View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
July 14, 2022updated 15 Jul 2022 10:56am

Expert doubts Altahrea Team’s claims about Israel power plant fire

Hackers say they took control of a power plant before it caught fire, but cybersecurity analysts are sceptical.

By Claudia Glover

The Altahrea Team hacking group has taken responsibility for a power plant fire in Israel today, saying it assumed control of the plant’s remote management system ahead of the blaze. A security expert who spoke to Tech Monitor is highly dubious about the claims, and believes such an attack would be beyond the group’s capabilities.

The Orot Yosef power plant in Southern Israel caught fire earlier today. No one was injured in the blaze, and the official cause has yet to be determined. Reporter Arnold Nataev, from Israeli radio station Radio Darom 97, tweeted from the scene that the source of the fire appears to have been an air filter.

“The fire and rescue service updates that it is the burning of an air filter in an IEC facility that endangers the nearby facilities,” he wrote earlier today.

However, Altahrea has claimed responsibility for the fire on its Telegram channel. The group says it hacked into the remote energy measuring system of the power plant prior to the blaze and shared the system’s IP address online for anyone to access. It is unclear from the messages whether the group is claiming to have started the fire itself.

On the channel, Altahrea Team shared images of the power plant fire, and posted provocative statements like: “Do you smell gas or Benzen? Check the store,” before leaving the number of the local fire department.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

Yossi Reuven, security research team lead at Israeli security company SCADAfence, is sceptical about Altarhea’s claims. “It is unlikely that this one is related to them [Altahrea] due to the high impact, sophistication and capabilities needed to execute this type of attack,” he says.

The Orot Yosef plant is operated by Edeltech. It has been up and running since 1989 and has an output of 1,189mw of electricity. Tech Monitor has contacted Edeltech for comment on the fire.

Who are the Altahrea Team?

Altahrea Team is thought to be made up of Iranian hackers, or Iraqi hackers supportive of Iran.

It is “known for multiple DDoS attacks on Israeli targets like the Jpost, Israeli 9 channel and the Israeli port authority,” according to security company Check Point, which added that “these loud attacks appear to be politically motivated.”

DDoS attacks are relatively simple to execute, meaning a complex operation such as taking control of a power plant remotely would be a significant departure for the gang.

Altahrea Team has not limited its operations to Israel. In May, Tech Monitor reported that it knocked out systems at the Port of London Authority offline with a DDoS attack, while in April it struck Turkish media outlet Anadolu Agency as well as Turkish President Recep Urdogan’s website. 

Cyber tensions have been running high between Israel and Iran, and last month hackers linked to Israel claimed to have taken control of systems at three state-owned steel companies in Iran.

Read more: Will closer ties with Israel impact cybersecurity in the UK?

Homepage image courtesy Oleksii Liskonih/iStock

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU