Digital World Makes Cyberwarfare More Dangerous

Your car, your refrigerator, your cellphone, and your laptop are just a few potential targets of cyberwarfare. As our world becomes increasingly digital, it is also potentially more dangerous.

“Everything is more connected – even your car is online,” Tali Shimer, the marketing manager for ThetaRay, a company that specializes in solutions to online financial risk told The Media Line. “Hackers are also becoming more sophisticated.”

Shimer was speaking from her booth at CyberWeek 2016 at Tel Aviv University, a week-long conference that brings together world leaders in cybersecurity and companies marketing new products. 

Israel has long been one of the world’s centers for cybersecurity, a need that is growing as “the internet of things”, meaning connecting devices over the internet, is growing rapidly.

“We have the traditional threats in terms of the old school information security,” Tomer Zuker, the marketing manager of IBM in Israel told The Media Line. “The newcomers are mainly the cloud and mobile phones. It’s huge because people use their cellphone for personal use and work. We are working to secure infrastructures and sensors.”

While IBM has a global workforce of 11,000 people, and Israel houses one of its main R and D centers, cybersecurity is a global problem. In Singapore, for example, the government has now made it impossible for most government employees to search the internet directly from their computers at work.

“We are a prime target for cyber criminals and we have a responsibility to protect data,” David Koh, the chief executive of the cybersecurity agency I the Prime Minister’s office in Singapore told the conference. “The chain is only as strong as the weakest link. If one link is hit, many systems could collapse.”

Last year, hackers infiltrated into the power grid in Ukraine in what is believed to be the first attack on a power grid, leaving more than 230,000 Ukrainians without heat or power for up to six hours.

The growing cyber threat has led to new ties between states. Israel and the US signed a cyber defense treaty calling for real-time operational connectivity. Both countries will set up Computer Emergency Response Teams (CERTS).

“The declaration expresses the critical importance of joining forces between countries for the benefit for dealing effectively with common threats in the cyber domain,” a statement by Israeli Prime Minister Binyamin Netanyahu’s office said. “It expresses the obligations of Israel and the US to broaden and deepen bilateral cooperation in the field of cyber defense.”

At the ThetaRay booth, they say they have solutions to financial cyber attacks.

“We identify risks, threats and even opportunities,” marketing manager Shimer said. “We have an analytics platform that have been developed over the past ten years and that can cope with huge amounts of data.”

Israel has recently opened a large cyber tech park in the southern city of Beersheba. Among the international companies operating there are Lockheed Martin. Many Israeli experts say the openness and interconnectedness of the internet make it hard to secure.

“The current security solutions cannot cope with an advanced attack,” Yuval Elovici, the director of Deutsche Telekom Laboratories at Ben Gurion University told The Media Line. “Every advanced attackers will build a lab and put all of the security solutions inside. The challenge is how to build a security solution so that the attacker does not even know it is there.”

Israeli experts say new generation of hackers pose growing threat

This article first appeared on The Media Line.

The attacks perpetrated by today’s generation of hackers have evolved in both sophistication and capability, say cyber security experts. Governments and large corporations must now protect themselves from what have become known as APTs – Advanced Persistent Threats.

If attacks of the past were designed to be a nuisance which would clog up servers or collapse websites under bombardments of junk mail, then APTs can be understood as a long term effort to infiltrate a system without alerting the victim to the intrusion.

Technological advances have had a large role in bringing about the new threat but just as important is the sophisticated organizational techniques that hackers are now using, Hudi Zack, a representative of US Information Technology Verint Systems cyber department, told The Media Line. Technology which was previously only affordable to governments is now in the hands of criminals and this has increased the danger, he said.

But it is the way in which hackers are organizing their attacks which is the game changer. “The attackers are very patient, they know exactly where they want to go, they go in low profile, under the radar, (and) get to where they want” Zack said, explaining that hackers may take months to complete what are known as “low and slow” attacks against a server. Infiltrations are conducted like a military operation, Zack explained, with clear phases.

First an attacker will conduct a reconnaissance of a target creating “an intelligence picture of the entity they want to attack,” from which vulnerabilities and entry points into a network can be identified, Zack said. Next attackers will infiltrate the target. This can be done using fishing emails or by infecting an employee’s computer while they are outside of the protection of their work place, Zack said.

One favored method of intelligence services is to infiltrate state official’s networks via hotel Wi-Fi during diplomatic meetings, as an attacker can predict a target being in a specific location in advance. “It is easier to hack into an Iranian official’s computer whilst he’s in a European hotel than when he is in his office in Tehran, for example,” Zack said.

Once a virus is inside a network it then generally communicates back to its operators and begins to spread towards the specific location on the network that is desirable – “Usually the first point of infiltration is not where it wants to go – it wants to go to the financial system, to the data center, to the CEO’s computer.”

Cyber security experts have identified three or four groups which hackers generally tend to belong to. The first and least threatening is young computer enthusiasts who become involved in hacking for fun or out of a sense of curiosity; secondly there are politically motivated hacktivists including groups like Anonymous. Although these two groups are possibly the best known caricatures of hackers they are actually the ones governments and corporations are least worried about.

That privilege falls to organized criminal gangs– groups who try to steal, damage or ransom data for financial gain, and to state-run cyber espionage units. It is the criminal and security agency hackers that have the resources and the sophistication to conduct the APT attacks that states and corporations are concerned with.

Governments are aware of the threat and are reacting to it, a marketing manager for Israeli Aerospace Industries (IAI) who wished not to be named, told The Media Line. IAI, both Israel’s largest defense contractor and a subsidiary of the government, has branched out into the cyber security realm – a move increasingly common among leading arms manufacturers.

The IAI manager pointed to comments by Lieutenant General Gadi Eizenkot, Israel’s most senior officer, that a fourth branch of the military, cyber warfare, will be formed in the coming years.  This new organization will stand alongside the land, sea and air branches which have traditionally been the basis for militaries in the twentieth century, and will form a unified defense against cyber threats to Israel.

The fact that both Prime Minster Benjamin Netanyahu and Defense Minister Moshe Ya’alon spoke at this year’s International Cyber Conference at Tel Aviv University, indicated how seriously Israel – a country renowned for its high-tech capabilities – is taking cyber security.

Consolidation of resources into dedicated cyber units is increasingly the strategy governments are moving towards, Daniel Cohen, research fellow with The Institute for National Security Studies told The Media Line. A second approach is the recognition that cyber security is not simply a concern for the military and for critical infrastructure but for profit orientated companies too.

Both these ideas can be seen in the announcement by the Israeli government earlier in 2015 of the intention to create a cyber-bureau to protect civilian private interests, Cohen said. Such an organization would be designed to prevent aggressor states damaging the Israeli economy by disrupting private enterprises, Cohen explained.

A third manner in which governments are working to protect themselves is through the creation of human capital which once sufficiently trained would provide a stockpile of experts able to defend against cyber threats, Cohen said. Cyber defenders have an arsenal of tools with which to defend against hackers. Computer forensics can be used to try to identify a perpetrator and to reverse engineer an attack in order to formulate a defense for the future. Cyber intelligence units are also increasingly monitoring social media and hacker forums to identify trends in methods of infiltration and to predict when and where attacks will be made.

If today’s cyber threats have governments scrambling to restructure their security apparatus then tomorrow’s dangers are likely to be no less worrying. When asked to predict what will come next Cohen suggests that computer espionage will become increasingly powerful and prevalent. Even more alarming perhaps is Cohen’s assessment that in the near future terrorist groups, especially those being used as armed proxies by states, will gain the capability to use APTs and will make use of them to target governments and their citizens.

Israel, both the perpetrator and the victim of a number of infamous hacking attacks (if internet rumors can be believed), is placed at the forefront of the growing cyber warfare arena. With both one of the Middle East’s largest high-tech industries and most advanced militaries the Jewish state will wish to maintain its edge in this emerging field.

Israeli military networks breached by hackers

Hackers have managed to penetrate computer networks associated with the Israeli military in an espionage campaign that skillfully packages existing attack software with trick emails, according to security researchers at Blue Coat Systems Inc.

The four-month-old effort, most likely by Arabic-speaking programmers, shows how the Middle East continues to be a hotbed for cyber espionage and how widely the ability to carry off such attacks has spread, the researchers said.

Waylon Grange, a researcher with the Blue Coat who discovered the campaign, said the vast majority of the hackers' software was cobbled together from widely available tools, such as the remote-access Trojan called Poison Ivy.

The hackers were likely working on a budget and had no need to spend much on tailored code, Grange said, adding that most of their work appeared to have gone into so-called social engineering, or human trickery.

The hackers sent emails to various military addresses that purported to show breaking military news, or, in some cases, a clip featuring “Girls of the Israel Defense Forces.” Some of the emails included attachments that established “back doors” for future access by the hackers and modules that could download and run additional programs, according to Blue Coat.

Using standard obfuscation techniques, the software was able to avoid detection by most antivirus engines, Blue Coat said. At least some software lodged inside government computers, because Blue Coat detected it “beaconing,” or sending signals to the hackers that it was in place.

An Israei defense ministry spokeswoman referred questions to the military. Military officials said they were “not aware of hacking on IDF operational networks.”

Blue Coat provided Reuters with an advance look at its findings and intends to publish a paper later. The security firm, based in Sunnyvale, California, is set to be acquired by private equity firm Bain Capital LLC.

Citing confidentiality agreements with clients, Blue Coat declined to say exactly where the campaign worked, and Grange said he did not know if any vital data had been stolen.

Blue Coat surmised that the attackers spoke Arabic because some of the data recovered in the investigation showed that was the default language setting in one of the programming tools.

“Not all targeted attackers need advanced tools,” Blue Coat wrote in a draft paper. “As regional conflicts continue, cyber threats from groups of various skill levels will also accompany the conventional armed conflicts.”

Last month, Israeli security firm Check Point Software Technologies said it had found spying programs in 10 countries that probably originated with a governmental or political group in Lebanon that deployed them over three years.

In February, Kaspersky Lab researchers said they found what they considered the first “advanced” Arabic-speaking hacking group, which they dubbed Desert Falcons. Kaspersky said the group operated from Palestine, Egypt and Turkey and claimed about 3,000 victims in 50 countries, especially targeting military, government, media, and activist computers.

Tens of millions of hackers target Israel government Web sites

More than 44 million hacking attempts have been made on Israeli government web sites since Wednesday when Israel began its Gaza air strikes, the government said on Sunday.

Finance Minister Yuval Steinitz said just one hacking attempt was successful on a site he did not want to name, but it was up and running after 10 minutes of downtime.

Typically, there are a few hundred hacking attempts a day on Israeli sites, the ministry said.

Attempts on defence-related sites have been the highest, while 10 million attempts have been made on the site of Israel's president, 7 million on the Foreign Ministry and 3 million on the site of the prime minister.

Screenshot from which was hacked by Pakistani hackers.

A ministry spokesman said while the attacks have come from around the world, most have been from Israel and the Palestinian territories.

“The ministry's computer division will continue to block the millions of cyber attacks,” Steinitz said. “We are enjoying the fruits of our investment in recent years in developing computerised defence systems.”

Steinitz has instructed his ministry to operate in emergency mode to counter attempts to undermine government sites.

Both sides in the Gaza conflict, but particularly Israel, are embracing the social media as one of their tools of warfare. The Israeli Defense Force has established a presence on nearly every platform available while Palestinian militants are active on Twitter.

“The war is taking place on three fronts. The first is physical, the second is on the world of social networks and the third is cyber,” said Carmela Avner, Israel's chief information officer.

Last month, U.S. Defence Secretary Leon Panetta said cyberspace is the battlefield of the future, with attackers already going after banks and other financial systems. U.S. banks have been under sustained attack by suspected Iranian hackers thought to be responding to economic sanctions aimed at forcing Tehran to negotiate over its nuclear program.

Reporting by Steven Scheer; Editing by Stephen Powell

Hackers strike Israel again

An international group of pro-Palestinian hackers said they leaked the credit card details of thousands of Israelis in an escalation of cyber attacks on Israeli targets.

The group, called OpFreePalestine, claimed to have published online Thursday the details of 26,000 Israeli credit card holders.

Most of the list comes from a list posted in January by a Saudi hacker, Ynet reported. Many of the details are incorrect or partial, according to the report.

OpFreePalestine is part of Team Poison, which was founded two years ago with the goal of attacking Israeli and American targets online. It reportedly has hacked major websites, including high-tech companies and the computer systems of countries that have ties with Israel, according to Haaretz.

Pro-Palestinian and pro-Israeli hackers have been attacking each other on the Internet in recent weeks. Thousands of credit card details, mostly of Israelis, have been exposed, and the websites of Israeli targets such as the Tel Aviv Stock Exchange and two hospitals were shut down.

Hail to the geek

The real heroes of our age are pencil protector geeks. They sit at home, behind their keyboards, determining the rules of the game that you and I live by—and we trust them to do so. They love toys. They love games. They enjoy battle. They are at the forefront of the cyber war that is enveloping the world.

And then there are the wannabes.

Worms. Viruses. They made headline news and were front page stories. Now come the hackers, banks, stock exchanges, airlines, private facebook pages. Nothing is sacred and nothing is safe.

Most hackers are just an inconvenience. Some of the damage they do can be serious and they must be found and punished for their actions. But the average computer pranksters are called ‘script kiddies’ by serious hackers. The reason for the term is that they only follow the directions of hacking. They use tools found on line for free. They do not buy, build or create software to hack. They hate to pay for anything. They hack for the fun of it. They often hack for the irritation they give and the glory they get from their friends. They are hacker groupies.

So far, most of the hacking that disables servers—and frightens most people with a credit card—has been nothing more than a minor inconveniences. A self proclaimed Saudi hacker called OxOmar was said to have stolen 400,000 Israeli credit cards and identification numbers. In the end it was 20,000 and he actually only gathered them from existing sites that had collected the information from merchants who have very poor security. OxOmar did not hack the Israeli banks. And getting private information on people is equivalent to hacking kindergarden, not post graduate work.

Israel’s Tel Aviv Stock Exchange web site was hacked as well as Israel national air line ELAL. Once again, a very important distinction must be made. It is the web sites that were hit, not the data banks. Yes, they should have been better protected but web sites are full of content, not data—they are not the system work that houses the sensitive material. As one analyst described it, web sites are like a bulletin board with lots of post-its. Someone just came and took down your material and put up his own insulting and graphic messages. The really important and valuable material stayed in the safe.

Script kiddie hacking is a form of vandalism akin to graffiti. There’s no thievery and no other invasion like viruses and worms, occurs.

There are professional and highly paid hackers who have the backing of industry and governments. They are the IT geeks tasked with the responsibility of developing software to access vaults. The technology they develop cost millions of dollars to develop, if not more, and enemy hackers who use them are stealing much more than credit card identities.

They real job of these professionals is to make certain that the national electric grid is safe and that the communication networks are secure.

They work quietly and behind the scenes. They are not headline grabbers like OxOmar the Saudi hacker whose stated goal is to make Israel hurt. OxOmar says that he is a hacker and this is what he knows and how he can achieve his goal. He has joined forces with a group of pro-Palestinian hackers called Nightmare and they have begun their attack.

A day does not go by when an Israeli website is not assaulted. Now Israel’s allies have also been targeted and are becoming victims of these attacks. Azerbaijan has been attacked. The material posted by these hackers on the hacked Azerbaijanian websites emphasize that Azerbaijan has chosen to be friendly with Israel and the United States. Azerbaijan has responded by saying that some people are jealous of our success. And that is exactly correct.

It was the level of amateurism displayed by their enemies that so annoyed many Israeli hackers who, under normal circumstances, would have left things be and considered these hacking episodes as nothing more than children’s games. But Nightmare and OxOmar have announced that they are unstoppable and that they can and will wreak havoc on Israel making life miserable for the Israeli society unless Israel apologizes for a slew of historical events.

Israel has to hit the hackers back. And they will hit back. The Israelis, by virtue of the situation, will take it up a notch. Israeli professionals will have to search for these anti-Israel amateurs and destroy their ability to hack. They will dismantle their systems and they must unmask them. Anonymity is what hackers need more than anything else. And then Israel will prosecute them.

There is no doubt that warfare is changing. But there is still a need to defend and to intimidate. Countries like the United States and Israel must make it clear that it is not worth the price of breaking into their computer systems.

True hacking is a game for grown-ups. True hacking save lives and saves money, it doesn’t hurt unknowing and uninvolved individuals for the sake of saying ‘Look at me, see what I can do.’

Micah D. Halpern is a columnist and a social and political commentator. His latest book is “Thugs: How History’s Most Notorious Despots Transformed the World through Terror, Tyranny, and Mass Murder” (Thomas Nelson).

Hackers hit websites of Israeli hospitals

The websites of two Israeli medical centers as well as several other public Israeli websites, were hacked.

The websites for Tel Hashomer and Assuta medical centers, among the largest in central Israel, were down Wednesday morning.

The hospitals’ security systems held back the assaults and patient information was not compromised, according to the hospitals.

Following the attacks on the hospital websites, the websites for the Dan Public Transportation company, the Israel Festival, the Cinematheque and the Haaretz newspaper were simultaneouly attacked in the afternoon.

The Israel Festival website was changed to read “Free Palestine, death to Israel.” The other sites read “Jew = Nazi.” 

The attacks come after successful assaults by anti-Israel hackers on the websites of the Tel Aviv Stock Exchange and El Al, as well as the exposure of thousands of Israeli credit card holders’ information.

Israeli hackers bring down Arab Web sites

Israeli hackers said they brought down the Web sites of the Saudi Stock Exchange and the Abu Dhabi Securities Exchange.

The hackers, who call themselves IDF-Team, said in a post on the PasteBin Web site that the Jan. 17 attacks were in retaliation for the cyber attack the previous day on the Tel Aviv Stock Exchange and the El Al Web site, adding that “This is only the beginning.” The Israeli hackers also threatened to paralyze Web sites for up to a month if attacks on Israeli sites continue.

Saudi hackers used the PasteBin Web site last week to publish the credit card information of thousands of Israelis.

Also on Jan. 17, the pro-Israel hacker Hannibal published a list of e-mail addresses and Facebook passwords for some 30,000 users from Arab countries, Haaretz reported. He also claims to have information to allow access to 10 million Iranian and Saudi bank accounts.

Meanwhile, a different group of Israeli hackers posted the details of e-mail accounts belonging to dozens of Saudi medical students.

The Saudi hacker 0xOmar said he would continue to attack Israeli Web sites until Israeli officials ask for forgiveness from the people of Gaza for “genocide.”

Official Israeli websites back online after apparent cyber attack

Israeli government and military websites were back on-line a day after an apparent cyber attack.

The official Israeli websites, including government ministries, the Mossad and the military, crashed Sunday, two days after an international group of hackers known as Anonymous had threatened to attack Israeli government computers in response to the interception of Gaza-bound ships carrying a symbolic amount of medical aid. The threat was made in a video uploaded to YouTube.

Internal computer networks were not affected, security officials told Haaretz.

Israel’s e-Government, responsible for managing the state’s websites, told Haaretz Monday that the problem was caused by problems with an IBM component.

The Israel Defense Forces North American spokesman’s desk had told JTA that it was experiencing “server issues.”

Anonymous, which has brought down other country’s computer systems, threatened to launch repeated cyber attacks against Israeli computer systems until Israel ends its maritime blockade of the Gaza Strip.