IDF 8200 Intelligence Unit Stops Attack on Water & Energy Systems

It's rare for intelligence services to publicly comment on their activities, & it's unprecedented for the Israeli Defense Forces (IDF) to reveal operations at a cyber security conference, but these are unusual times. The IDF recently shared with the press its involvement in stopping cyber attacks against U.S. critical infrastructure. As the level and intensity of cyber-attacks increase, all critical infrastructure stakeholders must promote more stringent approaches to cyber security measures. This is especially true when it comes to the IoT solutions from the remote parts of the networks.

8200 Unit Stops CYBER AttackS ON THE U.S.

The IDF's 8200 Intelligence Unit broke its tradition of silence to announce it prevented cyber attacks on American power plants and Israeli water systems. At a Tel Aviv conference, a deputy commander who cannot be identified by name for security reasons, began, “We are Israel`s national SIGINT and cyber unit. We’re part of the defense intelligence in the IDF, and our mission is intelligence collection on crucial threats to Israel for the IDF”.

He continued that “another adversary, from this region, attacked Israel. We initialized a CCO and found out they are also trying to attack power plants in the US. This was the first indication of that attack. It enabled preventing this threat through our tight collaboration with our US partners”.

This result is a far cry from the Colonial Pipeline Attack, which was the largest cyberattack on an oil infrastructure target in American history.

Colonial Pipeline Paid $4.4M to Hackers

On May 7, 2021, Colonial Pipeline, an American oil pipeline system that originates in Houston, Texas, and carries gasoline and jet fuel mainly to the Southeastern United States, suffered a ransomware cyberattack that impacted computerized equipment managing the pipeline. The Colonial Pipeline Company halted all pipeline operations to contain the attack. Overseen by the FBI, the company paid the amount that was asked by the hacker group (75 bitcoin or $4.4 million) in several hours.

The Federal Motor Carrier Safety Administration issued a regional emergency declaration for 17 states and Washington, D.C., to keep fuel supply lines open on May 9.  

Conclusions

Critical infrastructure in oil, gas, environment, energy, water and wastewater is under threat from hackers demanding ransom. Without a legal obligation to disclose ransom payments, it is not publicly known how much, or even when, hackers are rewarded for breaching utility networks.

Our infrastructure is also crumbling. Bridges collapse; roads flood; these events are no longer uncommon. It is long overdue for us to build better, not just bigger, infrastructure for the greater good of society. Digitalization of data collection systems is an essential step to achieving that goal. Without good quality data, government officials and infrastructure professionals are "flying blind" into the sun. You cannot improve that which you do not measure. The change starts with us.

Links

A timeline of the Colonial Pipeline attack is available here Video Timeline

Israeli media widely covered the event. See Jerusalem Post and Forbes Magazine