The National Cybersecurity Bureau has opened an investigation into what appears to be a “social engineering” attempt – where hackers try to manipulate targets – on the IDF computer system. A report on Army Radio said that “international support personnel” recently have been calling IDF bases, and have sought to gain authentication and login information, or to convince information technology personnel to allow them to connect to an army computer. The presumed purpose was that the hackers would try to install malware, perhaps even ransomware – which locks up files and requires the victim to pay a ransom in order to get their files – in IDF computers.
Among the callers were “support personnel” who claimed to be from Microsoft. The callers would claim that there was a security issue with Microsoft software in use on the computer, and that a patch needed to be applied – by the caller. The soldier would be asked to turn on features like screen sharing, to allow the “support” person to connect directly to the computer. The requests were made for both IDF and personal computers and devices, with the hackers apparently believing that the personal devices were connected to the IDF network. The hackers told targets that without installing the update, security in the system would be breached – and that they would be responsible for whatever problems ensued.
In a statement, the IDF said that “this is the kind of incident that many Israelis experience, including IDF soldiers. It is being dealt with by the appropriate authorities, both in the National Cybersecurity Bureau and the IDF. None of the efforts succeeded, and there have been no breaches or damage to IDF computers as a result of this. We have reviewed and reiterated cybersecurity regulations for personnel.”