Israel has thwarted a largescale cyber attack targeting over 120 organizations in recent days, the Cyber Defense Authority announced on Wednesday.
The attacks, which ran between April 19 and April 23, came in the form of malicious emails originating from both the servers of an academic institution as well as a private commercial company and targeted various companies, government ministries, public institutions and private individuals in academia and research.
The bug (CVE-2017-0199) exploited a weakness in Microsoft systems, specifically Microsoft Word, and the company has worked to patch vulnerabilities identified by the attack.
“Microsoft has released a security update that prevents the attacker from exploiting this vulnerability, and we recommend that you install it,” the authority said in a statement.
A warning of this sort of attack was given by the authority on April 12, and the attack was later exposed by the hacking group ShadowBrokers.
According to the authority, the attack behaved in the same manner as a previous cyber attack carried out by OILRIG, one of the most active hacking organizations sponsored by the Iranian government.
The notice of the thwarted attacks comes just two days after Shin Bet (Israel Security Agency) head Nadav Argaman, Mossad chief Yossi Cohen, IDF Deputy Chief of Staff Maj.-Gen. Yair Golan and Defense Ministry director- general Udi Adam wrote a letter to Prime Minister Benjamin Netanyahu, warning that the numerous powers given to the Cyber Defense Authority could impede the ability to thwart cyber attacks on Israel.
“The draft bill seeks to grant extensive powers to the Cyber Authority, whose purpose has not been clearly defined, and it could seriously harm the core security activity of the security community in the cyber field,” it read.
Ahead of the Passover holiday Israel braced for the fifth “annual” #OpIsrael cyber attack carried out by Anonymous, a hacker organization, along with a number of other hacker groups. In a series of videos distributed on social media in several languages, Anonymous urged people to “attack government sites, servers and databases, disconnecting Israel from the cyber world.”
According to a report by the Cyber Desk of the International Institute for Counter- Terrorism at IDC Herzliya, the groups that were leading the Op include Anonymous Palestine, Anonymous Gaza, Anonymous Germany, Anonymous RedCult, AnonGhost and MinionGhost. With a Facebook page for the Op, 98 visitors confirmed their participation and another 118 marked that they were interested in participating.
While many security experts have considered #OpIsrael to be more of a nuisance than a threat, many activists who had confirmed or marked that they were interested in participating in the event were subject to hacking themselves.
According to a report by BleepingComputer, an IT Security news site, activists had been tricked into downloading DDoS tools that contained hidden malware which would give access to the activist’s camera, microphone, text messages browser, call logs and location via GPS.
It is unclear who launched the attack against the Anonymous hacktivists.