Amateur hackers are poking holes in Israel’s image as a cyber superpower
Personal details of one of the country’s leading cyber professionals were exposed in the latest Iranian-linked breach of IAI’s Elta Systems
Raphael Kahan | 16:23 21.12.2020
The personal details of one of Israel’s leading cybersecurity figures, Esti Peshin, the General Manager of Israel Aerospace Industries’ Cyber Division, have been exposed in files uploaded to the web by Iranian-linked hackers who managed to breach the servers of defense company Elta Systems. Peshin is considered a leader in the Israeli cyber sector who has overseen the export of IAI’s cybersecurity products all over the world, led the company’s collaboration project with the Singaporean national cyber agency, and assisted in the establishment of cybersecurity divisions in many Israeli companies. Pay2key hacker group to another Iranian group called Fox Kitten.” According to ClearSky analysis, Fox Kitten is a criminal group, but that doesn’t mean they won’t take advantage of the situation to embarrass Israel as a type of political hacktivism. There have been many responses on Twitter to the group’s boasts of successfully hacking into the sensitive Israeli company, among them by Iranians, Syrians, and Palestinians all congratulating on the success. Lior Frenkel, the CEO and co-founder of Waterfall Security Solutions, agrees with the evaluation that it was a case of cybercriminals who simply took advantage of Israel’s cyber weaknesses. Meanwhile, on Twitter, an account going under the name of 0x972DC has been boasting that it had managed to counter-hack the Iranians’ systems and expose their personal details. The user uploaded several photos of people he or she claimed belonged to the Pay2Key group. According to what is written there, it is indeed a relatively amateur hacking group that was able to utilize a known security vulnerability in Windows. Apparently, IAI’s systems were not updated to patch the breach point and the hackers simply took advantage of it.
A number of computer experts Calcalist spoke to raised concerns about the management of IAI’s internal network. Among other things, they pointed out the fact that all of the company’s various divisions and daughter companies were all linked on the same network, putting the entire company at risk in the case of a breach. That said, it is not clear whether the hackers were sophisticated enough to take such widespread action and access places with classified or sensitive information. If not, it is only due to dumb luck.
The breach is not yet over and it is still difficult to assess the magnitude of data the hackers were able to steal. What is certain is that it is a move that can be utilized by the Iranian authorities too. The fact that IT teams often aren’t skilled or well trained enough in data protection is repeatedly being used for breaches that don’t require much in the way of sophistication. If in the past Israel could rest assured that it was not at the top of hackers’ target lists, at least not of those who are criminally motivated, that is no longer the case. The more Israel boasts of being a cyber superpower, the more it will attract attackers who want to meet the challenge.