It appears that Israeli firms are still a target of widespread cyberattacks that have been attributed to Pay2Key, a group of Iranian hackers. Over the weekend, a new victim of the cyberattack emerged. Up until now, at least 80 firms have been targeted in these attacks, which include the largest defense contractor in Israel. Moreover, this has also prompted Israeli cyber-vigilantes to form a group and they are vowing to launch a counteroffensive. The identity of Pay2Key had been disclosed by two cybersecurity firms in Israel and it was linked to Iran after tracing the ransom payments made to the hackers, which had ended at an Iranian digital currency exchange.
Over the weekend, the hackers claimed that they had managed to hack into an Israeli firm called Portnox, which is a network security company. Formerly named Access Layers, Portnox now has its headquarters in the United Kingdom and the United States and it offers network security to a number of notable firms in Israel. The hackers claimed on Twitter that they had accessed the data on these companies, which range from HMOs to large banks, and even some sensitive organizations, such as a defense contractor and the Prime Minister’s Office.
To provide proof of their claim, the hackers also uploaded around 3GB of data on the web, which showed documents related to Elbit, the Israeli defense contractor. It is one of the largest defense electronics manufacturer in the world. It offers a wide range of technology and services for commercial aviation, military aircraft, homeland security companies and naval systems. Some of its products include unmanned vehicles, guided missiles, and thermal imaging systems. However, Pay2Key released documents that didn’t contain any sensitive information and also appeared to be outdated. According to the hackers, they are in possession of additional information over a terabyte.
The Portnox hack has also targeted other Israeli firms, including a notable bank called Bank Hapoalim and Clalit HMO. For now, Pay2Key, appears to be focused on ransom attacks, but experts have said that they also have ideological motives, along with financial ones. Last week, a group of cybercriminals had claimed that they had also hit Israel Aerospace Industries, which are state-owned. They had leaked information about its employees online. Meanwhile, a group of Israeli hackers have gotten together and are responding to Iranian hackers online and have also started to target them in some cases.
The claims or the identity of the group hasn’t been confirmed as yet, but industry sources claim that they could be a group of kids or a front for the defense establishment in Israel. However, they seem to have gotten a small following in recent days. The group’s activity is also being monitored by Israel’s cyber arena and they state that the members appear to be real hackers who have decided to launch a rogue counteroffensive against their Iranian counterparts. The local vigilantes are calling themselves 972Ops, which is the dialing code in Israel and there are seven volunteers in the group.