This post is also available in: heעברית (Hebrew)

ddosOver the last day data stored on many Israeli internet servers has faced an attack called Distributed Denial-Of-Service (DDoS), resulting in extremely slow browsing times, making it almost impossible to surf.

An analysis of the IP addresses that initiated the attacks shows that they originate in the Palestinian Authority, and other Arab countries.

What is DDOS attack? This cyber attack, occurs where a large number of computers point at one site either to obtain information, to perform an action, or to view a page. The load generated to the site, due to the multitude of incoming non-natural hits causes the sites to slow down and even to get stuck.
How does the DDOS attack? It takes just a very small number of computers to perform these attacks and sometimes even just one that can get though security holes, with tiny software implant to make other computers its slave. From this moment, when receiving guidance from the Master computer they function as slaves following the master computers instructions ,sometimes without the awareness of the computer’s owners.  Then all at once these further computers can automatically start attacking sites.

This attack is considered quite primitive in the world of hackers, is easy to identify, react to and to block. It does not require any special tools to perform, such as software or hardware except for a basic knowledge in communication and information security.

ISOC has identified the onset of this attack by its prominent feature – multiple loads to the DNS (Domain Name Server) to all URLs ending co.il (the role of DNS servers is to translate domain names to numeric IP addresses and vice versa ).

The current attack is only one part of a long chain of attempts to attack Israeli cyberspace with the most prominent attacks including the temporary takeover of the Israeli page of “Statusim Mezayanim – Outstanding Statuses”. The strikes failed to damage the critical infrastructure of both IEC and Israel Railways and another example was the temporary takeover of the broadcasting Channel 10 site. What is clear is that these attempts will only deepen, become more sophisticated, more difficult to detect and could potentially cause massive destruction.