April 7th cyber attack

April 7th cyber attack

This post is also available in: heעברית (Hebrew)

Background

16548360_sAs you all know, there is a planned cyber attack on Israeli websites, planned for April 7th 2013.

Actually, the attack has already begun. In the past weeks  700 Israeli website suffered repeated cyber-attacks, including high-profile government systems such as the Foreign Ministry, and the Israeli President’s official website. The Israeli Finance Ministry reported an estimated 44 million unique attacks on government websites

Last week hackers proclaimed they had broken into the Mossad’s servers and stolen the names and personal details of top IDF officials, politicians and, especially, Mossad agents. Reports on several hacker websites said that Anonymous, along with the Turkish group The Red Hack and the Arab group Sector404, both of which are allied with Anonymous, managed to break into the Mossad’s public website and steal several Excel spreadsheets containing the details of over 34,000 “Mossad agents.” The files ostensibly list names of the alleged agents, email addresses (private and work), home addresses, and other identification information.

The integrated attack is another chapter in what is being dubbed #opisrael, an operation that was launched during Operation Pillar of Defense and has continued since. Recently it was reported that as part of this “operation,” details of some 600,000 users of Walla’s email were exposed. Many of the groups planning the attack are affiliated with the hacking collective known as Anonymous.

.

Methods of Attack: “Power to the People/Attackers”

Operation Israel, also known as #OpIsrael, is an Anonymous hacktivist campaign planning to take down Israeli government websites through distributed denial of service (DDoS) attacks

DDoS attacks are not new, they’ve being executed before, and probably will be executed in the future.

What is new in this case is the joint-forces by virtual-army of cyber attackers to conduct a state-wide cyber attack.

Hacker group ‘Anonymous’ and the’ People’s Liberation Front’ have created a data-sharing site called AnonPaste, meant to host pastes of code and other messages without any moderation or censorship of the information posted. The new site, which uses a free .tk web address, allows users to set a time for the paste to expire.

The Hackers Post reports AnonGhost, said: “The hacking teams have decided to unite against Israel as one entity and that Israel should be getting prepared to be ‘erased’ from the internet. Its not one Hacker, Its not one Team, But Various Hacker, Various Teams from all over the World are participating in this Operation! Its gonna be the biggest ever operation launched against any country, Its gonna be Huge!”

Many more known hacktivists, notorious for carrying out state-targeted attacks, are supporting the campaign.

It is most likely that success of this attack will accelerate further attempts of attacks, and not just denial-of-service. I’m sure the hackers will also try to plant “Trojan horses” infecting web users with viruses.

Going back to the ‘joint-forces’ against Israeli websites, the hackers use public & open source platforms to ‘spread-the-word’, update and organize the attacks.

You can see sites post target list of Israeli websites, and updating the attackers via the social networks (twitter & Facebook). Furthermore, they post the utilities of the attacks so everyone can use it…

.

Here are 3 examples:

1- Site: http://pastebin.com/0tQJukLL – Post of target attacks

123

2 – Twitter

2

3

3 – pastehtml.com/view/cdvr011a5.html

4

.

Summary

The planned attack has a new attack vector utilizing joint-forces to attack nation-wide web sites. This is the first time that attackers use public/social means to gather-up and joint forces for the purpose of attacking a country.

While the technology itself is not new, it might be lethal if not mitigated correctly.

Israel authorities are well aware of the incoming attacks, and are doing the best they can to secure the essential information assets of the country. Although some sites will be slowed down, or even denied of service for a limited time, the attacks will not cause serious damage to the Israeli market.

Israel is a veteran of joint-attacks. It has prevailed before &  It will prevail this attacks in the virtual space & in the future.

oded-blatmanThe writer is Mr. Oded Blatman,
Founder and CEO
NetSys HLS Ltd.