All the latest UK technology news, reviews and analysis

Governments warned of email malware threat after Israel computer hack

27 Jan 2014

Hackers successfully hijacked 15 Israeli Defense Ministry computers using targeted malware, according to security firm Seculert. The incident underlines the growing to governments from determined attackers.

Seculert chief technology officer Aviv Raff confirmed the attack during an interview with Reuters. He said the attackers infected the machines using malware-laden email messages.

The messages were reportedly laced with the infamous Xtreme RAT remote access Trojan and were designed to look like they came from Israel's anti-terrorist Shin Bet secret security agency.

Raff said despite successfully sinkholing the attacks, the company is yet to discover what the hackers did after the breach.

He added that the potential damage could be huge as the attackers managed to compromise a machine in the ministry's Civil Administration. This division monitors the movement of goods and people between Israel and the West Bank and Gaza.

The Xtreme RAT malware grants hackers complete control of an infected machine. It lets them execute a variety of commands that can mine data from the machine, or use it as an access point to get further into the victim's network and systems, for example.

It is currently unclear who mounted the attack, though Raff said early evidence suggests a Palestinian group is responsible. At the time of publishing Seculert and the Israeli Department of Defense had not responded to V3's request for a response to Raff's comments.

Security vendors said that the nature of the attack should serve as a warning to other government agencies around the world. Vice president of Global Accounts at Good Technology, Phil Barnett, noted it could have easily been a UK defence agency that fell victim.

"This could just as easily happen to a UK company or agency, or anywhere in the world. Location doesn't matter. It's all about understanding and protecting access points. The better visibility and control that a company has over all of its external access points, the better it can protect against attacks such as these," he said.

FireEye chief technology officer Greg Day warned businesses and government departments to expect further attacks of a similar nature.

"It's no great surprise that email is believed to be the method of infiltration. Whilst we build greater defensive controls, attacks are smart enough to recognise the communications we allow and then exploit the weakness that is hardest to fix: humans," he said.

"We do see such attacks occurring on an all too regular basis and what is key is the timely discovery and containment of such attacks. Organisations will continually be targeted, whether it is from hobbyists, who simply want to see if they are smart enough to get in, through to competing nations looking for intelligence."

State-sponsored cyber attacks are a growing threat facing the public and private sector. Security researchers from CrowdStrike reported a state-sponsored Russian hack campaign targeting the energy sector, codenamed Energetic Bear.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Devices at work poll

Which device do you use most for work?

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

MS Dynamics CRM Consultant

MS Dynamics CRM Consultant, Microsoft Gold Partner, £40...

Android Developer - London - £60,000 - £70,000

Senior Android Developer - London - i-beacon technology...

Software Architect

SAP Software Architect required for an exciting contract...

Head Planner

Foster + Partners are an award winning global Architecture...
To send to more than one email address, simply separate each address with a comma.