Ransomware Attack Hits Israeli Industrial Batteries by Handala Hack Group

Incident Date:

September 19, 2024

World map

Overview

Title

Ransomware Attack Hits Israeli Industrial Batteries by Handala Hack Group

Victim

IIB (Israeli Industrial Batteries)

Attacker

Handala

Location

Nahariya, Israel

, Israel

First Reported

September 19, 2024

Ransomware Attack on Israeli Industrial Batteries (IIB) by Handala Hack Group

Israeli Industrial Batteries (IIB), a leading manufacturer and distributor of industrial batteries in Israel, has fallen victim to a ransomware attack by the Handala Hack group. The attackers claim to have exfiltrated 6 TB of highly sensitive data, including emails, design files, customer details, and human resources information related to military energy storage systems.

About Israeli Industrial Batteries (IIB)

Established in 1992, IIB specializes in various battery types, including lead-acid flooded stationary batteries and lithium-ion batteries for industrial motive and stationary applications. The company operates a fully automated manufacturing plant and has made significant strides in energy storage systems, particularly for renewable energy applications. In early 2023, IIB became part of the Sunlight Group Energy Storage Systems, enhancing its presence in the Middle East and North Africa (MENA) region.

Company Size and Market Position

IIB employs a diverse workforce and maintains a significant production capacity to meet both local and international demand. The company is a market leader in the electric forklift battery segment, supplying major OEMs such as BT-Toyota, Hyster, Yale, Jungheinrich, Linde, and Still. IIB's commitment to innovation and quality has earned it an ISO 9001:2000 certification, ensuring adherence to international quality benchmarks.

Vulnerabilities and Attack Overview

IIB's extensive involvement in critical energy storage infrastructures for military and defense applications, including radars and telecommunication equipment, makes it a prime target for cyberattacks. The Handala Hack group claims to have compromised IIB's systems, exfiltrating sensitive data that includes comprehensive financial and administrative documents, as well as detailed production and design records.

About Handala Hack Group

Handala Hack is a cybercriminal organization known for its pro-Palestinian agenda and history of targeting Israeli institutions. The group employs sophisticated tactics, including phishing campaigns and multi-stage loading processes, to bypass traditional security measures. Handala has previously claimed responsibility for breaches involving Israel's radar systems and the Iron Dome missile defense systems.

Potential Penetration Methods

While the exact method of penetration remains unclear, it is likely that Handala Hack used a combination of phishing emails and malware to infiltrate IIB's systems. The group's history of sophisticated phishing campaigns, including emails written in Hebrew, suggests a targeted approach to compromising IIB's network.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.