07232014Wed

Cyber attacks from Iran and Gaza on Israel more threatening than Anonymous’s efforts

The New York Times

By NICOLE PERLROTH

Anonymous, the loose coalition of hackers waging war on Israeli Web sites, is the least of Israel’s cyber problems. Its campaign against Israel is a minor annoyance compared with a wave of cyber attacks that have hit the country over the last year from Iran and Gaza.

Since Wednesday — when Israel began airstrikes into Gaza — Anonymous hackers have retaliated with millions of hacking efforts on Israeli government and private business sites, intermittently taking hundreds offline, defacing some with anti-Israel messages, deleting Web databases for others and dumping thousands of citizens’ usernames and passwords online.

The campaign, which hackers have dubbed #OpIsrael, is essentially the digital equivalent of a business getting hit with graffiti; it is a costly nuisance, but eventually databases can be recovered, messages removed and sites come back online. Israeli officials say the vast majority of the hacking efforts over the last week on government sites — some 44 million tries by one official’s count — have been unsuccessful, with the exception of one site that went “wobbly for a few minutes,” the Israeli finance minister, Yuval Steinitz, told reporters, before recovering.

Attacks from Iran and Gaza are another matter.

In July, security researchers at Kaspersky Lab and Seculert, two computer security firms, discovered that a strain of malware had infected Israeli companies. Many of those companies handle critical infrastructure, like the country’s energy and water supplies, computer and telecom networks. The malware, which the researchers named “Mahdi” after a command in its code, appears to have originated in Iran. Elements of the code were written in Farsi, dates in the malware’s code were formatted according to the Persian calendar, and the domains used in the attacks were registered to Islamic Azad University in Tehran. The term “Mahdi” may have also been a clue; for Shiites, Mahdi is a messianic figure.

The malware was designed to spy on computers by copying images and files, grabbing screenshots and using infected computers as recording devices to record users’ conversations. While many companies have been able to scrub the malware from their systems, security researchers say Mahdi is still actively spying on computers, predominantly in Israel, but also in Afghanistan, the United Arab Emirates, Saudi Arabia and the United States.

More recently, Israel was forced to take its police department offline two weeks ago after security experts discovered that many of the department’s computers had been infected with a remote-access tool, or RAT, which gives attackers realtime control of victims’ machines. The RAT appeared to be an off-the-shelf variation that can be bought on public sites for as little as $50.

After some investigation, researchers at Norman, a computer security firm in Fairfax, Va., noted that the  attacks originated from command-and-control centers in Gaza and that the same servers had been spying for over a year, first on computers in Palestine and then in Israel.

As far back as October 2011, the same command-and-control center had been used to spy on Palestinians. Palestinians received targeted e-mails, written in Arabic, that compelled them to click links that, when opened, gave  attackers full access to their computers. The e-mails often baited victims with politically relevant topics. One  discussed last year’s exchange of an Israeli soldier for Palestinian prisoners. Another included a video critical of Palestinian President Mahmoud Abbas’s treatment of Palestinians.

Then this year, in May, the same group of attackers shifted their target to Israel from Palestine. Israelis received e-mails, in English and Hebrew, that also discussed politically relevant topics,  like Mitt Romney’s supposed support for an Israeli airstrike on Iran. The e-mails also compelled recipients to click links that deployed the RAT.

Researchers have stopped short of blaming the attacks on any one group, but Aviv Raff, the chief technology officer of Seculert, said the content of the e-mails and the location of the command-and-control centers made clear that the attacks originated in Palestine.

Compared with those campaigns, Anonymous’s attacks on Israeli Web sites almost seem innocuous. And by Tuesday morning, six days after the group announced #OpIsrael, the collective’s campaign already showed signs of dissent.

Some Anonymous members took to Twitter to decry another member who had included an anti-Semitic screed alongside a data spill of thousands of Israeli e-mail addresses. And another member who had participated in several Anonymous campaigns in the past said he was abstaining this time around.

“I haven’t thrown my full weight and support behind #OpIsrael because its goals may be dubious,” the hacker wrote in a direct message on Twitter. “That said, I only have influence. Not control. I throw my influence around from time to time, but that’s the only tool I have.”

Search

Act of Cowardice

Iran's ruling tyrants have executed yet another political prisoner in flagrant violation of international law.  READ MORE

The rush to Tehran amidst rise in executions

World leaders should halt these visits and link any deal with Iran to its human rights record.  READ MORE

Arming a dictator

What if President Obama ordered the sale of arms to Syrian dictator to massacre his opponents? READ MORE

Slaughter intensifies under Rouhani

231 executions have occurred since the presidential election in June which brought to power Hassan Rouhani. READ MORE

Silence is not the answer

Iran: Bloody crackdown targeting dissidents aims at terrorizing the people into submission. READ MORE

Iran’s Murder Machine

The wheels of Iran's Murder Machine turn in tandem with its nuclear machine. READ MORE

What now?

The West must drop the dangerous pretence that talking to a regime not interested in listening constitutes the winning strategy. READ MORE

A facelift

This cosmetic facelift should not dupe the West into thinking that there are fresh prospects for a nuclear deal. READ MORE

An Act of Cowardice

The terrorist attack against Iranian exiles at Camp Liberty, Iraq, is another sign of Iranian regime's weakness. READ MORE

Much atalk about nothing

In Istanbul they merely agreed to talk about talking later in May in Baghdad, of all places. READ MORE

An unholy alliance

The brutal state-imposed bloodbath in Syria deserves uncompromising reproach. READ MORE

Iran cries for freedom

The clerical regime in Iran has predictably unleashed another wave of terror against the citizenry since the outburst of the latest string of mass protests beginning on 14 February. READ MORE

A new Iran policy

The latest round of nuclear talks had an all-too-familiar result: more time for Tehran and less time for the international community to prevent a nuclear-armed theocracy. READ MORE

Murder overlooked

What would the rest of us do if a mad gunman was in our midst, systematically murdering our fellow human beings in front of our eyes? The responsible amongst us would not look the other way, because that would serve as a source of encouragement for the murderers to carry on with their heinous acts unchecked. READ MORE

Standing up to Iran's executioners

The Iranian regime's malicious noose has yet again taken an innocent life. Political prisoner Ali Saremi, 63, was hanged in Tehran's infamous Evin prison after a lifetime of peacefully espousing human rights and democracy. READ MORE