Hack Attack Victimizes ‘Iron Dome’ Constructors of Israel
According to Brian Krebs security blogger working independently, computer hackers attacked 3 defense contractors in Israel who are credited with constructing well-known missile shield named "Iron Dome," presently safeguarding the country against series of rocket strikes, so they could steal large volumes of sensitive data containing details of the shield technology, reported KrebsOnSecurity.com dated July 28, 2014.
The hacks, according to CyberESI (Cyber Engineering Services Inc.) a threat intelligence company, took place over nearly a year from October 2011 to August 2012, so learnt Brian Krebs.
Apparently, the hackers ran a phishing campaign to compromise the intended data. Accordingly, they installed malicious software onto three organizations' servers, thus acquiring a "backdoor" entry inside those machines which helped them hunt the particular files that were of interest to them.
The organizations attacked included Israel Aerospace Industries, Elisra Group, and Israel Military Manufacturing -Rafael.
It's reported that during the phishing attack, the hackers robbed documents, charts, graphics as well as presentations associated with the Iron Dome, UAVs (Unmanned Aerial Vehicles), one program named Arrow III along with more technical documents detailing various aspects of the defense systems.
Understandably, 'Comment Crew' a Chinese hackers' gang carried out the particular phishing with sponsorship from the nation-state, while maintaining close links with China's Liberation Army.
As per Joseph Drissel CEO of CyberESI, the gang is being charged with filching data held with different defense contractors and corporations of US, published timesofisrael.com dated July 29, 2014.
And though it isn't astonishing that hackers target members of the security community, it's slightly bewildering that even at so late a period as 2014 such an ancient strategy viz. phishing, where someone feigns to be what he's not, continues to breach highly sensitive systems.
Besides, this isn't really a lone instance. For, there have been plentiful phishing scams vis-à-vis security and defense contractors over the recent years. A Japanese firm, which executes contracts to benefit Japan's government, apparently got victimized with a spear-phishing scheme, during August 2011, resulting in the infection of 83 devices deployed on its site. Elsewhere, phishing attacks were discovered hitting many US contractors, during June 2012.
» SPAMfighter News - 8/6/2014