Israelis blame Palestinians for defence ministry computer breach

The Israeli government has blamed the Palestinians for a hack attack of a Defence ministry computer.

The hack was via an email attachment tainted with malicious software that looked like it had been sent by the country’s Shin Bet secret security service.

Aviv Raff, chief technology officer at Seculert, said the hackers earlier this month temporarily took over 15 computers, one of them belongs to Israel’s Civil Administration that monitors Palestinians in Israeli-occupied territory.

Raff said that there were similarities to a cyber-assault on Israeli computers waged more than a year ago from a server in the Hamas-ruled Gaza Strip.

The only difference is that this time the attack was conducted from a server in the United States. However, the experts noticed writing and composition similarities with the earlier attack.

Israel defence department officials have refused to comment on the findings but then again neither have the Palestinians.

It is not clear what the hackers actually did when they had control of the computer at the Civil Administration.

The Civil Administration is a unit of Israel’s defence ministry that oversees the passage of goods between Israel and the occupied West Bank and Gaza Strip. It also issues entry permits to Palestinians who work in Israel.

Raff did not say what the other 14 computers targeted by the hackers did. They seem to have  included companies involved in supplying Israeli defence infrastructure.

What is surprising is that in a security obsessed nation like Israel that many people were prepared to open a dodgy attachment. Apparently, the email included an attachment about ex- Israeli prime minister Ariel Sharon who had just died.

To be fair, the email that burrowed into the Israeli defence ministry computer looked like it had been sent from the Shin Bet security service, Raff said.

Raff’s firm was able to “sinkhole” the operation, tricking the hacked software into communicating with servers that Seculert controlled in order to figure out which computers were infected and to deactivate the attack.