The Israel National Cyber Directorate issued a warning to merchants throughout the nation on Thursday about a new and pervasive cyber ransomware attack on smart cash register software that is particularly difficult to detect.
The INCD has discovered a large-scale ransomware operation that restricts access to software and demands a fee to restore it. The attack is being launched against the software companies that provide services to store cash registers. In the insidious attack approach, a message displays on the cash register screen that seems to be a legitimate system message from the administration interface (screen connect). When the message is clicked, the malware is activated, which locks the cash register and stops it from working.
The INCD praised the software companies for alerting their users not to click on the ingeniously simulated system notification, which is helping to mitigate some of the harm. According to the directorate, stores that employ the product and firms that provide services in the sector should reset passwords and avoid clicking on suspicious messages and links, even if they appear to originate from a reputable business partner.
Secure communications and two-factor authentication are still essential. Because of numerous large cyberattacks in the past, Communications Minister Yoaz Hendel and INCD Director Gabi Portnoy declared earlier in May that the telecoms industry will now be compelled to strengthen its cyber-defenses.
“The State of Israel suffers from thousands of cyberattacks, some of them attempts against critical infrastructure, and we know about plots to launch further attacks,” said Hendel. “As our dependence on digitization increases, so does the potential for risks and for the country to confront strategic damage on multiple fronts.”
He claims that no critical infrastructure is hosted on a server connected to the telecoms network. In order to damage important objectives, the state and other organizations have identified the telecommunications infrastructure as a major target in recent attacks. The minister stated that adequate administration of the [cyber] defenses required to protect the public interest is necessary. There is a need for telecommunications businesses to be equipped with the greatest detection-identification, containment, and recovery capabilities possible so that the public’s communications services can be protected from the potential damage of cyberattacks.
According to INCD chief Portnoy, the combined project will take a step forward in terms of state-level protection, serving as a type of “Iron Dome” that offers an additional layer of safety for the whole economy. “Cyber has no borders, and therefore this kind of collaboration that we promote with the Communications Ministry has added value,” he said. “In the last month we have seen a significant increase in waves of attacks aimed at artificially overloading websites to get them to crash.”
The judgment follows a hearing in August 2021 that resulted in communications providers’ licenses being amended to include criteria for managing cyber-defense. Cyberattacks on communications networks, as well as on organizations’ services and subscribers, will be less likely as a result of this.