2012 has witnessed new levels of cyber-warfare, with groups and governments using covert virtual operations to dent the campaigns of their foes. Even without the context of on-the-ground conflict, political tension has given birth to viruses like Flame, Mahdi and Shamoon, which have ravaged the IT infrastructure of organisations across the world. So when actual gunfire broke out between Israel and Gaza this month, it is little surprise the cyber-wars went into overdrive.
As always, conflict is at its most desperate and tragic on the ground, but the increasingly sophisticated battles taking place in the cyber-sphere are unmistakably growing in importance. Israel’s air strikes on the Gaza Strip have spawned a tidal wave of online attacks against its major organisations, putting crucial operations like governance, policing and military co-ordination under threat.
With ‘Operation Pillar of Defense’ at its peak, Israel’s chief information officer Carmela Avner highlighted the significance of the conflict’s virtual dimension. “The war is being fought on three fronts. The first is physical, the second is the world of social networks and the third is cyber-attacks,” she said, adding that “defending the governmental computer systems is of invaluable importance."
The country’s finance minister Yuval Steinitz concurred, describing the cyber-wars as a “secondary arena” figuring “beyond the main military battlefield,” according to Bloomberg. Incredibly, the minister claimed his nation had already faced over 44 million attempts to take down its state websites by 18 November. “Israel has been under unprecedented cyber-attack,” he said.
The staggering figures have been driven by the hacking community’s widespread support for the Palestinian cause, which Hamas has sought to capitalise on. Party spokesman Fawzi Barhoum told Bloomberg that cyber-war is one way Gazans can defend themselves, with fellow representative Islam Shahwan adding, "From the very beginning, we called on Palestinian software technicians in Gaza and all over the world to use technology to undermine Israeli websites and pages."
Hacking collective Anonymous was always likely to wage an assault on Israel regardless of such encouragement, and the group has indeed been instrumental in the offensive. While Israeli officials have consistently downplayed the impact of the attacks on state web pages, Anonymous has laid claim to a number of cyber-scalps, including the site of the Israel Defense Forces (IDF), which was allegedly taken down by the group last week.
ITProPortal got in touch with Israeli security firm Seculert – among the first groups to discover the aforementioned Mahdi and Shamoon viruses – to see what they had noticed on the cyber-battle ground over recent weeks. Company CTO Aviv Raff reported “an increase in both mass attacks, as well as the more targeted ones” in Israel since the conflict broke out, indicating the wide range of hackers that have taken up the fight. While ‘hacktivists’ of all skill-levels can bombard multiple sites with traffic-flooding DDoS attacks, more experienced operators have clearly homed in on specific, more audacious targets like the IDF.
Addressing the Gaza conflict’s huge provocation of the cyber-community, Raff pointed to a frequent “correlation between such events.” But there is a method behind the madness. Cyber-war is now far more sophisticated than merely crashing sites, and Raff explained how “attackers [have] used recent political events to social-engineer victims as part of spear-phishing attacks.” These virtual raids typically involve spoof emails being sent to members of an organisation in a bid to gain access to sensitive data, and Seculert itself has been hauled in to deal with such an incident.
“We have been reached by an Israeli political candidate to assist with a targeted attack,” Raff said. “We found that the attackers, which most probably originate from the Gaza strip, hacked an IDF spokesperson officer's email account, and used it to send a Remote Access Trojan to several of his contacts. One of them was this political candidate.” With hackers able to breach such high-level networks, it is little wonder Israeli officials have been so acutely concerned about the cyber-war that is being played out alongside matters on the ground.
But while a ceasefire over Gaza is mercifully holding, it seems the virtual battles will endure. Reports yesterday cited warnings from a Gartner analyst who said Israeli organisations would not be dropping their guard, and that “it may take an all out offensive to take down the cyber-attackers,” who can still “create enough noise to be at best troublesome and at worst dangerous.” Indeed, Seculert’s research into the Trojan incident showed the perpetrators had already been involved in attacks on major Israeli organisations before the air strikes on Gaza were launched.
“Further analysis revealed that this is the same group who launched the attack which caused the Israeli Police to shutdown their entire network,” Raff revealed, referring to a malicious file that caused havoc in the country in October. Police officers were prevented from using the Internet for days and a security expert at the time suggested the virus had spread to other government departments.
As far as many in the region were concerned, the cyber-war was very much on before the latest Gaza operation, and in all likelihood, it will now continue. More than ever, this year has shown that taking up political disputes across international borders no longer requires planes, tanks and missiles. In a world where any man or woman behind a keyboard can become a soldier, the war over Palestine will no doubt rumble on long after the guns have been silenced.
Top image: Flickr: JacobDavis