Israel revealed that it dodged a bullet—a digital bullet, that is.
Because Israel just thwarted a cyberattack on its defense industry from a familiar foe: the North Korean hacking group "Lazarus."
Lazarus targets Israel's defense industry
Israel never revealed the nation-state origin of its cyberattacker.
Instead, Israel announced its attempted hacking came from a group known as Lazarus. The United States filled in the details, identifying the organization as North Korean-based.
The Israeli Defense Ministry says the hackers targeted defense employees by posing as potential employers. Here's how Lazarus got access, according to Reuters:
"The group built fake profiles on the LinkedIn network to disguise its hackers and separately attempted to hack Israeli defence firms via their websites."
LinkedIn is a critical tool for employment networking. But it was also a critical tool in Lazarus' attempted infiltration plot.
Fortunately, Israel managed to block this attack. But Israel has maintained a complicated relationship with cyberattacks since the beginning of 2020.
"Since the start of the year, Israel has reported attempted cyber attacks on power stations and water utilities, with officials pointing the finger at Iran or Iranian-backed groups.
A fire last month at Iran's Natanz nuclear site prompted some Iranian officials to say it was the result of cyber sabotage. Israel's defence minister said his country was not 'necessarily' behind every mysterious incident in Iran."
How are politics and cybersecurity linked?
We know that nation-state attacks are often linked to the geopolitics of the nations playing offense and defense. But what does this landscape look like in 2020?
We asked retired U.S. Air Force Colonel and CNN military analyst Cedric Leighton that very question.
"We will know that the Chinese, the Russians, the North Koreans, even the Iranians are going to continue to be active in cyberspace. They will take advantage of new work modes that may outlast the coronavirus pandemic. And those new work modes lead to new vulnerabilities. Those new vulnerabilities will lead to new methods of exploitation by these and other bad actors."
Listen as he unpacks both nation-state and cybercriminal attacks.
Click the arrow button to listen to the SecureWorld podcast right now, or find the episode on your favorite podcast platform.
