An Iran-linked threat group claims to have accessed the security cameras of an Israeli defense contractor and leaked videos of internal meetings and employees working on defense systems.
The threat group – Cyber Toufan – has been posting about the alleged breach of Maya Engineering on its Telegram channels for at least a few weeks, but the group’s claims became public in recent days in an X post and articles on media sites such as Straight Arrow News and Breached Company.
The claims remain unverified, and The Cyber Express has reached out to Maya for comment and will update this article with any official statement, but the alleged incident shows the importance of including surveillance cameras and other sensitive devices in cybersecurity plans.
“Scary stuff,” SANS instructor and consultant Kevin Garvey said on X. “Shows how *any* connected asset needs rigorous security associated to it! Good reminder to all to check if cameras and other peripherals are part of your standard vuln management and secure config programs (amongst others functional programs).”
Alleged Israeli Defense Contractor Breach
A check of Cyber Toufan’s Telegram channels by The Cyber Express found claims of the hack as early as October 12 (image below).
However, the group claims to have had access to Maya’s systems for more than a year.
“One and a half years after gaining full access to the network, we have explored every part of it and reached the QNAP archive,” claims a Cyber Toufan post reported by International Cyber Digest on X. “Through the systems, we have breached Elbit and Rafael’s through then. Their phones, printers, routers and cameras as well. We have recorded your meetings with sound and video for over a year. This is just the beginning with Maya!”
Footage released by the group shows company employees allegedly working on several defense systems, including missile and drone systems, and the group also claims to possess technical drawings of sensitive parts like missile components.
Cyber Toufan’s Link to Iran
Cyber Toufan’s advanced tactics suggest technical acumen well beyond that of a typical hacktivist group, raising the possibility of a nation-state link to Iran.
Cyble’s threat intelligence profile of the group states, “Cyber Toufan is a threat actor group known for targeting Israeli organizations, with possible nation-state support from Iran. Their tactics include hack-and-leak operations, data breaches, and data destruction, impacting numerous organizations. Their activities are linked to geopolitical tensions in the Middle East, featuring a mix of technical breaches and psychological warfare. Threat actors associated with Cyber Toufan operate by infiltrating systems to steal sensitive data and disrupt operations, aiming to cause economic and political damage to their targets.”