Israel’s National Cyber Directorate says Iran is behind the attack on the Technion

The cyber attack against the Technion was carried out by a group of hackers identified with Iran - the National Cyber Directorate announced on Tuesday. About three weeks ago, the computer systems of the Technion, one of the world's leading institutions in the field of computer science, were hit by a cyber attack, as a result of which the systems were shut down for many days.

The Cyber Directorate announced on Tuesday that following a joint investigation with the Technion, it appears that a hacker group known as MuddyWater was behind the attack. MuddyWater is connected with Iran's intelligence and security establishment. "Many attacks have been attributed to the group across the world, with the U.S. and UK issuing a joint statement about a year ago in which they attributed to the group a series of attacks on a variety of sectors in Asia, Africa and North America," the Directorate said. “In addition, the investigation revealed that the group made use of a malware designed to encrypt operating systems.”

Hacker.

MuddyWater was defined last year by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) as an entity operating under the auspices of the Iranian government. The group's past targets have included telecom companies, defense companies, local authorities, and fossil fuel companies, among others. The main goals of the group's attacks are cyber espionage, mainly against state bodies, theft of intellectual property, mainly from public research bodies and universities, and ransom attacks.

A few days after the attack, MuddyWater announced that it had stolen information from the Technion. Considering the type of research that is carried out at the institution, some of it in collaboration with security authorities, the fear that sensitive information has been stolen is certainly a concern.