Fox News says hackers used American servers in last month’s attack; Israeli water and cyber officials say attempted breach did not disrupt water supply
Iran attempted a cyberattack on Israeli water infrastructure late last month, with hackers using American servers to carry out the breach, Fox News reported on Thursday.
There was no official confirmation of the report by Israeli or US officials.
A senior US Department of Energy official told Fox the Trump administration was committed to protecting allies from cyberattacks but would not comment on the specific incident, saying an investigation was ongoing.
The attack took place on April 24-25 on numerous water and sewage facilities across the country, according to the Ynet news site.
At the time, Water Authority and Israel National Cyber Directorate confirmed the “attempted cyber breach on water command and control systems.”
“The attempted attack was dealt with by the Water Authority and National Cyber Directorate. It should be emphasized that there was no harm to the water supply and it operated, and continues to operate, without interruption,” it said.
According to the news report, employees at water plants were alerted to change their passwords and safeguard their systems after the attempt was detected, specifically those overseeing the chlorination of wells.
Israel and Iran have engaged in covert cyber-warfare for over a decade, including reported efforts by the Jewish state and US to remotely sabotage the Islamic Republic’s nuclear program. Israel has also in recent weeks stepped up a bombing campaign on Iran-linked forces in Syria seeking to push out the Islamic Republic, which is already smarting from one of the world’s most severe COVID-19 outbreaks.
Experts have recently warned that the coronavirus pandemic has created a perfect storm for cyberattacks, with millions of people working in unfamiliar, less secure circumstances and eager for information about the virus and with new organizational policies being implemented.
The US Department of Homeland Security issued an alert last month warning that the pandemic has increased threats and that “cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information.”