Slashdot Mirror

← Back to Stories (view on slashdot.org)

Israel's Electric Grid Targeted By Malware, Energy Minister Says (timesofisrael.com)

Posted by Soulskill on from the hope-you-got-that-security-thing-figure-out dept.

itwbennett writes: While many are still debating how much risk there is of a catastrophic cyber attack on power grid and other critical infrastructure, Israel's Minister of Infrastructure, Energy and Water, Yuval Steinitz has good reason for warning 'of the sensitivity of infrastructure to cyber-attacks, and the importance of preparing ourselves in order to defend ourselves against such attacks.' On Tuesday Steinitz told attendees at CyberTech 2016 that the country's Public Utility Authority had been targeted by malware just one day earlier, and that some systems were still not working properly. Not long after news of the attack started to spread, Robert M. Lee, the CEO of Dragos Security, published his thoughts on the matter over on the SANS ICS blog.

7 of 37 comments (clear)

  1. Pot meet kettle by xxxJonBoyxxx · · Score: 5, Insightful

    How do you pronounce "Stuxnet" in the Hebrew language?

    1. Re:Pot meet kettle by AmiMoJo · · Score: 4, Interesting

      That's the problem with introducing a new weapon - if your enemies hadn't already thought of it, they have now, and if they hadn't wanted to escalate to actually using it, they will now.

      How long until we see drone strikes in Israel or the mainland US?

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. I'm amazed it's taken this long by ErichTheRed · · Score: 3, Interesting

    There are so many vulnerable SCADA systems, device-specific Ethernet adapters and other stuff out there, and it just chugs along for years and years. Especially with public sector stuff, multiple layers of contractors put gear in, barely document it and hand it over to the operating authority. The problem is that since no one permanent knows the ins and outs of the system, it can stay vulnerable for ages. Even if a vendor does release patches, the "don't touch it or 500K customers lose power" mentality around critical infrastructure means they barely ever get applied.

    Anything IoT is going to have to be secure by default, as in, hard to get working instead of open and easy. I doubt the "just contract it out" mentality is ever going to go away in the public sector -- I've inherited systems where the only documentation is a statement of work from 5 years back that the contractor cut and pasted from the vendor's manuals.

  3. Re:Since when did we know this was going to happen by gstoddart · · Score: 4, Interesting

    And, given the widespread belief Israel was involved in Stuxnet ... to suddenly be bit by this seems a little shortsighted,

    I mean, if you (allegedly) did this to someone else, why would you be surprised if it happens to you?

    --
    Lost at C:>. Found at C.
  4. Re:Another misinformed article by Fire_Wraith · · Score: 2

    I wouldn't blame the news organizations entirely. The Israeli Energy Minister was serving up a nice heaping scoop of FUD and political spin, trying to portray what looks now to just be a garden variety ransomware infection (probably some employee surfing for porn on a work computer) as a big dangerous targeted nation state attack. Certainly, the news folks ate it up, and didn't bother to ask the questions that should arise when you hear wild initial reports like that.

  5. Re:Another misinformed article by gstoddart · · Score: 2

    Have you not being paying attention lately?

    In a lot of countries someone could have a loud fart and the threat alert would ratchet up ... the world is jumping at shadows these days.

    Israel has just been doing it longer.

    --
    Lost at C:>. Found at C.
  6. UPDATED: Not an attack on infrastructure after all by markzip · · Score: 2
    From TFA SANS ICS cited at the end of the Slashdot summary:

    *Update* A cyber analyst in Israel (Eyal Sela) messaged me to add that the media reporting so far is misleading with regards to the context around the incident. The "Israel Electric Authority" the Minister mentioned is in no way related to the networks of the Israeli electric companies, transmission, or distribution sites. The Israeli Electric Authority is a regulatory body of roughly 30 individuals and this "cyber attack" is only referencing their networks. The original purpose of this blog was to stress caution to the reports but did not try to dispel what the Minister of National Infrastructure, Energy, and Water resources had stated as reporting was too early with no evidence presented. However, new reporting shows that the "cyber attack" was simply ransomware delivered via phishing emails to the regulatory body's office network and it appears in no way endangered any infrastructure.This once again stresses the importance around individuals and media carefully evaluating statements regarding cyber attacks and infrastructure as they can carry significant weight.