No Indication Israel Harmed by Global Cyberattack

Israeli cybersecurity agency issues safety directives for civilian bodies

A man types on a computer keyboard in this illustration picture taken February 28, 2013.
REUTERS/Kacper Pempel/Illustration/File Photo

There has been no indication that Israel was harmed in the worldwide cyberattack that struck dozens of countries, including Britain, Russia and Spain, the Israeli cybersecurity chief said. 

Nevertheless, National Cyber Defense Authority chief Buki Carmeli noted that due to the fact that most computerized systems in Israel are shut down on Shabbat, it won't be possible to confirm that no damage has been caused until Sunday.

"In Israel, at the moment, there's been no indication of any harm to active computer systems," said Carmeli.

He said that, from the beginning of the global cyberattack, the National Cyber Defense Authority has been in direct contact with its counterparts around the world and with other government officials who deal with cybersecurity to minimize the possible damage. He added that over the past week, the authority has passed along warnings to a large number of civilian entities and continues to do so now. “The authority’s website has current defense directives and all organizations should immediately implement them,” he said. 

57,000 infections in 99 countries

The global attack leveraged hacking tools believed to have been developed by the U.S. National Security Agency and infected tens of thousands of computers in nearly 100 countries, disrupting Britain's health system and global shipper FedEx. 

Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files. 

The ransomware encrypted data on the computers, demanding payments of $300 to $600 to restore access. Security researchers said they observed some victims paying via the digital currency bitcoin, though they did not know what percent had given in to the extortionists. 

Researchers with security software maker Avast said they had observed 57,000 infections in 99 countries, with Russia, Ukraine and Taiwan the top targets. 

Some experts said the threat had receded for now, in part because a British-based researcher, who declined to give his name, registered a domain that he noticed the malware was trying to connect to, limiting the worm's spread. 

"We are on a downward slope, the infections are extremely few, because the malware is not able to connect to the registered domain," said Vikram Thakur, principal research manager at Symantec. 

"The numbers are extremely low and coming down fast." 

But the attackers may yet tweak the code and restart the cycle. The British-based researcher who may have foiled the ransomware's spread told Reuters he had not seen any such tweaks yet, "but they will." 

Finance chiefs from the Group of Seven rich countries will commit on Saturday to join forces to fight the growing threat of international cyber attacks, according to a draft statement of a meeting they are holding in Italy.