The Technion-Israel Institute of Technology in Haifa was targeted on 11 February.
By Erin Viner
Israel National Cyber Directorate (INCD) announced that the MuddyWaters hacking group, “affiliated with Iran’s Ministry of Intelligence and Security,” was responsible for the internet attack on the leading research and education institute.
Specific malware designed to encrypt operating systems was identified and distributed to other possible targets to ward off similar offenses, said the INCD.
Local media reported at the time that significant damage was thwarted when Technion authorities instructed faculty and students to disconnect their computer systems and abstain from internet and even email activities until the threat was averted.
Simultaneously, another group calling itself DarkBit demanded an 80 Bitcoin ransom ($1.79 million or €1,597,122.80) for whatever data had been obtained. It is nevertheless believed that the crime was politically and not financially motivated.
The National Cyber Directorate revealed that 53 cyber incidents were identified at Israeli academic institutions last year, most of which were successfully obstructed. Other notable Iranian-linked attacks include the blasting of false air raid sirens to blast in Jerusalem and Eilat in 2022, a major 2021 operation that shut down operating systems at a central medical center, and an attempt to disrupt the national water carrier in 2020.
Arch-foes Israel and Iran are believed to be engaged in a covert “shadow war allegedly involving cyber and military attacks on the other side.
Microsoft listed Israel as the 7th most targeted country in the world for cyberattacks in 2021, adding that the number of attacks attributed to Iran were quadrupling, while the Islamic Republic was also stepping up cyber crimes against the United States and European Union member states.
Last June, then-Israeli Defense Minister Benny Gantz revealed that the “Shahid Kaveh” cyber unit of Iran’s Islamic Revolutionary Guards Corps (IRGC) “conducted research to damage ships, gas stations and industrial plants in Israel, as well as several Western countries including Britain, the United States and France.
In turn, Tehran has blamed Jerusalem a series of infrastructure disruptions, including the 2021 closure of gas stations across the Islamic Republic.
Warning that “cyberattacks are promoted against a variety of targets in Israel with the aim of disrupting their business activities and harming their good name,” the NCD called for leading institutions to bolster protection levels ahead of the Islamic Ramadan Holy Month set to begin at month’s end, celebration that has in recent years been marred by fresh waves of violence against Israel.