It is estimated that Iranian hackers have exposed only a few percent of what they have

The attackĀ  on the servers of the Cyberserve company, and with it the download from the air of a number of sites that used the company’s services, was another expression of the growing wave of cyber attacks that is plaguing Israel in 2021.

Our numbers speak for themselves – a global increase of 40% in the volume of attacks, and in Israel an even sharper increase of 50%, which is ultimately manifested in encrypting information and disabling entire systems in infidelity attacks, or leaking large-scale information from sites and servers. The “Shirbit” insurance or at the weekend in the information of the “Kavim” company.

The latest attack demonstrates how relatively simple it is to produce damage on a large resonance through one specific attack. Many sites are “hosted” on a particular server and damage to it automatically results in the crash of the hosted sites. However, this does not necessarily mean that all the information they had was in the hands of the attackers. It already depends on the type of “hosting” of the site and server, and sites that have not shared information regularly with the host server are not likely to be a victim of information leaks.

This can be compared to the takeover of a building by criminals – the very fact of taking over the general structure does not mean that the entire contents of the apartments are in the hands of the burglars. An apartment with a strong lock – protected, and an apartment with the door open – invites the thief inside. Therefore, it is too early to know the extent of the information in the possession of the attack group, but the information that has already been published, with an emphasis on the personal information of users of the Atref website, indicates the personal damage that can occur as a result of this relatively simple attack.

The aforementioned attack group, BLACK SHADOW, which is notorious for its attack on the Shirbit company, is known for the wide-ranging media moves it is making through its telegram page. Most cyber-attackers act quietly and conduct themselves directly in front of the victim, but this group seeks to sow panic through the gradual leakage of materials in its possession, alongside threats of what will happen if it is not satisfied (so far, on the face of it, financial demands).

In other words, it is not inconceivable that in the coming days we will see information from other sites that leaks to the network and reveals a tap from what the attackers have. The fact that in the meantime they reveal what they define in a few percent of what they have – strengthens the assessment that the end is still far away.

The writer is the director of the global communications network at Check Point.

By Editor

Leave a Reply