Iran Leak Hints at Second Tier Targets as Next Terror Gateway

Leaked Iranian documents indicate a shift to hacking Tier-2 buildings and facilities, mainly in the US, Europe, and the Middle East. Ilan Barda, CEO at Radiflow (Tel Aviv), a cyber-security solutions provider for critical infrastructures, said, “Access to building controls can shut down critical government services and even be used to conduct remote terror attacks.” Please see below the Guest Post by Radiflow:

London, July 28, 2021 – A recent report by Sky News exposed a trove of documents that appear to be from a branch of the Islamic Revolutionary Guard Corps (IRGC), Intelligence Group 13. These findings show a coordinated attempt to collect information on the vulnerabilities of second-tier targets, including those that can capsize merchant vessels, the remote control of electrical controllers used in building management systems, and the ability to tamper with fuel pumps triggering spills or explosions.

Since 2019, hundreds of US companies and local government agencies have fallen victim to cyber-attacks. Now, leaked documents outline Iran’s intentions to gather information meant to attack Building Management Systems (BMSs) that are notoriously overlooked when setting up cybersecurity programs. BMSs are easy targets for two reasons. One, reliance on connecting building devices via the internet, even connecting to a remote facility that may operate vulnerable devices. Second, they are attractive to attackers since buildings rely on contractors to maintain facilities who may not follow proper cybersecurity practices, such as authentication and secure access. “Many of these second-tier targets seem irrelevant at first,” said Ilan Barda, Founder and CEO of Radiflow, a cybersecurity company that focuses on securing OT facilities. “What makes them so valuable is their potential to be used as a gateway to building systems. Once inside, a hacker can manipulate air circulation units, elevators, and any other critical infrastructure to carry out physical attacks.”

Another concern in the Iranian cyber report is their intention to find vulnerabilities in specific satellite communication (SATCOM) gateways. In some countries, poorly protected wireless networks can be exploited by attackers, allowing them to access vulnerable Satcom terminals on the network. While some of the report focused on hypothetical attacks, this piece showcased their potential for data collection and potential coordinated attacks.

Some questions remain regarding the intention of the Iranian military hacking group. Upon reviewing the report, Michael Langer, a renowned cyberwarfare expert and CPO of Radiflow, believes that this report may only specify their intent to pursue cyber terror further. “Iran is looking to expand the outreach and objects of their cyber-attacks,” said Langer. “Their history of disruptive cyber offensives on Saudi Arabian oil refineries and Israeli water management facilities are to be taken seriously. The Iranians mapping of BMS vulnerabilities may indicate a shift to target more easily exploitable sites. It’s time to think differently.”

While these attacks are causing CISO and cybersecurity teams to take notice, the tools most companies need to secure their systems already exist. “Familiar basic-hygiene practices are common tools that a growing number of the population recognize,” said Barda. “Segmentation, password validation, 2-factor authentication, and cyber threat detection mechanisms can act as a deterrence for attackers.”

Many companies have seen recent headlines surrounding cyberattacks without realizing they may be next. However, simple precautions may be the difference between another day at the office or a cyber-attack that deploys ransomware or exfiltration of sensitive data.

---

About Radiflow
Radiflow is an OT Cyber Security company that has unique tools to protect and manage digital assets for the long term. They work directly with Managed Security Service Providers to oversee the discovery and management of all relevant data security points. Their unique pinpoint approach brings the business’s team into the fold, trading the industry’s one-size-fits-all approach for a calculated, focused, and secured system without inhibiting communication or productivity.

Elik Etzion to Be Appointed To lead the Enterprise Software and Cybersecurity Investments at Elron

Below is a press release by Elron, which I thought will be interesting for my readers. The company appointed Elik Etzion to lead the Enterprise Software and Cybersecurity Investments. Etzion to begin at Elron following 20 years of service in IDF top Unit 8200 and several years as Chief Information Security Officer (CISO) at Bank Hapoalim Group. And here the press release as a Guest Post:

Elik Etzion to Be Appointed To lead the Enterprise Software and Cybersecurity Investments at Elron

Tel Aviv, Israel – July 1, 2021 – Elron, a leading Israeli early-stage tech investment company, announced a new managerial appointment. Mr. Elik Etzion has been appointed to lead the Enterprise Software and Cyber Investments at Elron. Etzion will be responsible for identifying and accompanying companies specializing in Cybersecurity and Enterprise Software spaces. He will take over the role as of July 2021.

Elron specializes in early-stage investments in cyber and software companies. The company is reinforcing its management and investment teams. Following its capital offering this past April, the company has approximately $90 million in its fund that is primarily earmarked for continued investments in cyber and software sectors, the company’s leading area of focus, alongside the maturation of its medical device portfolio companies.

Simultaneous with Etzion’s appointment, Mr. Zohar Rozenberg, who successfully spearheaded cyber investments over the past six years, will continue with the company as an active independent partner (Venture Partner). He will continue to support the activities of Elron and its portfolio companies, in which he serves as a board member and a member of the investments team.

46-year-old Elik Etzion is joining Elron’s management team to head cyber and software investments in the company after a comprehensive career of 25 years in key Elron investment sectors. He brings extensive experience in all facets of cyber and data analytics and is familiar with the digital age and the complex challenges that it entails.

Etzion, a retired lieutenant colonel, began his career at the top of the tech and cyber world in the IDF, where he gained diverse technological-operational experience and knowledge over the course of 20 years in Unit 8200. In his last positions in the IDF, Etzion served as deputy commander of the cyber division, head of the R&D Department, and Head of the Cyber operations Department.

Upon his discharge from the IDF, Etzion served as CISO and member of the Technology Division Management at Bank Hapoalim Group. He enhanced the bank’s cybersecurity posture and contributed to the cyber resilience of Israel’s banking sector, alongside being party to spearheading the bank’s digital transformation.

Etzion also served as a director in SHVA and as Chairman of the Board of Directors of Masav, specializing in payments and clearance. He brings in-depth expertise and understanding, a strategic vision of the market along, and practical experience.

Yaron Elad, CEO of Elron: “We are delighted to add Elik to the Elron family. Elik’s exceptional background following 20 years of military experience, his record in the financial sector, and his in-depth and practical familiarity with growing cyber threats and advanced information technologies will prove immensely valuable in identifying new investments and supporting and overseeing our portfolio companies. Elik will join Zohar, my partner in establishing Elron’s cyber portfolio, who will serve as an independent partner. Zohar will continue to support Elron’s specialization in the cyber sector.”

Elik Etzion: “I see a tremendous opportunity to lead the Cybersecurity and Enterprise Software investments at Elron and in helping Israeli startups grow and become global market leaders. Many vertical organizations undergo a deep transformation in their business model by leveraging disruptive technologies from different fields. The COVID-19 pandemic has further accelerated this trend. These transformations dramatically increase the total cyber risk profile and create golden opportunities for threat actors. These Market dynamics create fascinating opportunities for seeding and investing in startups that would facilitate secured business transformation and growth.”

Elik, married and the father of 5, holds a B.Sc. in Math and Computer Science (summa cum laude) and an MBA in Business Administration, both from Tel-Aviv University.

---

Elron is an Israeli investment company that specializes in early-stage investments, focusing on building Israeli technological cyber and enterprise software companies. Elron provides direct capital and assistance to startups from their early stage in accelerating team building and accelerating product-market fit.