Israel Matzav

Israel preparing for cyberattack

This afternoon, Mrs. Carl, who works in high tech, bounced me an email from her boss, warning that Israel may soon be under cyberattack, and suggesting that all employees make sure that their computers, and especially their client files, are secured and backed up, and that everything is password protected with different passwords. The boss warned that clients will not pay for time lost due to having to reconstruct missing information.

Mrs. Carl's boss is a wise woman and knows of what she speaks.

The attack is set for Sunday, April 7 — coincidentally, or perhaps not, the eve of Holocaust Memorial Day in Israel. Computer system administrators and security experts have been shoring up network defenses, changing passwords, and ensuring that they have the Internet bandwidth to withstand an attack.

In their latest screed, the hackers behind the newest incarnation of #OpIsrael, the ongoing attempt to “wipe Israel off the map of the Internet,” appealed for unity in the hacker community, which needed to come together to attack Israel. “We can’t be consumed by our petty differences any more,” said the message, posted on hacker-friendly websites. “We will be united in our common interest. We will once again be fighting for freedom.” In a theatrical flourish (using a quote from the 1996 film “Independence Day,” which portrayed mankind fighting off a Martian invasion), the hackers state: “’We will not go quietly into the night! We will not vanish without a fight! We’re going to live on, we’re going to survive.”

While the attacks are aimed at government, bank, academic, and business websites (the hackers have published extensive lists of their targets), ordinary Israelis should take precautions as well — just in case, said the Israel Internet Association (ISOC), which is taking the threat so seriously that it will be operating a hotline (03-9700911) for people to report attacks, and will update its website throughout the day with status reports about what is going on in cyberspace.

The most important thing Israelis can do, said Nir Kapelushnik, ISOC’s CEO, is to shore up passwords — get rid of simple ones (like “abc123”) and choose complicated ones (at least 8 random letters/digits, mix capitals and small letters, no names or obvious terms, etc.); renew/update anti-virus software; upgrade and update to the latest versions of browsers; and stay away from suspicious links, attachments, documents, etc. “The upcoming hacking attack is liable to disrupt our day-to-day activities,” Kapelushnik said. “We do a lot on the Internet today, including sending and receiving mail, shopping, searching for information, and interacting with social networks. The measures we are recommending will hopefully keep the damage to individual Israelis to a minimum.” Those measures, he reminds us, will protect users from hackers, crackers, and cyber-thieves, even on “ordinary” days.

In truth, however, the real cyber-battle will be fought not on the computers of home — or even office — users, but on the servers that hold the websites of large companies, government agencies, financial institutions, and infrastructure, said Lior Tabansky, a fellow at the Yuval Ne’eman Workshop for Science, Technology, and Security of Tel Aviv University. The Workshop is headed by Prof. Yitzchak Ben-Yisrael, who also heads the National Cyber Directorate, which advises the government on matters of cyber-security and policy. 

As such, the folks at the Workshop have a great deal of influence on how the government implements its cyber-security policy, albeit not in an official capacity. “We are advisers… and they usually take our advice,” Tabansky explained.

But the entire story just might be overblown.

But there is more bark than bite in hacker threats, continued Elazari; the propaganda the hackers are spreading about “April 7 #OpIsrael Day” as a global phenomenon is just false. “They claim to be associated with the international hacker group Anonymous, but it is clear to us that the hackers organizing this are run-of-the-mill, anti-Israel hackers from Arab countries, who run attacks like these almost daily. The operation has a self-proclaimed leader who, we believe, is located in Mauritania. ‘Leaders’ are a very un-Anonymous phenomenon, but they are very closely associated with Arab hacking efforts, going all the way back to the Second Intifada.

“We in the security industry have known about this for a month, and we have been spreading the word to network administrators and security personnel around the country on what to expect,” said Elazari. “So I imagine we are well prepared to handle these attacks. It’s likely, though, that users will feel a slowdown in Internet speed, because ISPs may have a hard time handling all the traffic that comes through their servers.” Unless, as she suggests, they cut off domains or IP address segments from where the attacks seem to be coming.

 Read the whole thing. 

Labels: cyberwar

posted by Carl in Jerusalem @ 2:49 PM