Israel’s Iron Dome has shielded the nation’s citizens from countless rockets, but the defense contractors who supplied the technology could not shield themselves from Chinese hackers between 2011 and 2012.
Elisra Group, Israel Aerospace Industries (IAI) and Rafael Advanced Defense Systems were compromised by cyberattacks that experts believe originated in China. The group, known as Unit 61398, is believed to be connected with the People’s Liberation Army.
News of the “huge quantities of sensitive information” taken from the contractors was released July 14 on the security website KrebsOnSecurity, Vice.com’s technology blog Motherboard reported Tuesday. Details of the hacking were originally given to Krebs by CyberESI, a threat intelligence firm.
The Chinese hackers successfully breached the company’s systems by using phishing emails aimed at tricking users into reading an email.
“Of course, the emails used in this type of case are likely more sophisticated than the ubiquitous Nigerian Prince scams,” Motherboard reported. “They are ‘spear-phishing’ attacks, which can be produced with a greater amount of effort and detail, and, for added authenticity, mimic someone the target already knows.”
When KrebsOnSecurity broke the story, a representative for Israel Aerospace Industries called the report “old news.” The security website asked IAI to provide it with links to media coverage of the security breach, but it did not provide any, Krebs reported.
“At the time, the issue was treated as required by the applicable rules and procedures,” IAI spokeswoman Eliana Fishler wrote in an email to the website, Krebs reported.
In a follow-up email to news outlets, Ms. Fisher insisted there was no breach.
She said news reports “refer to an attempt to penetrate the Company’s civilian non-classified Internet network which allegedly occurred several years ago.”
“IAI’s cyber security systems operate in accordance with the most rigorous requirements and also in this case they were proven to be effective,” she added.
U.S. global security company Northrop Grumman has responded to the Chinese use of phishing attacks by training staff to notice indicators that they may be looking at a dangerous email, Motherboard reported.