Image: DengdaiFengQi
The Israeli government says that hackers have targeted its water supply and treatment facilities last week.
In a security alert sent by the Israeli National Cyber-Directorate (INCD), the agency is urging personnel at companies active in the energy and water sectors to change passwords for all internet-connected systems.
If passwords can’t be changed, the agency recommended taking systems offline until proper security systems can be put in place.
The INCD alert, issued on April 23, said the agency received reports of intrusion attempts at wastewater treatment plants, water pumping stations, and sewers, but did not go into details.
A similar alert was also published by Israel’s Computer Emergency Response Team (CERT) and by the Israel government’s Water Authority.
According to a Ynet report, the Water Authority told companies to change passwords “with emphasis on operational systems and chlorine control devices in particular,” believed to have been targeted the most.
ZDNet has learned from sources today that the Israeli government has issued these alerts in an attempt to improve the cyber-security posture of its industrial infrastructure, but also after it received a report from cyber-security firm ClearSky.
The company is said to have identified an Islamic hacktivist group active on social media. Named the Jerusalem Electronic Army (J.E.Army), the group has a presence on all major social networks, such as Facebook, Instagram, WhatsApp, Twitter, and Telegram, where it often posts screenshots from targets they claim to have hacked.
On some of these sites, the group has claimed to have gained access to various Israeli universities and government systems.
ClearSky linked the group to the Gaza Cybergang, a known Arab-speaking hacking group believed to be operating out of Palestine.
At the time of writing, there have been no reports of a confirmed intrusion at any Israeli water treatment and supply company.
The alerts also urged companies to update equipment firmware to the latest versions.