This article is more than 1 year old
'Critical' Israel power grid attack was just boring ransomware
Minister puts nation on alert, SANS Institute says move along, nothing to see here ...
The SANS Institute has moved to quell reports that Israel's energy grid has been hit by malware, revealing instead that the attacks were ransomware infecting the nation's utility regulatory authority.
Reports emerged after energy minister Dr Yuval Steinitz said a "severe" attack had hit the authority in what he reportedly called "one of the largest cyber attacks" the agency had experienced.
"We are handling the situation and I hope that soon, this very serious event will be over," Steinitz says.
Reports emerged suggesting the incident could impact the energy grid similarly to the targeted and sophisticated attacks against Ukraine, revealed earlier this year.
SANS security man Robert Lee says Israel-based analyst Eyal Sela of ClearSky Security says the reports are misleading.
"The Israel Electric Authority the Minister mentioned is in no way related to the networks of the Israeli electric companies, transmission, or distribution sites," Lee says.
"The Israeli Electric Authority is a regulatory body of roughly 30 individuals and this cyber attack is only referencing their networks.
"...new reporting shows that the cyber attack was simply ransomware delivered via phishing emails to the regulatory body's office network, and it appears it in no way endangered any infrastructure."
It is not known what ransomware infected the machines.
The latest versions of the most sophisticated malware – such as CryptoWall – cannot be removed without paying ransoms, while new and less-popular ransomware offerings contain encryption implementation flaws that allow the scumware to be removed without footing the extortion. ®