The Technion University, Israel's top technology school and a center for cyber security education, was hacked on Sunday by a new seemingly anti-Israel group calling itself DarkBit.
Although the cyberattack has taken the form of a ransomware attack, the substance of the threat and demands by the group indicated potential ideological opposition to Israel as an "apartheid" state. Alternatively, the group could be entirely criminal and any ideological reference could be a secondary move to distract investigators or simply increase their notoriety.
So far DarkBit has demanded 80 Bitcoins, or NIS six million to call off the ransomware attack, with a threat to raise the amount by 30% if they do not receive the demanded sum within 48 hours.
Army Radio said that all exams would be postponed pending resolution of the hacking attack.
The Israel National Cyber Directorate (INCD) said it is "in touch with the Technion to get a full picture of the situation, to assist with the incident and to study its consequences."
"The field of higher education has been a central target for cyber attackers, with the INCD identifying 53 [serious] incidents of such attacks in 2022, most of which were prevented," said the authority.
How will INCD handle the situation?
In addition, the authority said it has held meetings with higher education officials to create greater awareness about what they need to do to defend their institutions from such hackers.
At the same time, Israel currently has no comprehensive cyber law, which leaves INCD's powers lacking in many areas, including regarding higher education.
Under current Israeli law, the INCD can only impose binding cyber defense standards on a few dozen fields defined as "critical infrastructure", such as electrical and water authorities.
In contrast, the INCD can recommend certain standards to universities, but has no power to compel them to follow through.
It was unclear as of Sunday afternoon what vulnerability at the Technion had led to an embarrassing hack of such an elite science university, although the school said classes could continue somewhat normally, provided students switched to taking notes by hand in an old-fashioned way, or at least disconnected their laptops from the university network.
In addition, it was unclear how many classes would actually be able to run normally with interruptions in digital services given the university's technology focus.