Cyber Incident Victim: Israel's Electric Authority
Date:
Jan 2016
Location:
Israel
Summary
Israel's Electric Authority experienced a severe cyber attack that compromised its systems, prompting officials to actively work on neutralizing the threat. The incident was detected during a period of extreme cold weather, with the Energy Minister confirming the malware had been identified and countermeasures deployed to mitigate it. This attack occurred shortly after a disruptive cyber incident targeting Ukraine's power grid, though no operational disruptions or specific impacts beyond the intrusion were detailed in available reports. Response efforts focused on containment and eradication of the malicious software.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On January 13, 2016, Israel's Energy Minister Yuval Steinitz publicly disclosed that the country's Electricity Authority had experienced a severe cyberattack. The intrusion was detected the previous day, coinciding with sub-freezing temperatures in Jerusalem that increased national electricity demand. Minister Steinitz announced the incident during a cybersecurity conference in Tel Aviv, confirming that technical teams had identified the malicious software and developed neutralizing tools to counter the threat. Officials characterized the event as an ongoing security incident requiring sustained defensive efforts, though no operational disruptions to power generation or distribution systems were explicitly confirmed in available reports. The disclosure marked one of the first confirmed cyber intrusions against Israel's critical energy infrastructure at the national level.
The attack occurred approximately five weeks after a confirmed cyber-physical disruption of Ukraine's power grid in December 2015, though no technical or attributional connection between the two incidents was specified in official statements. Israeli cybersecurity personnel worked to contain the intrusion while maintaining grid reliability during peak winter demand. Minister Steinitz's conference remarks framed the incident as a resolved threat due to the deployment of neutralizing software, though the persistence of response efforts indicated ongoing vulnerability management. The disclosure highlighted infrastructure security challenges during extreme weather events when system availability pressures intersect with cyber threats. No actor attribution, specific intrusion vectors, or data compromise details were formally released by Israeli authorities in immediate aftermath reports.