March 13, 2024 at 03:05AM
Iranian hacktivists executed a supply chain attack on Israeli universities by breaching a local technology provider, Rashim Software, and accessing universities’ systems. Op Innovate confirmed the exposure of student data and identified weak access controls and email-based authentication as contributing to the breach. The incident highlights the risk of supply chain attacks and the importance of proactive security measures.
From the meeting notes, it is evident that Iranian hacktivists executed a supply chain attack targeting Israeli universities by breaching a local technology provider to the academic sector, Rashim Software. The attackers used compromised credentials to exploit weak access controls and authentication checks, gaining access to several organizations through VPNs and potentially compromising student data. The breach also involved hijacking of Rashim’s internal Office365 infrastructure and subsequent harassment of the company’s CEO by leaking personal videos and images.
The attack serves as a demonstration of the risks associated with third-party vendors and the increasing prevalence of supply chain attacks. It is recommended to implement multi-factor authentication for all users, including third-party vendors, and to monitor accounts for suspicious behavior. Additionally, having a reputable Incident Response (IR) firm on retainer is advised for a swift and effective response to such incidents.