The National Cyber Array published this morning (Monday) the results of the investigation into the attempted cyber attack against the "Ziv" hospital that took place last month, which claim that Iran and Hezbollah are behind the attack.
"At the end of a joint investigation by the national cyber system, the IDF and the Shin Bet, it was found that the cyber group of the Iranian Intelligence Ministry, with the involvement of the Hezbollah cyber group, were behind the attempted cyber attack aimed at disrupting the Ziv Hospital in Safed about three weeks ago," the statement said. "Through the joint efforts of the cyber system, the IDF, the Shin Bet, and the Ministry of Health and Hospital staff, the attack was stopped before it was able to achieve its goal of disrupting the hospital's operations and harming the medical treatment of civilians. However, it was found that the group stole some of the sensitive information which is stored in the hospital systems."
The investigation revealed that the AGRIUS cyber attack group, which belongs to the Iranian Ministry of Intelligence, tried to carry out a cyber attack on the Ziv Hospital in order to damage its regular functioning, against the background of the "Swords of Iron" war. It was also said that the attack was carried out by the Ministry of Intelligence with the involvement of a Hezbollah cyber unit called Lebanese Cedar led by Muhammad Ali Marai.
The National Cyber Organization clarified that "the attack was stopped at an early stage, thereby preventing the attempt by Iran and Hezbollah to harm the functioning of the hospital and the potential for humanitarian harm to civilians. However, the attackers managed to take materials from the hospital and began to publish them on social networks. In joint efforts with the state attorney's office, in order to preserve the privacy of the patients, the channels on the social networks where part of the sensitive information was published were removed."