Ransomware Attack Hits Israeli Industrial Batteries by Handala Hack Group
Ransomware Attack on Israeli Industrial Batteries (IIB) by Handala Hack Group
Israeli Industrial Batteries (IIB), a leading manufacturer and distributor of industrial batteries in Israel, has fallen victim to a ransomware attack by the Handala Hack group. The attackers claim to have exfiltrated 6 TB of highly sensitive data, including emails, design files, customer details, and human resources information related to military energy storage systems.
About Israeli Industrial Batteries (IIB)
Established in 1992, IIB specializes in various battery types, including lead-acid flooded stationary batteries and lithium-ion batteries for industrial motive and stationary applications. The company operates a fully automated manufacturing plant and has made significant strides in energy storage systems, particularly for renewable energy applications. In early 2023, IIB became part of the Sunlight Group Energy Storage Systems, enhancing its presence in the Middle East and North Africa (MENA) region.
Company Size and Market Position
IIB employs a diverse workforce and maintains a significant production capacity to meet both local and international demand. The company is a market leader in the electric forklift battery segment, supplying major OEMs such as BT-Toyota, Hyster, Yale, Jungheinrich, Linde, and Still. IIB's commitment to innovation and quality has earned it an ISO 9001:2000 certification, ensuring adherence to international quality benchmarks.
Vulnerabilities and Attack Overview
IIB's extensive involvement in critical energy storage infrastructures for military and defense applications, including radars and telecommunication equipment, makes it a prime target for cyberattacks. The Handala Hack group claims to have compromised IIB's systems, exfiltrating sensitive data that includes comprehensive financial and administrative documents, as well as detailed production and design records.
About Handala Hack Group
Handala Hack is a cybercriminal organization known for its pro-Palestinian agenda and history of targeting Israeli institutions. The group employs sophisticated tactics, including phishing campaigns and multi-stage loading processes, to bypass traditional security measures. Handala has previously claimed responsibility for breaches involving Israel's radar systems and the Iron Dome missile defense systems.
Potential Penetration Methods
While the exact method of penetration remains unclear, it is likely that Handala Hack used a combination of phishing emails and malware to infiltrate IIB's systems. The group's history of sophisticated phishing campaigns, including emails written in Hebrew, suggests a targeted approach to compromising IIB's network.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!