Reports suggest the group published a list of users on Elta Systems servers on the Dark Web, including Camila Edry, head of cyber projects development. The information leaked was not classified, but rather showed names and computer registries. It could suggest, however, that the group has access to more sensitive information.
IAI is currently investigating the potential breach, though it claims no classified or damaging information was stolen.
Reports on Pay2Key from cybersecurity firms Check Point and Whitestream suggest the group hacks servers and holds information hostage in exchange for ransom. Some experts have cited the most recent cyberattack against Israel as being from Iran, as the Whitestream report links Pay2Key to the nation by tracking a past ransom payment to an Iranian cryptocurrency exchange.
“We followed the sequence of transactions, which began with the deposit of the ransom and ended at what appeared to be an Iranian cryptocurrency exchange named Excoino,” the report states.
Lotem Finkelstein, head of cyberintelligence at Check Point, also suggested Pay2Key has “advanced capabilities” and could have breached IAI servers days or even weeks before announcing themselves, but insisted the attack is primarily financially motivated, though ransom demands have yet to be made.
The current cyber attack is the latest in a spike in hacks against Israel. A report from Check Point from earlier in December claimed over 100 Israeli companies had seen their servers hacked in both October and November.
Omri Segev, CEO of cybersecurity firm Profer, has closely followed and tweeted about Pay2Key’s hacks and called this latest breach claim “another escalation in this campaign.”
No comments:
Post a Comment