The Altahrea Team hacking group has taken responsibility for a power plant fire in Israel today, saying it assumed control of the plant’s remote management system ahead of the blaze. A security expert who spoke to Tech Monitor is highly dubious about the claims, and believes such an attack would be beyond the group’s capabilities.
The Orot Yosef power plant in Southern Israel caught fire earlier today. No one was injured in the blaze, and the official cause has yet to be determined. Reporter Arnold Nataev, from Israeli radio station Radio Darom 97, tweeted from the scene that the source of the fire appears to have been an air filter.
“The fire and rescue service updates that it is the burning of an air filter in an IEC facility that endangers the nearby facilities,” he wrote earlier today.
However, Altahrea has claimed responsibility for the fire on its Telegram channel. The group says it hacked into the remote energy measuring system of the power plant prior to the blaze and shared the system’s IP address online for anyone to access. It is unclear from the messages whether the group is claiming to have started the fire itself.
On the channel, Altahrea Team shared images of the power plant fire, and posted provocative statements like: “Do you smell gas or Benzen? Check the store,” before leaving the number of the local fire department.
Yossi Reuven, security research team lead at Israeli security company SCADAfence, is sceptical about Altarhea’s claims. “It is unlikely that this one is related to them [Altahrea] due to the high impact, sophistication and capabilities needed to execute this type of attack,” he says.
The Orot Yosef plant is operated by Edeltech. It has been up and running since 1989 and has an output of 1,189mw of electricity. Tech Monitor has contacted Edeltech for comment on the fire.
Who are the Altahrea Team?
Altahrea Team is thought to be made up of Iranian hackers, or Iraqi hackers supportive of Iran.
It is “known for multiple DDoS attacks on Israeli targets like the Jpost, Israeli 9 channel and the Israeli port authority,” according to security company Check Point, which added that “these loud attacks appear to be politically motivated.”
DDoS attacks are relatively simple to execute, meaning a complex operation such as taking control of a power plant remotely would be a significant departure for the gang.
Altahrea Team has not limited its operations to Israel. In May, Tech Monitor reported that it knocked out systems at the Port of London Authority offline with a DDoS attack, while in April it struck Turkish media outlet Anadolu Agency as well as Turkish President Recep Urdogan’s website.
Cyber tensions have been running high between Israel and Iran, and last month hackers linked to Israel claimed to have taken control of systems at three state-owned steel companies in Iran.
Read more: Will closer ties with Israel impact cybersecurity in the UK?
Homepage image courtesy Oleksii Liskonih/iStock