A successful cyber-attack on an Israeli water reservoir by Iranian hackers

A successful cyber-attack on an Israeli water reservoir

December 6, 2020

 

Iranian hackers publish a video of a successful cyber-attack on an Israeli water reservoir

As first published by the industrial cyber security firm Otorio, an Iranian threat-actor published a video hack of a successful cyber-attack on an unprotected HMI (human-machine interface) system of an Israeli water reservoir. This attack follows at least two prior identified cyber-attacks on Israeli water facilities that occurred in early 2020.

On 1 December 2020, Iranian hackers who go by the name “unidentified TEAM” announced their breach of the unsecure HMI system of an Israeli water facility ICS, which lacked basic security measures such as authentication and restriction of access. As per a blog post by Otorio, recaptured by additional publications describing the breach, the attack was a revenge on the assassination of Iranian nuclear scientist Mohsen FAKHRIZADEH who was assassinated at the end of last month.

 

 

 

The breach of the system allowed the hackers to control the water facility’s processes and affect water temperature and pressure. Although the site was secured by local administrators on 2 December, the system remained accessible to compromises even by unskilled attackers and it is yet unclear whether the attack caused any damage.

As per Otorio, in order to fully protect SCADA devices, it is highly recommended to impose a more active approach that includes secure remote access tools, such as a VPN, Firewall restrictions and active defense-in-depth-methods.

 

Follow Us on Facebook for the latest news and insights on cybersecurity. 

Stay Safe with TrustNet!