The tiny state of Israel is forced to face the onslaught of violent attacks all too frequently. They come from the north in the form of missiles fired by Bashar al-Assad’s regime in Syria; from the south as Hamas and the Islamic State rain down rockets on Israeli civilians; and from within through stabbings, car rammings, shootings and suicide bombers.
Yet last week, Israel thwarted yet another type of attack aimed at crippling the Jewish state. In a highly unusual announcement, Israel’s National Cyber Defense Authority said on Wednesday that it had successfully thwarted a large-scale cyber attack directed at Israeli businesses and infrastructure. The attack was not aimed at the Jewish state’s defense industry, but rather came as an effort to cripple the Israeli economy.
Targeting more than 120 Israeli public and private organizations, the attack occurred last week between 19 April and 23 April. The authority explained that the onslaught came in the form of a malicious email campaign. The attacker posed online as a legitimate organization, falsified a reliable company’s security certificates and targeted numerous private companies, government ministries, public bodies and private individuals.
Hailing the attack as “sophisticated,” Rafi Franco, senior official of the National Cyber Defense Authority said that the attacker sent emails originating from the server of an authentic academic institution with malicious Microsoft Word files attached to the messages, The Israel Project reports. Anti-virus software did not identify the attack.
According to The Jerusalem Post, the bug sent, known as CVE-2017-0199, works by exploiting a weakness in Microsoft systems, especially Microsoft Word. Since the attack, Microsoft has fixed this vulnerability.
“This was a massive attack,” said Alberto Hasson, CERT director of the National Cyber Defense Authority, “one of the largest we have witnessed. Its intention was to take control of companies’ computers. Once that happens, whoever controls it can do as he pleases.”
“We are positive that we have succeeded in thwarting the attack very well,” Hasson continued. “We have carried out a serious investigation over the past weekend. We know with very high certainty who was attacked and how.”
Israeli cyber security experts believe that the attack comes from one of the Jewish state’s main security threats: Iran. According to Haaretz, the source of the attack has been traced to a hacker group named OilRig. The group reportedly falls under one of the Islamic Republic’s intelligence agencies and received their direction and financial directly from Tehran.
In the aftermath of the attack, the National Cyber Defense Authority has vowed to draw up instructions for individuals, businesses and government ministries to protect themselves against any possible future cyber attacks.