https://twitter.com/PKeytwt/status/1340693111601844224?s=19
Knock Knock!
Tonight is longer than longest night for @ILAerospaceIAI
New logo appeared in #Pay2Key directory, check it out!
An Iran-linked hacking group on Sunday claimed to have breached the Israeli Aerospace Industries’ computer systems, in the latest in a series of cyberattacks on Israeli firms.
The group, known as Pay2Key, revealed its alleged hack in a tweet
The hacking group, which has been tied to Iran, also mentioned a systems administrator at the defense contractor’s Elta subsidiary by name, Koby Fiada, revealing his password. Pay2Key specializes in a form of hacking known as ransomware, in which it encrypts the victim’s computer system and forces them to pay to regain access.
According to Karine Nahon, an Israeli information scientist, Pay2Key released employee data files, on Sunday night, on the so-called dark web, parts of the internet that are not indexed by search engines.
One of them, belonging to a Zvika Weiss, included his username. Nahon said hundreds of these files were distributed online.
The alleged hack of the Elta subsidiary came after a major cyberattack earlier this month hit dozens of Israeli logistics companies, with hackers making off with information from servers, according to a report of the incident by one of the victims, Amital Data, filed to the Tel Aviv Stock Exchange.
An investigation found that there may have been 15-20 additional companies, not Amital clients, that were also targeted in the attack, although the full list is still unknown, the Calcalist website reported.
Iran was believed to be the likely culprit.
There have been at least five suspected Iranian cyberattacks on the country during 2020, including one that targeted Israel’s water infrastructure.
Iran and Israel have reportedly been engaged in a cyber-war that has become more intense over the past year.
In October, a pair of cybersecurity firms reported that Iranian hackers, contracted by the country’s Islamic Revolutionary Guard Corps, targeted prominent Israeli companies in a series of ransomware attacks during the previous month.
That report came in the same week that Iranian officials said that the country’s Port Authority had been hit in a cyberattack, and vaguely confirmed that two governmental departments had also been attacked.
A major cyberattack in May at Iran’s Bandar Abbas port was also blamed on Israel, which was apparently responding to an alleged Iranian attempt to hack into its water infrastructure system.
Separately, last week, hackers who had stolen a mass of personal details on clients of the Shirbit Insurance company apparently began selling the information on the internet.
Times of Israel staff contributed to this report.
