Hackers broke into an Israeli defense ministry computer via an email attachment tainted with malicious software that looked like it had been sent by the country’s Shin Bet secret security service, an Israeli cyber security firm said on Sunday.
Aviv Raff, chief technology officer at Seculert, said the hackers earlier this month temporarily took over 15 computers, one of them belonging to Israel’s Civil Administration that monitors the Palestinian Authority.
Raff told Reuters that Palestinians were suspected to be behind the cyber attack, citing similarities to a cyber assault on Israeli computers waged more than a year ago from a server in the Hamas-ruled Gaza Strip.
While the latest attack was conducted from a server in the U.S., experts noticed writing and composition similarities with the earlier attack, he said.
Israeli officials declined to comment on Raff’s findings. “We are not commenting on it, we don’t respond to such reports,” said Guy Inbar, a spokesman for the Civil Administration.
There was no immediate Palestinian comment on the report.
Securlet had not determined what the hackers did after the initial infection with “Xtreme RAT” software, Raff said. “All we know is at least one computer at the Civil Administration was in control of the attackers; what they did we don’t know.”
Raff declined to identify the other 14 computers targeted by the hackers. An Israeli source who spoke on condition of anonymity said these included companies involved in supplying Israeli defense infrastructure.
Based on Raff’s analysis, the 15 computers were in the hackers’ grip for at least several days after the Jan. 15 dispatch of the email, which included an attachment about former Israeli prime minister Ariel Sharon, who had just died.
Raff’s firm was able to “sinkhole” the operation, tricking the Xtreme RAT software into communicating with servers that Seculert controlled in order to figure out which computers were infected and to deactivate the attack.
Word of the cyber attack came a day before a three-day Israeli cybertech conference being held in Yerushalayim, and just after Prime Minister Binyamin Netanyahu plugged Israeli technological advances at the World Economic Forum in Davos.
Raff denied there was any irony in the timing of his warning so soon after Netanyahu’s remarks. “Unfortunately there is no such thing as 100 percent safety either when it comes to physical risks or information security,” he said.
At the CyberTech 2014 conference, some 1,500 participants heard Netanyahu speak about the challenges and risks that the cyber world brings with it.
“Decision-makers should meet and set up a kind of U.N. of the internet,” suggested Netanyahu. “We need a coalition of leading companies with capabilities in this world. This is the best thing that we can do to deal with the challenges. In my opinion, Israel is a leader in this field. We decided to concentrate these skills and establish a consortium of our security agencies, research institutes, and businesses.”