The pattern of the attack and the type of virus used were very similar to other cases of attacks which were found to have been sponsored by governments, Bachar said, and that was probably the case here. “At this point, I think we can be fairly certain that it was sponsored by a nation-state, most likely Iran.”
There were clear signs that the email and file in question were suspicious, raising concerns about the level of security in the department. The virus arrived as an email message with an attached .RAR archive; unknown attachments are a common method used by hackers to distribute their “wares,” and most computer users know to avoid such files. In addition, the message was sent from email@example.com. Gantz, of course, is the IDF chief of General Staff, and it’s unlikely he would be using a service like Gmail to communicate with Israeli officials.
Nevertheless, numerous people apparently clicked on the file, releasing the virus into the police department’s computer system, said Bachar. “Closing off the department’s computers to the Internet is a complicated matter, and police would have done so only if they felt that there as an acute need to go offline.” Among the measures police have reportedly taken to prevent future attacks is to ban any outside media — USB drives, CDs, etc.– from connecting with systems.
“I am sure that many Israeli high-tech companies will be happy to take part in this complicated challenge,” Margalit added. “Let us in the high-tech community be part of this effort. Together we can prepare properly for the next sphere of world war, and ensure that when it does reach Israel, we will be protected and safe.”
Times of israel