According to a report by the private security firm Seculert, 15 Israeli defense computers were hacked and taken over by an aggressor. The cyber attack went on for several days.
The only official comment the Israeli establishment has made about the incident has been a 'no comment'. As Guy Inbar, a spokesman for the civil administration, put it: "We are not commenting on it. We don't respond to such reports."
This cyber attack is very big news. It proves a point that my hacker friends repeat over and over -- any and every computer and Internet site is hack-able. It is simply a matter of time and energy and of course, resources. With the proper combination, when the stars are all properly aligned, even the Israeli Defense Forces can be hacked. In this way Israel's defense computer system is no different than that of the United States Department of Defense.
Seculert reports that the 15 hacked computers were all from the department of civil service. The computers belonged to the agency in charge of Palestinian movements into and out of Israel, the division that issues passes for Palestinians to enter Israel.
The malware used for this attack was Xtreme Rat. This is the second time in two years that this particular malware has gotten a foothold into Israeli defense computers. Both invasions were probably accomplished by the same hacker.
Xtreme Rat got into the system masquerading as a Shin Bet (Israeli Secret Service) email about the death of former Prime Minister Ariel Sharon. The email was sent on January 15. It fooled many of the security systems, anti-virus and spyware systems that were supposed to protect the computer network allowing the hacker to inject new Trojans, inject new commands, steal info and infect other computers.
In the end, Seculert created a sink hole, the Xtreme Rat was tricked into entering the sinkhole where it roamed around in a controlled and protected space, and the danger was contained. The chief tech officer for Seculert, Aviv Raff, is quoted as saying: "All we know is at least one computer at the civil administration was in control of the attackers; what they did we don't know." Personally, I am certain they know much more but in an effort to create a balance between honest and alarmist, this is all they are saying.
Ironically the hack occurred the day before a three-day international cyber conference took place in Jerusalem. Cyber security was, obviously, the central theme of the conference.
This is just the beginning. The server that hosted the original message was from the United States. But the coding was very similar to that used for a cyber attack on Israel from Gaza in October of 2012.
Although this hack was discovered and stopped, it will take some time to properly assess what damage was done, how much was compromised, and crucial details about what information was transmitted back to the sender. Most importantly, and this will take time to evaluate, Israel must determine if this Xtreme Rat was able to jump and infect other IDF systems.
There are no fool proof systems for computers and there is no way to function without computers.
One of the ways Israel does stay generally secure is by not linking most of their computers. That way, if, like in this attack against the civil administration, if one set of computers is actually hacked, the security breech can be contained. As an aside, that was one of the major faults of Iranian computer systems -- they seem to be much more unified.