Israeli Water Systems Targeted Again in Recent Cyber-Attacks

Summary

Two Israeli water management facilities in the agricultural sector were targeted in cyber-attacks in June 2020. The attacks did not cause harm or real-world impacts. These incidents come after Israel’s water supply system experienced a cyber-attack in April this year. Threat actors are believed to have gained access to some water treatment systems in the April attack and attempted to alter chlorine levels in the water supply. The attempt was detected and prevented. While no public attribution has been made to the attacks, many in the intelligence community believe the April attack is linked to the Iranian government. A May cyber-attack that severely impacted an Iranian port and several other incidents that occurred at critical infrastructure facilities across Iran over the following weeks were linked to Israel. If these findings are correct, it highlights the ways in which international conflicts are increasingly playing out in both the cyber and physical domains.

Recommendations

The NJCCIC recommends critical infrastructure and key resource (CIKR) owners and operators ensure they follow cybersecurity best practices to reduce the risk and potential impacts of a cyber-attack, including keeping all hardware and software updated, following the principle of least privilege, enabling multi-factor authentication where available, segmenting business and industrial component networks, utilizing intrusion detection/prevention systems, and deploying an endpoint detection and response solution. More information on the recent cyber-attacks can be found in the ZDNet article.