Cybersecurity Firm Mimics Hackers To Protect Vital Israeli Websites | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

With hackers from abroad stepping up their attacks on Israeli technological assets following the Hamas attacks on the south of the country on October 7, a cybersecurity company has offered its services for free to root out any vulnerabilities in the technology of organizations crucial to the ongoing functioning of the country. 

Pentera’s Senior Director of Product Management Ofer Yavelberg tells NoCamels that the company’s system simulates attacks across an entire organization to pinpoint potentially exploitable gaps that need to be addressed to thwart a potential hacking attempt.  

The Pentera assessment includes recommendations to better secure out-facing technological assets (Depositphotos)

Cybersecurity experts warn that while Israeli websites have always been a target for hackers, this dramatic rise in the scope of such attacks is exacerbated by individual hacking “collectives” from different countries now working together to strike at Israel. 

These attacks, the experts say, have even targeted the siren alert system used to notify Israelis of incoming missile strikes from Hamas in Gaza to the south and Hezbollah in Lebanon to the north. 

Indeed, Yavelberg says that that the “surge in cyberattacks” during the ongoing conflict prompted the company to extend the offer. 

The Pentera assessment, he explains, is carried out from the perspective of the hackers in order to highlight security gaps that would be most appealing to them, and not just to search for any weakness. 

The system is designed to carry out the assessments automatically, without disrupting the organization’s ongoing operations, he says.  

Pentera is looking for two particular kinds of threats, Yavelberg says. 

Hackers have even tried to interfere with the red alert system that notifies Israelis of incoming missile attacks

The first threat is exploitable gaps in what is known as the external attack surface – an organization’s digital footprint that is visible and accessible to anyone. 

The second threat is potential openings for malicious hackers created through the use of compromised or stolen credentials such as passwords. 

The Pentera assessment identifies the corporate passwords and other sensitive information that had been leaked online – either through the dark web or other resources hackers use to gain access to such information. 

This helps to work out an organization’s vulnerability to cyberattacks through such passwords or data. 

According to Yavelberg, the Petah Tikva-based company is willing to provide the service for free to organizations across sectors of the economy that are essential to both combat resilience and the home front. These include public safety, healthcare, food and logistics, government services and critical infrastructure. 

“In the larger sense, we are looking for any attack vectors that malicious hackers can utilize to infiltrate and exploit these organizations,” Yavelberg says.

“Our goal is to find these exploitable gaps so that security teams can remediate the issues before our adversaries have a chance to use them.” 

Once the vulnerability assessment is completed, he says, the organization is given a comprehensive report, outlining any weakness in order of criticality, including organizational passwords that could be exploited. 

The report also contains a list of recommended actions that the organization can take in order to reduce its vulnerability from cyberattacks. 

“The State of Israel is currently facing some of its most challenging days while preparing for weeks of conflict,” Pentera CEO Amitai Ratzon said recently, as he announced the initiative. 

“In light of the significant increase in attempted cyberattacks on various entities in Israel, we believe it is our duty to contribute to strengthening the home front and enhancing the economy’s readiness in this critical domain.”

Ofer Yavelberg: Our goal is to find the gaps so they can be fixed before our adversaries use them (Depositphotos)

While the offer to carry out such assessments was newly extended, Yavelberg says multiple organizations have already begun to request assistance. 

He says the sensitive nature of the information and the present security situation in Israel means that the company cannot share the names of any of the organizations with which it is now working.

The company is actively reaching out to organizations that qualify for its free assessment, but institutions can also appeal to Pentera individually. 

“We believe it is our duty to help strengthen the home front and contribute to organizations vital to the continuity of Israeli society,” Yavelberg says.


Click Here For The Original Story From This Source.

National Cyber Security