Sometime between October 2011 and August 2012, a digital attack permitted access to sensitive technical data regarding Israel's "Iron Dome" defense system which had been stored on the networks of three Israeli defense firms.
The revelation was first disclosed Monday in a blog post by Krebs on Security. Krebs called out Elisra Group, Israel Aerospace Industries (IAI) and Rafael Advanced Defense Systems (RADS) for having been hacked, likely by the "Comment Crew," a group known for its ties to the Chinese People's Liberation Army.
Citing a report provided by Cyber Engineering Services Inc. (CyberESI) which has not yet been made public, Krebs says hackers made off with "large amounts of data," specifically including schematics for the Arrow 3 missiles used in the Iron Dome system, Unmanned Aerial Vehicles, ballistic rockets and "other technical documents."
Lauded as a "game-changer" for Israel in the ongoing violence between Palestinian militants and the Israeli military, the Iron Dome system is able to detect and intercept incoming rockets. Development of the system was largely funded by the U.S. government.
According to CNN, Arrow 3 missiles aren't limited to Israeli use and are also employed in American systems.
"Most of the technology in the Arrow 3 wasn’t designed by Israel, but by Boeing and other U.S. defense contractors," said Joseph Drissel, CyberESI's founder and CEO, to Krebs. "We transferred this technology to them, and they coughed it all up. In the process, they essentially gave up a bunch of stuff that’s probably being used in our systems as well."
Contacted by The Guardian, a spokesperson for RADS denied any knowledge of a data breach.
"Rafael does not recall such an incident," Amit Zimmer said. "Rafael's data bases, including its air defense data bases, are extremely well protected to the highest standards."
In a conversation with Haaretz, an English-language Israeli news source, an IAI spokeswoman acknowledged the breach, but played down its significance as "related to an attempt at penetrating the company's civilian, unclassified Internet network ... several years ago."
Lior Tabansky, a senior researcher at the Yuval Ne’eman Workshop for Science, Technology and Security at Tel Aviv University, told Haaretz it's possible the hackers were fed decoy documents instead of the real thing.
"Defense companies like Rafael and IAI have sophisticated cyber defenses, including honey traps that mislead hackers into trying to break into them,” said Tabansky. “They steer them into designated computers and feed them fake documents."
CyberESI did not immediately respond to a request for comment from The Huffington Post.