Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Posts
Filter by Categories







Israeli Railways Hit by Pro-Iranian Cyber Group

What Happened

On September 21, 2023, the pro-Iranian cyberattack group known as “Cyber Avengers” targeted the Israeli railroad network, specifically Israeli Railways.

They revealed information about the electrical infrastructure of the railway network. The attack caused the central signaling computer to crash intermittently, resulting in a nationwide signal malfunction on the tracks, which led to the halting of trains on a particular day.

However, the train operator denied that any cyberattack had taken place.

About Cyber Avengers

The Cyber Avengers is an anonymous hacking group known for targeting Israeli services. Little is known about its members or motivations.

They often publish technical details of their cyberattacks.

The group communicates its actions through platforms like Telegram, and they have claimed responsibility for multiple cyberattacks on Israel’s railroad infrastructure over the years.

Their previous attacks included targeting the website of a major oil refinery, during which they released screenshots of the company’s SCADA systems.

In previous instances, the Cyber Avengers targeted the website of Israel’s largest oil refinery, BAZAN Group, and released screenshots of the company’s SCADA systems. However, the attack did not appear to affect the operational technology environment.

Take Aways

In light of these cyber threats, here are some recommendations for organizations overseeing critical infrastructure, encompassing the transportation and energy sectors:

  • Invest in robust cybersecurity measures.
  • Implement continuous monitoring and threat detection systems to identify and respond to cyber threats promptly.
  • Develop comprehensive incident response plans to swiftly address and mitigate cyberattacks when they occur.
  • Prioritize cybersecurity awareness and training programs for employees to reduce the risk of social engineering attacks and improve overall security awareness.
  • Regularly review and update cybersecurity policies and practices to stay ahead of evolving threats and vulnerabilities.
  • Consider engaging third-party cybersecurity firms for penetration testing and security audits to identify and address potential weaknesses in the infrastructure’s defenses.
  • Encourage the adoption of best practices and security standards, such as the NIST Cybersecurity Framework or ISO 27001, to guide cybersecurity efforts.
  • Promote a culture of cybersecurity awareness and responsibility at all levels of the organization to minimize the potential impact of cyberattacks on operations and public safety.

Furthermore, collaborative efforts between government agencies, cybersecurity experts, and private organizations are essential to enhance cyber resilience and safeguard critical systems against evolving threats.

Additionally, efforts to enhance attribution capabilities and international cooperation can aid in identifying and holding accountable those responsible for cyber attacks on critical infrastructure, deterring future attacks.

RECENT BLOG POSTS

PODCASTS

Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.