Iron Dome makers got hacked, says cybersecurity firm

July 29, 2014: 1:00 PM ET
Researcher: How the Iron Dome was hacked
NEW YORK (CNNMoney)

Three companies that helped build Israel's "Iron Dome" missile defense system were hacked two years ago, according to a cybersecurity firm.

The breaches occurred between 2011 and 2012, Joseph Drissel, CEO of Cyber Engineering Services Inc., told CNNMoney.

CyberESI drafted a report on the hack, but it has not yet made it public. Security blogger Brian Krebs first reported on the CyberESI report.

Drissel said he believes the hackers were likely part of an infamous Chinese hacking ring known as the "Comment Crew," which was responsible for major attacks on Coca-Cola (KO), EMC (EMC) security division RSA, military contractor Lockheed Martin (LMT), and hundreds of others. Over a span of a year, Comment Crew stole huge amounts of sensitive information about Iron Dome, including schematics on Iron Dome's Arrow III missiles, drones and ballistic rockets, the CyberESI report says, according to Krebs.

Related: Wake up, America! China is attacking

Drissel, who previously worked at the Department of Defense computer forensics lab, noted to Krebs that the Arrow III missiles are used in American defense systems as well.

"[The Israeli defense contractors] essentially gave up a bunch of stuff that's probably being used in our systems as well," he told Krebs.

It's unclear whether the Comment Crew was after the Iron Dome schematics to build their own defense system or to weaken the defenses of Israel and America. Comment Crew has direct ties to the Chinese government, according to information security company Mandiant.

Israel uses Iron Dome to block rockets from striking its major population centers. It targets incoming rockets and fires an interceptor missile to destroy them in the air. The Israeli government says Iron Dome has intercepted more than 400 rockets fired from Gaza since the conflict broke out in early July.

Related: See Israel's Iron Dome in action

The security breach likely was a result of email phishing attacks, Drissel said. That means the hackers probably gained access to usernames and passwords of duped employees at the defense companies. CyberESI identifies the three companies as Elisra Group, Israel Aerospace Industries, and Rafael Advanced Defense Systems.

IAI and Rafael denied that sensitive data was breached. Elisra did not immediately respond to requests for comment.

"IAI's cyber security systems operate in accordance with the most rigorous requirements, and also in this case they were proven to be effective," an IAI spokesman said in a statement.

A spokesman for Rafael Advanced Defense Systems says the company does not recall an incident.

"Rafael's data bases, including its air defense data bases, are extremely well protected to the highest standards," the spokesman said.


Search for Jobs