A global cyberattack launched last week from over 1,300 locations was exposed by Israeli security researchers Liad Mordekovitz and Ophir Harpaz from the Guardicore cybersecurity company.

Follow Israel Hayom on Facebook and Twitter

The main target of the cyberattack were servers of companies and organizations in the health, tourism, media, and education sectors, including hospitals, hotels, schools, and government agencies, mostly in the US, Vietnam, and India.

In all, the attack targeted over 2,000 entities. Hackers used the servers as a base from which to cause harm to additional companies, decentralizing the attack to make themselves harder to trace.

Servers breached in the attack used Microsoft's SMB protocol. The attackers created a "backdoor" that allowed them to penetrate the servers repeatedly and sell the access on the dark web. According to some assessments, every compromised Windows server is worth hundreds of dollars, which adds up to a significant sum.

The purpose of the attack? To harness the servers to mine digital currency, install Trojan horses, and collect information. The hackers were also able to employ advanced methods of eradicating other hackers' malware found on the servers so they could have exclusive "use" of them. The hackers also took care to delete their own files after use.

Guardicore researchers published a tool that would help heads of cybersecurity identify whether their organizations' systems had fallen prey to the attack, along with recommendation about how to protect their systems from similar attacks.

Guardicore, founded in 2013, develops a software-based cybersecurity solution that is detached from a physical network. The company describes its offering as a "faster, more cost-effective alternative to firewalls." The company employees over 270 worker, over half of whom at its R&D center in Israel, with the rest of its personnel at sales and support offices in the US, Canada, South America, India, western Europe, and the Ukraine.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post Israeli cybersecurity researchers expose worldwide hacking scheme appeared first on www.israelhayom.com.

Sixgill's Darkfeed, which collects threat intelligence from deep, dark, and closed web sources, can help organizations preempt cyberattacks before they are identified by conventional sources.

Follow Israel Hayom on Facebook and Twitter

Darkfeed will integrate with IBM Security QRadar, which identifies potential security threats by analyzing data across an organization's users, endpoints, clouds, applications, and networks in real-time.

Sixgill Vice President of Products and Technology Alliance Ron Shamir says that "organizations without preemptive threat intelligence are flying blind."

"Much of the traditional threat research that organizations still rely on is a time consuming, labor-intensive process that can't keep up with the threat landscape. Darkfeed provides unmatched automated intelligence from the widest set of threat data available. Together with IBM's technology, organizations are gaining industry-leading intelligence to stay ahead of attacks in real-time," Shamir said.

The Darkfeed application for QRadar is available to the security community through IBM Security App Exchange.

Subscribe to Israel Hayom's daily newsletter and never miss our top stories!

The post IBM security to integrate threat identification app from Israel's Sixgill appeared first on www.israelhayom.com.