‘Invisible’ Technique »

Directory of Suppliers

Cyber Security Service Supplier Directory

Cyber Security Service Supplier Directory

Free Access: Cyber Security Service Supplier Directory listing 4,000+ specialist service providers.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

Tenable Network Security

Tenable Network Security

Tenable Network Security - Don't rely only on CVSS to prioritize. Use machine learning to predict what is most likely to be exploited.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

WEBINAR: How to improve threat detection and hunting in the AWS Cloud

Thursday, August 20, 2020 - Join SANS and AWS Marketplace to learn the exercise of applying MITRE’s ATT&CK Matrix to the AWS Cloud and how to enhance threat detection and hunting in an AWS environment

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Irish Reporting & Information Security Service (IRISS)

Irish Reporting & Information Security Service (IRISS)

IRISS-CERT is Ireland's first CSIRT (Computer Security Incident Response Team) to provide services to all users within Ireland.

CERT.GOV.AZ

CERT.GOV.AZ

Azerbaijan Government Computer Incident Response Team

Known Four

Known Four

Known Four Information Security division specialises in recruiting InfoSec professionals.

Signifyd

Signifyd

Signifyd is the world's largest provider of Guaranteed e-Commerce Fraud Protection.

Viscount Systems

Viscount Systems

Viscount Systems is a global security software solutions company that is changing the way access control is deployed and managed in the enterprise.

Cytomic

Cytomic

Cytomic is the business unit of Panda Security specialized in providing advanced cybersecurity solutions and services to large enterprises.

BlueRiSC

BlueRiSC

BlueRiSC invent cutting-edge system assurance solutions for the 21st century with novel software and hardware designs focusing on security technologies that can be game changing.

Leidos

Leidos

Leidos is a recognized leader in cybersecurity across the federal government, bringing more than a decade of experience defending cyber interests globally.