A wave of cyberattacks attributed to Iran has targeted organizations across Israel in recent days, against the backdrop of Operation Roaring Lion, the Israel National Cyber Directorate said on Monday.
The directorate said it had received a growing number of reports over the past several days from organizations across a range of sectors affected by incidents of this kind, adding that its teams are helping contain the attacks and prevent additional incidents from occuring.
According to the directorate, the attacks were aimed at destroying information and systems in order to disrupt organizational activity and interfere with the functioning of the home front economy.
“This wave underscores that organizations of all kinds, large and small, may be exposed to this type of attack,” National Cyber Directorate Head Yossi Karadi said.
He added that at this stage, no organization essential to the functioning of the home front had been harmed, and that the directorate was working around the clock to protect vital assets.
In most cases, the attackers penetrated organizational networks using authentic user credentials that had been stolen in the past or leaked during previous attacks, the directorate said.
Hackers also exploited a weakness in the orgnaizations' remote access to its systems to gain access.
Immediate defensive steps urged
Once inside the network, the attackers deleted systems and data, according to the directorate.
The directorate urged all organizations to immediately replace passwords for remote-access systems, enable two-factor authentication, verify that no unfamiliar users hold administrator privileges, update remote-access tools to the latest security versions, and ensure backups are in place.
Organizations that suspect a cyber incident were instructed to contact the National Cyber Directorate’s 119 emergency center.
The warning came as Israeli cyber authorities said they were continuing efforts to block the attacks and assist organizations already affected.