Cyberattack on Israeli 'Kosher' Internet Provider
Internet Rimon, an Israeli internet provider catering specifically to the religious and haredi sectors, fell victim to a devastating cyberattack last night, courtesy of an Iranian cyber group known as "Promised Revenge." The breach occurred around 11:30 p.m. on Saturday, leaving many customers with severe disruptions in service, ranging from partial disconnection to complete loss of network access.
The incident was acknowledged by Internet Rimon early this morning, with the company releasing a statement assuring its customers that they were taking immediate action to block the attack and restore connectivity. However, despite these efforts, some customers continue to experience difficulties connecting to the internet and disruptions in filtering services.
Rimon Internet Management expressed gratitude to their customers for their understanding and trust, as well as their cooperation during this challenging period.
The Impact on Rimon's Services
According to Rimon IIX, the communication graph of the Israeli Internet Exchange shows a noticeable decrease in traffic around the time of the hack, although not a complete halt. This morning, some customers managed to access the internet, but not all. The hackers, meanwhile, released a video claiming to have successfully hacked Rimon's computers and disabled servers, deleting internal infrastructure.
The group has stated that they have obtained sensitive information from the company's internal network without releasing any concrete evidence of data theft. However, Internet Rimon assures that at this stage, there are no indications that personal customer information has been leaked.
How Does Rimon Internet Filtering Work?
Rimon Internet filters content by routing all traffic through its servers, acting as an internet provider with full oversight. Utilizing a legitimate MITM (Man-in-the-Middle) method, it decrypts HTTPS traffic, scans it by user rules, blocks unwanted content, and then restores browsing.
This comprehensive approach grants the company access to sensitive data, including site addresses, page content, login details, preferences, filtered content, and correspondence. A breach of this sort could expose not only credentials but also personal information of this nature.
The Risk of a Hack
A cyberattack on an internet provider like Rimon poses significant risks to customers, including exposure of sensitive data, disruption of services, and potential financial loss. In the case of Internet Rimon, their services are currently down, with limited support available via a recorded line (*8900) and Facebook updates.
Customers have reported partial recovery in some instances, but the incident remains unresolved. This highlights the importance of vigilance and proactive measures to protect against such cyber threats.