Israeli government employees were not immune to a massive hacking campaign conducted by the Brazilian network security company Syhunt. The hack was committed by COMB21, which Syhunt says was behind the biggest known compilation of password leaks ever publicly published. This occurred on on February 2, 2021.
According to the report by Syhunt, out of more than 3 billion victims 4,984 passwords from domains using Israel’s “gov.il” were affected. They put Israel at number 24 on the overall list. The U.S. was number one with 625,505 exposed passwords in total. This is actually a good sign for Israel. America ended up with almost 50 times the rate of people per capita getting successfully hacked than Israel did. That left the U.S. with a roughly 20% higher rate of stolen passwords and data.
Will you offer us a hand? Every gift, regardless of size, fuels our future.
Your critical contribution enables us to maintain our independence from shareholders or wealthy owners, allowing us to keep up reporting without bias. It means we can continue to make Jewish Business News available to everyone.
You can support us for as little as $1 via PayPal at [email protected].
Thank you.
Israel really should have done better than that, though. It is a country, after all which prides itself for its cybersecurity prowess. It has had a great deal of success in the high tech world when it comes to cybersecurity, going back to the IPO of its Check Point software which develops firewalls. Startup Nation now has many new firms in the cybersecuirty field raising millions and its SentinelOne is expected to soon hold an IPO which will give it a $10 billion valuation.
There is a reason why cybersecurity startups are so valuable today. Hackers are not only motivated by money or politics. They often just like being malicious. So even small companies need to be on their guard and be sure to properly protect their systems.
But sometimes people just don’t follow the simple precautions which they are told to follow. They use public Wi-Fi access in various places for conducting their government related work; even though, everyone knows that places such as bars and restaurants are ripe for hacking people’s computers through the Wi-Fi, without their even knowing it. Or sometimes people open an attachment in an e mail from a stranger and before they know it they have unleashed a virus.
Even if companies and government agencies have excellent anti-virus protections and firwealls, these may not help when people are not in the office.
Syhunt concluded that the leak not only exposed current and past passwords, but also “gave insight on key password elements and patterns, and reuse and changing habits of individuals and organizations from all around the world in a dangerous and unprecedented way.” In many cases, between 3 to 30 passwords linked to an unique email were exposed, which gives insight on a person’s password changing habits. And when a password repeats with an identical username at multiple domains, someone with password reusing habit is exposed.
Syhunt listed a total of 3.28 billion passwords exposed, and it was linked to 2.18 billion unique emails, compiled into a single file and published through a link on the forum.