The Defense Commissioner for Defense (MLMB), in cooperation with other bodies in the defense community, thwarted a cyber attack against leading defense industries in the State of Israel, the publication was allowed. In order to infiltrate their computer networks
The investigation of the affair shows that the attempted attack was carried out by an international cyber system known as “Lazarus”, which is backed by a foreign country. The lineup members used various techniques of “social engineering” and impersonation. They built fake profiles on the LinkedIn network, which is mainly used for job searches in the high-tech worlds. The attackers impersonated managers, senior human resources departments and representatives of international companies and approached leading defense industry workers in Israel in an attempt to develop a dialogue with them and entice them with various job offers.
In the process of transferring the job offers, the attackers tried to infect the computers of Israeli industry workers and infiltrate the companies’ networks in order to gather sensitive security information. For the purpose of the attack, the attackers even used legitimate websites of other companies and industries without their knowledge.
Attempted attacks were identified in real time and thwarted by Malamav’s technological unit in the Ministry of Defense and by the defense industries’ cyber defense systems, without causing damage. At the same time, Malamav launched an advanced technological investigation and operational activity in cooperation with the defense industries and other bodies in the community. the security.
The Commissioner for Security in the Defense System (MLMB) is acting and will continue to act with the aim of thwarting attempts to infiltrate the computer networks of the defense industries and undermining the technological superiority of the State of Israel.
The information security company ESET stated that “as soon as the recipient opened the file, a seemingly innocent PDF document was presented with information about the salary offered for the fake work. In this way, malware was actually deployed on the victim’s computer and the attackers gained a foothold in the system. Against European airlines and aerospace, among the tools they used was multi-stage, customized malware that impersonated legitimate software and various versions of open tools, and also misused Windows installed utilities to perform additional operations.
“The attacks we investigated showed all the signs of espionage, with a number of clues suggesting a possible link to the infamous hacker group, Lazarus. However, neither the malware analysis nor the investigation itself allowed us to gain insights into which files the attackers targeted,” said Dominic Breitner, a malware researcher. Of ESET.