Security researchers claimed on Friday that hackers have managed to penetrate computer networks associated with the IDF, Reuters reported.
The researchers at Blue Coat Systems Inc. told the news agency that the attack was part of an espionage campaign that skillfully packages existing attack software with trick emails.
The four-month-old effort, most likely by Arabic-speaking programmers, shows how the Middle East continues to be a hotbed for cyber espionage and how widely the ability to carry off such attacks has spread, the researchers told Reuters.
Waylon Grange, a researcher with Blue Coat who discovered the campaign, said the vast majority of the hackers’ software was cobbled together from widely available tools, such as the remote-access Trojan called Poison Ivy.
The hackers were likely working on a budget and had no need to spend much on tailored code, Grange told the news agency, adding that most of their work appeared to have gone into so-called social engineering, or human trickery.
The hackers sent emails to various military addresses that purported to show breaking military news, or, in some cases, a clip featuring “Girls of the Israel Defense Forces.”
Some of the emails included attachments that established “back doors” for future access by the hackers and modules that could download and run additional programs, according to Blue Coat.
Using standard obfuscation techniques, the software was able to avoid detection by most antivirus engines, Blue Coat said. At least some software lodged inside government computers, because Blue Coat detected it “beaconing,” or sending signals to the hackers that it was in place.
A spokeswoman at the Israeli Defense Ministry referred questions to the IDF. Military officials told Reuters they were “not aware of hacking on IDF operational networks.”
Blue Coat provided Reuters with an advance look at its findings and intends to publish a paper later. Citing confidentiality agreements with clients, Blue Coat declined to say exactly where the campaign worked, and Grange said he did not know if any vital data had been stolen.
Blue Coat surmised that the attackers spoke Arabic because some of the data recovered in the investigation showed that was the default language setting in one of the programming tools.
Hackers threaten and target Israeli websites from time to time. In 2014, the IDF’s cyber defense division was drafted in to mount a defense against a systemic hacker attack – sponsored by the Iranian government – during Operation Protective Edge in Gaza.
The Israel Security Agency (Shin Bet) revealed last year it had set up an elite cyber-defense unit to defend against an organized attack on Israeli cyberspace as well, and in September, the Israeli government set up its own National Cyber Defense unit.
Cyber-terror group Anonymous recently threatened Israel and Jews with an “Electronic Holocaust”. The hacking campaign, scheduled for April 7 and known as #OpIsrael, had little success, however.