A foreign entity’s dream hack

The fact that a major Israeli insurance company was breached is more dangerous than it seems and is a very real cause for concern.

Illustrative image of a computer hacker. Credit: David Whelan via Wikimedia Commons.
Illustrative image of a computer hacker. Credit: David Whelan via Wikimedia Commons.
Yoav Limor
Yoav Limor
Yoav Limor is a veteran Israeli journalist and columnist for Israel Hayom.

The hacking of Shirbit Insurance is a far more dangerous incident than it might appear. The fact that such a trove of information is now in the hands of an unknown entity and may later find its way to hostile elements is a true cause for concern and takes this incident from the realm of the commercial sphere into that of national security.

The scope of the breach and the nature of the information that was compromised prompted the National Cyber Directorate (NCD) to take the lead on the investigation into the hack.

Although Shirbit claimed that it “invests millions of shekels in database security and cybersecurity” and “meets all the strict regulatory requirements in this area,” experts in the field have already pointed to multiple failures on the company’s part, which they claim made it increasingly vulnerable.

The group that carried out the attack, “Blackshadow,” is not known to the NCD. A senior official said the attack was “relatively sophisticated, very professional,” adding that the hackers send a “Trojan horse”—a type of malicious code—into the company’s computers to gather the information. Pumping Shirbit’s server for information “took between a few hours and a few days,” he added, based on the fact that the breach was detected only after the hackers were in possession of the information.

The investigation has not ruled out the possibility that this was a hack for ransom, although no ransom demand has been made at this time. Still, now that the state is involved it is highly unlikely it will allow Shirbit to pay any ransom.

Though the attack itself is over, the potential for damage still exists—and it is substantial. The stolen data includes personal information—names, addresses, phone numbers, license-plate numbers and credit-card information. This is a dream trove for any intelligence organization, even more so given it includes information on civil servants, insured by Shirbit since it won a government tender several years ago.

An intelligence organization can use such information to learn vital details about potential targets; it could use the database to launch future cyberattacks against individuals and institutions, and it could use it to mount physical attacks.

It is not hard to imagine what Tehran could do if it got its hands on such a database.

There is always the possibility that the hackers just wanted to make a name for themselves by embarrassing Israel.

The insurance company’s image has sustained a massive blow, which its laconic press releases have done little to mitigate.

Shirbit’s clients should monitor their credit cards and bank accounts very carefully for any suspicious behavior, but that is, of course, of little comfort.

This incident is, however, bigger than Shirbit. The state would be wise to use it to both increase public awareness regarding cybersecurity and increase NCD oversight of financial institutions.

Even this, though, will not guarantee hermetic protection. Hackers will forever try to challenge cyber defenses. Still, one expects more from a company that has “insurance” in its name.

Yoav Limor is a veteran Israeli journalist and columnist for Israel Hayom.

This article first appeared in Israel Hayom.

The opinions and facts presented in this article are those of the author, and neither JNS nor its partners assume any responsibility for them.
You have read 3 articles this month.
Register to receive full access to JNS.

Just before you scroll on...

Israel is at war. JNS is combating the stream of misinformation on Israel with real, honest and factual reporting. In order to deliver this in-depth, unbiased coverage of Israel and the Jewish world, we rely on readers like you. The support you provide allows our journalists to deliver the truth, free from bias and hidden agendas. Can we count on your support? Every contribution, big or small, helps JNS.org remain a trusted source of news you can rely on.

Become a part of our mission by donating today
Thank you. You are a loyal JNS Reader.
You have read more than 10 articles this month.
Please register for full access to continue reading and post comments.
Never miss a thing
Get the best stories faster with JNS breaking news updates