Cyber Attack Shuts Down Carmel Tunnels Toll Road

When Israel’s military chief delivered a high-profile speech this month outlining the greatest threats his country might face in the future, he listed computer sabotage as a top concern, warning a sophisticated cyberattack could one day bring the nation to a standstill.

Lt. Gen. Benny Gantz was not delivering empty words. Exactly one month before his address, a major artery in Israel’s national road network in Haifa suffered a cyberattack, cybersecurity experts tell The Associated Press, knocking key operations out of commission two days in a row and causing hundreds of thousands of dollars in damage.

One expert, speaking on condition of anonymity because the breach of security was a classified matter, said a Trojan horse attack targeted the security camera apparatus in the Carmel Tunnels toll road on Sept. 8. A Trojan horse is a malicious computer program that users unknowingly install and that can give hackers complete control over their systems.

The attack caused an immediate 20-minute lockdown of the roadway. The next day, the expert said, it shut down the roadway again during the morning rush hour. It remained shut for eight hours, causing massive congestion.

The expert said investigators believe the attack was the work of unknown, sophisticated hackers, similar to the anonymous hacking group that led attacks on Israeli websites in April. He said investigators determined it was not sophisticated enough to be the work of an enemy government like Iran.

The expert said Israel’s National Cyber Bureau, a two-year-old classified body that reports to the prime minister, was aware of the incident. The bureau declined comment, while Carmelton, the company that oversees the toll road, blamed a “communication glitch” for the mishap.

While Israel is a frequent target of hackers, the tunnel is the most high-profile landmark known to have been attacked. It is a major thoroughfare for Israel’s third-largest city, which is looking to turn the tunnel into a public shelter in case of emergency, highlighting its importance.

The incident is exactly the type of scenario that Gantz described in his recent address. He said Israel’s future battles might begin with “a cyberattack on websites that provide daily services to the citizens of Israel. Traffic lights could stop working, the banks could be shut down,” he said.

Oren David, a manager at international security firm RSA’s anti-fraud unit, said that although he didn’t have information about the tunnel incident, this kind of attack “is the hallmark of a new era.”

“Most of these systems are automated, especially as far as security is concerned. They’re automated and they’re remotely controlled, either over the internet or otherwise, so they’re vulnerable to cyberattack,” he said. Israel, he added, is “among the top targeted countries.”

Bracing for serious attacks on Israeli civilian infrastructure, Israel’s national electric company launched a training program this month at its CyberGym to teach engineers and power plant supervisors how to detect system infiltrations.

The Israel Electric Corp. says its servers register about 6,000 unique computer attacks every second.

“Big organizations and even countries are preparing for D-Day,” said Yasha Hain, a senior executive vice president at the company. “We decided to prepare ourselves to be first in line.”

This article appeared in print on page 6 of the October 28th, 2013 edition of Hamodia.