The first Israeli high-tech delegation to the Emirates departed this morning (Sunday), led by Jerusalem Venture Partners Fund and entrepreneur Erel Margalit. Over the next four days, the delegation is set to hold high-level meetings with senior officials as well as innovation and investment counterparts in Dubai and Abu Dhabi, to build cooperation between Israeli and Emirati hi-tech, and deepen the newly found relationship between the two countries.

Erel Margalit, CEO and founder of the Jerusalem Venture Partners (JVP), February 18, 2019. / Hadas Parush/Flash90

On Tuesday, participants will join first of their kind ’round table’ meetings between entrepreneurs from the two countries– both of which are renowned internationally as leaders in the field. Ahead of the visit, the delegation was honored to have received the warm welcome of the UAE Government and was looking forward to the opportunity to meet senior ministers during the visit.

“Hi-tech is the locomotive engine that leads the Israeli economy, so we have a key role in leading relations and cooperation with the Emirates, with an emphasis on partnership,” commented JVP founder and chairman of Margalit Startup City Erel Margalit.

He added, “I am proud to lead the first Israeli hi-tech delegation to the Emirates. Our companies have been in business contact with the Emirates for a number of years, and now an opportunity has arisen to expand this network of relationships, deepen the ties significantly, and allow more and more Israeli companies and entrepreneurs to be part of this connection and success.”

Margalit stressed, “This is not just a business opportunity, but a political opportunity for a new page between the Israeli hi-tech community and the entire Middle East. With us in the delegation, are the CEOs of emerging Israeli hi-tech companies from every field, and I am sure we will create real partnerships here that will contribute to building successful Israeli companies that will propel the Israeli economy forward, precisely during this period, and create more and more new jobs.”

The delegation was invited to the Emirates by the DIFC (Dubai International Financial Center), the body that manages the free trade area in the financial heart of Dubai – which is one of the global financial centers. Members of the delegation will also receive a comprehensive tour of the financial center.

Among the companies participating in the delegation: Earnix, one of the world’s leading companies in insurtech and personalization of insurance and banking, an area with great interest in the Emirates, which is considered a powerhouse in the field of insurance in the Middle East; Up Control, an emerging Israeli company leading a revolution in the management of remote work networks; Morphisec, from Beer Sheva, which is a leader in innovative technology for protecting endpoints in organizations, which is a particularly relevant development for the protection of banks and infrastructure; and Secret Double Octopus, also from Beer Sheva, which provides a leading biometric solution for passwords.

Also of significant interest to the Emirati Government, companies, and investors is the field of foodtech. Among the delegation in the field is InnovoPro, a company that produces a protein substitute from chickpeas with high nutritional values. One of the most interesting companies in the world in the field, it is already a major player in dairy products in some of Europe’s leading chains, with products from ice-cream to mayonnaise. The company is now preparing for a breakthrough in the Middle East. Another company participating in the delegation is Agrint, which has developed technology to identify diseases in trees before they cause damage. One of the most serious infections in the world is the palm bacteria that destroys entire palm groves. Agrint’s solution for this has significant potential for agriculture in the Middle East.

Members of the delegation included: Entrepreneur, and former senior official in the Mossad, David Meidan; Udi Ziv, CEO of Earnix; FrankZvi, CEO of Copilot; Elad Ben-Meir,-CEO of SCADAfence; Dror Liwer – Co-Founder& Chief Security Officer of Coronet; Asaf Ganot, CEO of Control Up; Omri Kohl, CEO of Pyramid Analytics; Gal Rimon, CEO of Centrical; Ronen Yehoshua, CEO of Morphisec; Raz Refaeli, CEO of Secret Double Octopus; Mark Gazit, CEO of Thetaray; Yaron Ravkaie, CEO of Teridion; Tali Nehushtan, CEO of InnovoPro; Yehonatan Ben Hamozeg, CEO of Agrint; they were joined by JVP partners Yoav Tzruya, Fiona Darmon, Gadi Porat, Michal Drayman, and Rinat Remler, senior VPs Shimrit Kenig, Guy Pross, Pnina Ben Ami, and communications director Omri Sheinfeld.

Source from: https://www.jewishpress.com/news/business-economy/first-israeli-hi-tech-delegation-takes-off-for-the-emirates/2020/10/25/

Our Researchers Discover Another Vulnerability 

As part of our mission to secure the world’s OT, IoT and Cyber Physical infrastructures, we invest resources into offensive research of vulnerabilities and attack techniques.

CVE-2020-16850 (US ICS-CERT) is a CVSS 8.6 remote CPU DoS vulnerability in Mitsubishi Electric iQ-R Series that has been discovered by SCADAfence researcher Yossi Reuven.

Mitsubishi Electric is one of the world’s leading electronics and electrical equipment manufacturing companies, and is in use by many of our customers. We have been working with Mitsubishi Electric for the last few months in handling multiple vulnerabilities, and on October 8th, Mitsubishi Electric published an official security advisory reporting this vulnerability and its mitigations.

About The Vulnerability – CVE-2020-16850

MELSEC iQ-R Series is Mitsubishi Electric flagship product line – designed for high productivity automation systems. iQ-R CPUs’ communication with GX Works 3 (Engineering software package) is done via Mitsubishi Electric proprietary protocol MELSOFT (which works on both TCP and UDP).

A single specially crafted packet sent by an attacker over the MELSOFT UDP protocol on port 5006 will cause a denial-of-service (DoS) vulnerability due to uncontrolled resource consumption (CWE-400). The PLC’s CPU will get into fault mode, causing a hardware failure (error code: 0x3C00 – hardware failure). The PLC then becomes unresponsive and requires a manual restart to recover.

What SCADAfence Recommends Vendors To Do

Perform an Industrial Vulnerability Management Process

Please refer to our guide on this topic: https://www.scadafence.com/public-preview-a-comprehensive-guide-to-industrial-device-patching/

Monitor for Unauthorized Network Activity and Exploitation

Some devices will always remain unpatched. Monitoring is an early warning system that allows you to act before attackers have gained full control over your network.

Upgrade to the Latest Firmware (When Available)

Currently no firmware update is available (will be released soon by Mitsubishi Electric)

Prevent Unauthorized and Untrusted Access

– Use a firewall or virtual private network (VPN), etc. to prevent unauthorized access when Internet access is required.

– Use within a LAN and block access from untrusted networks and hosts through firewalls.

Block UDP Port 5006 and Use MELSOFT TCP

MELSOFT is an engineering software for Mitsubishi PLCs and gives users the option to use either the (connectionless) UDP and (connection-oriented) TCP protocols for programming and configuring the devices. SCADAfence recommends to block Block UDP port 5006 since the cyberattack leverages the connectionless UDP protocol and can cause the PLCs to stop functioning and cause a denial of service. Instead, users should use the TCP protocol for communicating with devices in the shop floor or the control network.

Special Thanks & Recognition

The SCADAfence Research team would like to thank the Mitsubishi Electric team for a speedy vulnerability reporting process even during the challenging COVID-19 times.

SCADAfence is committed to continued research of offensive technologies and development of new defensive technologies.

Exploit PoC

We wrote a Python POC (GPLv3) script of the exploit in action.

Currently, there’s no patch available. As a result, we limit the access to the exploit to vetted individuals only. The exploit is only available for educational and legal research purposes.

Warning: The script will crash the PLC’s CPU – do not use it in production.