"Countries like Iran have the ability to redirect user inquiries," says security expert in conversation with "Israel Today" • Ministry of Education: "Test did not bring any special findings"

Imagine a scenario where a hacker is viewing your children's personal information, from ID numbers, residence address, to personal information written to the education system. Such a security vulnerability was discovered on the Ministry of Education's website and allowed attackers to track personal information of the surfers, and even to damage the attacker's personal computer.

The source of the vulnerability, which was revealed on the office's home page and public inquiries page, is the site's lack of rigor when it comes to making secure connections (HTTPS), security experts say. And that's not all, the weakness was also found in the teaching staff portal, which hackers can remotely track on the site. For example, a particularly unsophisticated attacker can follow up without interrupting a conversation with the Department of Education, or even impersonating.

"Countries like Iran have the ability to redirect user inquiries on the Iranian Ministry of Education website. This very routing allows them to attack the same Israelis in a number of ways, "says Roi Paz, an information security expert and researcher of weaknesses in a conversation with Israel Today. "Anyone who accesses the Ministry of Education website can be hacked through browser vulnerability or alternatively steal the information entered into government websites without the DNSSEC and HSTS Preload protocols."

"As soon as the site is not protected from attack attacks, it can inject DNS Poisoning or steal everything a user is typing or writing," Paz adds. "This is because the site also uses external or internal sources that are standard HTTP which does not really give full protection."

Another problem that arises from the site security issue is phishing. "The two websites of the Department of Education that show security certificate malfunctions mean that the rankings of those sites in Google's search results have dropped," notes Amir Carmi, HackerU Solutions' head of defense at Talk to Israel Today. "That way, fast attackers can take advantage of the situation, put up an impersonal site that looks the same and change one letter in the address, and put a valid security certificate on it. Then they can promote the same site as an impostor in many ways, legitimate or illegitimate. "

"In Google's search results, when I search for" the Ministry of Education, "I get the attackers' site in the first result, and from there a short way to steal sensitive information or plant malware by downloading online forms," ​​Carmi adds. "In addition, there is the page of the Education Ministry's complaint form that contains personal information and is not at all secure in a security certificate, which would allow an attacker connected to the same network to disclose the same information."

On the other hand, an Israeli information security firm claims that "It is something that should not be, certainly not a government website that contains sensitive information about students, but the situation can only occur if the attacker is on the same Internet network. For example, surfing the same WiFi network in a cafe. "

The Ministry of Education said in response: "The Ministry of Education is using a lot of resources to ensure that information is kept at a very high level of security. In the meantime, the firm's websites are regularly scanned, in-depth and thorough by the Ministry of Education's special information security professionals and the government's cyber protection unit (Yahav) which, according to the newspaper's claims, make it clear that they have been reviewed by us as well The cyber defense unit in government. The test did not reveal any special findings. As much as the newspaper has other information, the firm will be happy to investigate it thoroughly and in-depth. "