The National Cyber Directorate found a series of cyberattacks that targeted Israeli organisations that offer IT services to companies in the country, and might be linked to Iran.
Earlier this month, the failed cyberattack against Shamir Medical Center on Yom Kippur leaked emails that contained sensitive patient information. The directorate found it to be an Iranian attack disrupting the hospital’s functions.
Fortunately, the attack was mitigated before it could do any damage to the hospital’s medical record system.
The directorate found that threat actors used stolen data to get access to the targeted infrastructure. Most attacks didn’t do any damage, some however, caused data leaks. Due to immediate communications and response, the incidents were addressed quickly. “In the case of Shamir Medical Center, beyond the data leak, the very attempt to harm a hospital in Israel is a red line that could have endangered lives,” the directorate said.
European gang behind the attack
First, a ransomwware gang based out of Eastern Europe claimed responsibility and posted a ransom demand with a 72-hour window. But Israeli officials later discovered that Iranian threat actors launched the attack.
According to officials, the incident was connected to a wider campaign against Israeli organisations and critical service providers recently. Over 10 forms suffered cyberattacks and exploited bugs in digital service providers inside supply chains.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents