Israel’s largest oil refinery operator, BAZAN Group, is currently grappling with a severe cyber attack that has rendered its corporate websites inaccessible to users worldwide. The company’s websites, bazan.co.il and eng.bazan.co.il, have been hit with HTTP 502 errors and access denied (403) messages, pointing to a potential DDoS attack.
Reports suggest that the hacktivist group Cyber Avengers, also known as CyberAv3ngers and claimed to be of Iranian origin, may be behind the attack. In a Telegram channel, the group bragged about breaching BAZAN’s network and even leaked supposed screenshots of the company’s SCADA systems, raising concerns about the safety and integrity of industrial control systems.
The Cyber Avengers have been making bold claims about their involvement in previous cyber incidents in Israel. They have asserted responsibility for the 2021 fires at petrochemical plants in Haifa Bay, attributing the incidents to a pipeline malfunction. Additionally, they alleged to have targeted 28 Israeli railway stations in 2020 by attacking industrial servers.
However, the authenticity of these claims remains unverified. It appears that the group exploited a vulnerability in a Check Point firewall associated with Oil Refineries Ltd., which assigned the IP address used in the attack. Despite the leaked materials and the group’s claims, a spokesperson for BAZAN dismissed the information as “entirely fabricated.” They acknowledged a brief disruption in their image website during the DDoS attack, but they assert that no damage was done to the company’s servers or assets. The spokesperson labeled the incident as an act of propaganda aimed at spreading misinformation and causing panic.
BAZAN emphasized that their cybersecurity measures are robust, and they are closely collaborating with the Israeli National Cyber Directorate and their partners to monitor and counter any suspicious activities to safeguard the integrity and security of their operations. The cyber attack on BAZAN Group underscores the growing threats posed by hacktivist groups targeting critical infrastructure industries.
As attacks become increasingly sophisticated and persistent, organizations like BAZAN face the challenge of fortifying their cybersecurity defenses to protect their assets, operations, and reputation. The incident serves as a stark reminder of the importance of proactive and vigilant cybersecurity measures to fend off potential cyber threats and maintain the resilience of essential services in an increasingly interconnected digital landscape.
