Supply Chain Cyber Attack on Strategic Logistics Software Company “Amital”
An attack on the servers at the software company Amital led to subsequent infiltration to about 40 other Israeli Logistics companies. The lack of a ransom note or any other indicator of a financial gain motivated attack lead the investigators to believe it might be a strategic attack.
According to an article published this morning in the leading Israeli Finance news site “Calcalist”, the attackers hacked into Amital’s servers, and gained access to its list of customers and credentials to access their networks.
Besides Amital, another 15-20 logistics companies were hacked (which aren’t related to Amital) this again raises the suspicion of a national cyber attack and not cybercrime.
Omri Segev Moyal, CEO of the leading Incident response company Profero, said in a short email interview that "The recent cyber attacks on logistic companies is just a tip of the iceberg, in the most recent escalation national cyber tensions. Attacks are getting increasingly more sophisticated and it looks like we are experiencing the beginning of a fresh wave."
As of now, the company has switched their website to a minimal version. They have also told “Calcalist” that two weeks ago their security systems detected some attack attempts on their servers and customers, and they responded by hiring extra cyber security expertise as well as new security controls.
According to Guy Halfon, Rescana's CEO - "This is a second large cyber attack on Israel after the one on the major insurance company - Shirbit" last week. These events should serve as a dire warning to the boards of all Israeli companies - remaining apathetic to the cyber security of your business is not a viable option, and any company which does so is making the wrong choice, and will be hacked sooner rather than later.
Rescana specializes in Cyber Security Risk Management and is here to help you learn about your organization and it's third parties cyber security risks. Rescana gives it's customers unparalleled visibility, and all the automation needed to quickly find misconfigurations and vulnerabilities and then root them out. We provide The first Adaptive cyber risk management platform on the market, which allows you to customize the assessment to be based on your own policy.
In light of the recent breach incidents that have occurred here in Israel we’ve decided to extend a free self-assessment scan (attack surface) - a non-intrusive scan that can help you find security risks on your external facing assets. If you are interested, please register here.