Cyberattack Targets Bazan Group’s Digital Infrastructure

January 17, 2024

Anonymous Sudan, a notorious hacking group, has claimed responsibility for a substantial cyberattack on Bazan Group, formerly known as Oil Refineries Ltd, Israel’s primary oil refining and petrochemicals company. The attack targeted the digital infrastructure of Bazan Group, raising concerns about potential implications for Israel’s economic powerhouse. While the hacking collective declared a major cyber offensive, Bazan Group confirmed a temporary and minor connectivity slowdown, emphasizing no damage to business or operational processes.

read more

Network Disruptions after Cyberattack on Israel’s Mobile Service Provider, Pelephone

January 25, 2024

Hacktivist group Anonymous Sudan has claimed responsibility for a cyberattack on Israel’s largest mobile service provider, Pelephone, resulting in disruptions to its network and digital infrastructure. The group declared the attack as part of its ongoing campaign against prominent Israeli targets, specifically mentioning the impact on Pelephone’s critical systems, including SCADA and other infrastructure-based endpoints.

The cyberattack was claimed by Anonymous Sudan to have practically taken Pelephone’s entire digital infrastructure offline through a sophisticated cyberattack.

read more

Hackers Attempt Communications Take Over on El Al Flights

February 17, 2024

At least two planes from Israel’s El Al Airlines suffered hacking attempts from “hostile elements,” according to several Israeli news outlets. The Jerusalem Post reported that “hostile elements” tried to take over the communications network of an El Al plane flying from Phuket, Thailand, to Ben-Gurion airport in Israel on Saturday night.

During the incident, instructions were given to the crew that were different from their set route, raising concerns that someone was trying to damage the plane or lead it to dangerous areas, maybe even to conduct a kidnapping.

El Al stressed that “the disturbances are not aimed at El Al planes and that this is not a security incident. The disruption did not affect the normal course of the flight

No group has claimed responsibility for the reported hacking attempts.

read more

Cyberattack at Israeli Tower Semiconductor Manufacturer

September 6, 2020

Cyberattack at Tower Semiconductor forced certain operations to a complete halt. Company authorities said that specific measures were taken to prevent the spread of the cyberattack, however, there was no immediate factual assessment report available that would state the real effect of the damages done.

read more

Wide concern over GPS spoofing incidents, previously thought to be impossible, in Middle East,

October 16, 2023

OPSGroup reports: since first discovered, additional distinct spoofing scenarios have been reported by flight crews:

= A Gulfstream G650 experienced full nav failure on departure from LLBG/Tel Aviv (25 Oct). The crew reports, “ATC advised we were off course and provided vectors. Within a few minutes our EPU was 99.0, FMS, IRS, and GPS position were unreliable. The navigation system thought it was 225nm south of our present position.”
=A Bombardier Global Express was spoofed on departure from LLBG/Tel Aviv (16 Oct). A false GPS position showed position as overhead OLBA/Beirut. Crew advises “The controller warned us that we are flying towards a forbidden area”.
=A Boeing 777 experienced a 30 miute GPS spoofing encounter in the Cairo FIR (16 Oct). A false GPS position showed the aircraft as stationary overhead LLBG for 30 minutes.
=A Bombardier Global 7500 was spoofed 3 separate times in the Cairo FIR (16 Oct 2023). Crew advises: “The first took out one GPS, the second took out a GPS and all 3 IRS’s, and the third time took both GPS’s and all 3 IRS’s.” The distance from LLBG was roughly 220-250 miles, and the spoofing stopped once we were approx 250nm west of LLBG.
= An Embraer Legacy 650 enroute from Europe to Dubai. They tell us, “In Baghdad airspace, we lost both GPS in the aircraft and on both iPads. Further, the IRS didn’t work anymore. We only realized there was an issue because the autopilot started turning to the left and right, so it it was obvious that something was wrong. After couple of minutes we got error messages on our FMS regarding GPS, etc. So we had to request radar vectors. We were showing about 80 nm off track. During the event, we nearly entered Iran airspace (OIIX/Tehran FIR) with no clearance.
= A Bombardier Challenger 604 experienced spoofing in the Baghdad FIR and required vectors all the way to Doha. “Nearing north of Baghdad something happened where we must have been spoofed. We lost anything related to Nav and the IRS suggested we had drifted by 70-90 miles. We had a ground speed of zero and the aircraft calculated 250kts of wind. The FMS’s reverted to DR (Dead Reckoning) and had no idea where they were. We initially took vectors to get around the corner at SISIN. Nav capability was never restored, so we required vectors all the way from Iraq to Doha for an ILS. We never got our GPS sensors back until we fired up the plane and went back to home base two days later.

read more

Disruption at Israel Postal Company after Cyberattack Last for 6+ Days

April 5, 2023

The Israel Postal Company detected several services including the sending of international mail and courier services were interrupted and proactively shut down part of its computer systems. The attack and shutdown did not affect Israel Post’s banking services. Attack was part of the #OPIsrael hacktivist campaign.

read more

Hacktivists Attack on Israel’s Rail Network

September 16, 2023

The Cyber Avengers hacker group reveals information showing that it targeted the Israeli railroad system’s electrical infrastructure. Israeli media reported that “Israel’s” railroad network has been targeted by a cyberattack. The Cyber Avengers hacker group has revealed information showing that it targeted the Israeli railroad system’s electrical infrastructure.

Since 2020, the Cyber Avengers has hacked into and carried out numerous cyberattacks against the Israeli railroad systems, as per their Telegram channel. The group warned that if the Israeli occupation continues to pursue its crimes, it would deliver dreadful blows to Israeli infrastructure.

read more

DDoS attack at Israel’s Largest Oil Refinery

July 29, 2023

The website of Israel’s largest oil refinery operator, BAZAN Group, became inaccessible to most parts of the world on Sunday due to a potential cyber attack. The website remained accessible from within Israel, possibly after imposition of a geo-block by BAZAN in an attempt to thwart an ongoing cyber attack. In a Telegram channel, Iranian hacktivist group Cyber Avengers has claimed responsibility and leaked what appear to be screenshots of BAZAN’s SCADA systems. The group states that it breached the petrochemicals giant via an exploit targeting a Check Point firewall at the company.

In a statement to BleepingComputer, a spokesperson for BAZAN has dismissed the leaked materials as “entirely fabricated.” An Iranian hacktivist group called Cyber Avengers, also known as CyberAv3ngers, claim to have compromised BAZAN Group

read more

Hackers take control of a water treatment system at a hotel in Israel

September 10, 2022


GhostSec’s claimed breach of 55 Berghof PLCs in Israel. This weekend, on September 10, 2022, the hacktivist group published another announcement alleging that it successfully breached another controller in Israel.The affected controller is an Aegis II controller manufactured by ProMinent.

According to images that the GhostSec published, the group appeared to have taken control of a water system’s pH and chlorine levels. In the published message, the hacktivists said they “understand the damages that can be done …” and that the “Ph pumps” are an exception for their anti-Israeli cyber campaigns.

read more

Attack Disables Irrigation Systems and Disrupts Water Treatment Processes

April 9, 2023

Water controllers for irrigating fields in the Jordan Valley were damaged, as were control systems for the Galil Sewage Corporation. Several water monitors – which monitor irrigation systems and wastewater treatment systems – were left dysfunctional on Sunday after a cyber attack targeted the monitoring systems. Specifically, water controllers for irrigating fields in the Jordan Valley were damaged, as were control systems for the Galil Sewage Corporation.

The management for both major systems was pushing all of Sunday morning to work through the issue and bring the systems back into full operation. Farmers in the region were warned several days prior about suspicions over a planned cyber attack. Some of them, as a result of the warning, disconnected the remote control option for their irrigation systems and switched them to manual operation, instead, to prevent any harm from the attack. Indeed, those who left their systems on remote control were the ones impacted by the attack.

The attack is thought to be part of an annual “hacktivist” campaign that takes place every April, and this year’s attempt at least managed to cause a nuisance for some farms in the Jordan Valley. The cyber attack is part of an annual campaign called “OpIsrael,” which strikes in April with DDoS attacks and breach attempts on targets in the country.

Each year of the cyber attack campaign seems to bring new targets of opportunity. This year the threat actors put a special focus on irrigation systems. The Galil Sewage Corporation was one of the targeted wastewater processors that was breached, and the company reports that the cyber attack blocked several controllers for about a day and disrupted some treatment processes.

read more