Iran close to discovering a ‘zero-day’ exploit that could paralyze Israeli infrastructure
The Cradle, November 21, 2022 — Iran is reportedly exporting its knowledge in cybersecurity to Lebanon and Palestine, in a bid to create a multi-front offensive capability against Israel.
In an interview at the Institute for National Security Studies (INSS) conference on 21 November, ClearSky cybersecurity CEO, Boaz Dolev, revealed that Iran is close to acquiring a ‘zero-day’ exploit, capable of paralyzing Israel’s infrastructure.
A zero-day exploit is a flaw that exposes a vulnerability in software or hardware and can create complicated problems well before anyone realizes something is wrong, like the vendor of the target software. Until the vulnerability is discovered and fixed, hackers can exploit it to adversely affect programs, data, networks, or entire systems.
Dolev claims that Iranian hackers are working rigorously to advance their capabilities to penetrate life-critical infrastructure in Israel, to be on par with the cyber capabilities of the US, Russia, and China.
He adds that Iran is “closer than ever” to cracking the communication link of Israeli and US drones, making them vulnerable to hacking.
Nonetheless, Israel believes Iran’s capabilities are limited and not yet able to challenge Israel’s offensive and defensive capabilities. While Israel is ranked 36th on the National Cyber Security Index, Iran is still far ahead, ranking 132nd.
Dolev notes that Iran tried to penetrate Israel’s water infrastructure on several occasions in 2020, but failed to damage the systems or affect the water supply.
“It was more sophisticated than [Israel] initially thought,” a Western official told the Financial Times back then. “It was close to successful, and it’s not fully clear why it didn’t succeed.”
Moreover, Dolev alleges that Israel’s successful cyber attacks against Iran have far surpassed those of the Islamic Republic, noting that many attacks have been kept secret by both sides.
As Tehran fears public embarrassment about reporting the damage caused by the Israeli army, Tel Aviv refrains from rejoicing in order to keep their methods secret, says Dolev.
Earlier in June, an Israeli military covert cyber unit codenamed ‘Gonjeshke Darande’ hacked into three state-owned steel mills in Iran, severely disrupting their automated mechanism and damaging tens of thousands of dollars worth of equipment.
The attack was part of an ongoing Israeli covert offensive against Iran in support of the ongoing unrest in the country, and in retaliation to previous attacks by Iran-linked hackers on Israel’s Iron Dome air defense system.
Additionally, Dolev elaborated on Iran’s plan to export its cyber capabilities to its allies in West Asia, as Tehran allegedly plans to create a multi-front capability to mount a cyber offensive against Tel Aviv.
In January 2021, Dolev’s cyber firm, ClearSky Cyber, exposed that a cyber unit affiliated with Lebanese resistance group Hezbollah successfully hacked the servers of countless companies around the world.
“This group successfully worked under the radar for a long time, while getting control of critical databases and stealing valuable information,” said Dolev, in commentary after the discovery.
Another guest at the conference, the chief of Intelligence of the Israeli army, Aharon Haliva, spoke about the ongoing covert work against Iran, stressing that Israel is working to sabotage the Iran nuclear deal.
“The only country I know acting against the Iranian aggression is one country which we’re sitting in now [Israel],” added Haliva.
The chief of intelligence went on to say that the Israeli army is talking to its counterparts in the US, to rally them against Iran for when the uranium enrichment threshold is crossed “soon.”
“The nuclear deal is fairly dead, I wonder what the international community will do when Iran starts enrichment at 90 percent,” Haliva said.