Home
Our Services
Free resources
- Privacy Research
  Free to use data privacy research
  Key Capabilities
  Latest privacy news tracking
  Product versions
  Latest privacy news tracking
  Track the latest news, breaches and fines
  Key features
  Tracks the latest breaches and fines
  View by industry
  View by breach method
  View by privacy topic
  Links to original articles
  Free to use
  
  Learn more »
  Latest Threat Intelligence
  Product versions
  Latest Threat Intelligence
  Track the Common Vulnerability Exposures (CVEs)
  Key features
  Tracks the latest vulnerabilities
  View by company
  View by breach method
  Links to NVD
  Free to use
  
  Learn more »
  Breach modelling and ROI calculator
  Product versions
  Breach modelling and ROI calculator
  Model what a breach would look like for you in your industry and use this to calculate your return on investment
  Key features
  Model your breach
  Assess the severity
  Compare by industry
  Breakdown costs
  Export to your business plan
  Free to use
  
  Learn more »
Privacy news
Company
- About Us
- FAQ
- Contact Us

Assessment: Iran is behind the cyber attack that shut down Israeli hospital sites

Assessment: Iran is behind the cyber attack that shut down Israeli hospital sites
The sites that were shut down belonged to Rambam, Assuta, Hadassah Mount Scopus and Hadassah Ein Kerem hospitals. Sonol and iDigital's sites were also shut down. Several months ago, the cyber system warned Malam Tim, which owns Pionet servers, that its systems are vulnerable to attack.
Raphael Kahan
18:23, 19.07.21
Tags:
The cyber array
Piunt
breakthrough
Cyber
Iran
Malam Tim
A cyber attack struck several sites of hospitals and municipal authorities as well as of fuel companies yesterday and Tuesday. According to various reports, the sites that were shut down belonged to Rambam, Assuta, Hadassah Mount Scopus and Hadassah Ein Kerem hospitals. The websites of Sonol and Idigital were also shut down. It should be noted, however, that today the sites have resumed regular operation and according to reports, the downtime did not result in information leakage or exposure of customers.
Read more in Calcalist:
The White House blames China: Responsible for cyber hacking of Microsoft servers
After not finding buyers, frustrated hackers try to blackmail gaming giant EA
Cyber attacks on McDonalds and Volkswagen, customer details revealed

The assessment of cyber professionals is that this is probably an attack by Iranian elements, but at present there is no proof of this. It should be noted, however, that the attack that led to the overthrow of Piont servers, the company where the sites were stored, was not sophisticated or targeted. In most cases these are hackers who perform a lateral scan of vulnerabilities through search engines such as Shodan and attack as soon as they detect one.
Assuta Tel Aviv Moni Yukla
Assuta Tel Aviv. The hospital's site was attacked( Photo: Moni Yukla )
Piont belongs to Malam Tim, one of the largest IT companies in Israel, and was acquired for about NIS 15 million last year. The company has a variety of customers in various fields and specializes in trading and management systems as well as web hosting. Its clients also include the Israel Electric Company, Israel Railways, Idigital, Sonol as well as health organizations and authorities. It should be noted, however, that although the company has announced that it is working with the data recovery cyber array, the array says the writing was on the wall regarding this attack.
A conversation with people close to the issue in the system shows that a few months ago, professionals in the cyber system warned the company that its systems were vulnerable to attack. Moreover, the lineup also passed specific instructions to the company on how to block and deal with its loopholes, but until the time of the attack, the company had not implemented any of them. In the lineup, we noted that the company did not join the "resilience" program for web hosting companies that was promoted precisely to prevent such cases.

A conversation with people close to the issue in the array shows that already a few months ago, professionals in the cyber array warned storage companies that there were attempts to attack. In addition, the system also passed specific instructions to storage companies to increase the level of protection. In the lineup, we noted that the company did not join the "resilience" program for web hosting companies that was promoted precisely to prevent such cases.
The system set up the program to prevent the recurrence of attacks on web hosting companies that can cause damage to hundreds of businesses and organizations at once. Just as happened last year, when the servers of a large web hosting company in the country were attacked. Disabling has made hundreds of business websites unavailable and in some cases even likely to be hacked.

In conjunction with the profit line

The cyber system states on the resilience website that " services (web hosting, RK) are a preferred target for cyber attacks, among other things, due to the ability to reach many organizations simultaneously through attacking one target, as well as due to the sensitive data and much information held in them." Other cyber sources also noted that the attack was at a very low level which reinforces the hypothesis that the company did not properly invest in information security measures that would have prevented the case.

Read the original article 19 Jul 2021

Key Capabilities

Latest privacy news tracking

Latest Threat Intelligence

Breach modelling and ROI calculator

Assessment: Iran is behind the cyber attack that shut down Israeli hospital sites