Israel Eyes China in Widespread Cyber Attack

Israeli authorities suspect Chinese involvement in a thwarted cyber-attack that involved 140 top defense and security targets
Israeli authorities suspect Chinese involvement in a thwarted cyber-attack that involved 140 top defense and security targets

Top officials working on classified projects received information-stealing, trojan-infested emails several weeks ago in a wide-scale cyber-espionage effort, the station reported.

The mails were ostensibly from an unnamed German company “known to Israeli industry,” according to the Oct. 27 television report. However, “defensive measures discovered the attack and thwarted it. The assessment here is that the attack came from the Chinese defense industry,” Channel 2 said.

The International Business Times also reported that an initial probe confirmed Chinese ties in the attack.

That assessment comes on deep background, however – Israeli officials aren’t publicly stating their thoughts in terms of the origin of the attack.

“Thousands of cyberattacks are directed at us every day; some of them more sophisticated and some of them less so,” said Retired Maj. Gen. Isaac Ben-Israel, chairman of the research council responsible for establishing Israel’s National Cyber Bureau, speaking to Defense News. “The problem is that as good as we are at detecting and thwarting such attacks and as credible as we are in forensic investigations after the fact, there always remains the problem of attribution.”

He added, “cyber offenders unfortunately do not leave their signature in Mandarin Chinese, Russian or any other language. ... We can suspect, but we can only suspect; and redouble defensive measures for the attack.”

Israel has been a high-profile participant in cyber-issues of late, including the revelation that Anonymous-style hacktivists were responsible for the recent shut down of the Carmel Tunnel under Haifa. Officials originally blamed the shut-down on a systems malfunction.

But Israel has other cyber-enemies as well. "In the past few months, we have identified a significant increase in the scope of cyber-attacks on Israel by Iran,” said Israeli Prime Minister Benjamin Netanyahu during an address in June. “These attacks are carried out directly by Iran and through its proxies, Hamas and Hezbollah.”

China has repeatedly denied involvement in cyber-espionage activties, but Mandiant, a security firm with a close relationship with both US and UK governments, released much-publicized report earlier in the year tying the Chinese military to the hacking team known as APT1 (aka ‘Comment Crew’). Since then, research has been coming fast and furious showing China's ongoing involvement in cyber-spying.

“Our analysis,” says Mandiant in the report, “has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China’s cyber threat actors. We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support.”

What’s hot on Infosecurity Magazine?