The Middle East’s New Cyber War
By Yaakov Lappin
JINSA Visiting Fellow
A virtual conflict is developing in the Middle East, involving high speed internet connections and keyboards rather than missiles and tanks.
It has been a victimless affair so far, though it carries the potential for more serious harm in the future, and serves as a wakeup call for the Israeli private sector to beef up its online defenses.
By Yaakov Lappin
JINSA Visiting Fellow
A virtual conflict is developing in the Middle East, involving high speed internet connections and keyboards rather than missiles and tanks.
It has been a victimless affair so far, though it carries the potential for more serious harm in the future, and serves as a wakeup call for the Israeli private sector to beef up its online defenses.
At the start of January, an Arab hacker claiming to be from Saudi Arabia broke into an Israeli coupon website and stole tens of thousands of credit card numbers.
The hacker, calling himself 0xOmar, announced his hostility to Israel, and proceeded to publicize the credit card details, encouraging others to begin using the numbers to make online purchases.
Israeli credit card companies and the Bank of Israel mounted a speedy defense, cancelling all affected accounts and issuing new cards overnight. But 0xOmar succeeded in firing the first shot in an escalating internet feud with Israeli hackers.
Not long afterwards, a group of Israeli hackers fired back, releasing hundreds of hacked Saudi credit card numbers on the internet.
In an interview with me, 0xOmar scoffed at the retaliation, and called on other Arab hackers to join his campaign to attack Israeli internet sites. “I want to harm Israel in any way,” he wrote to me in an email, claiming that Israel was guilty of “genocide” against Palestinians.
Hamas in Gaza jumped on the bandwagon, describing 0xOmar’s actions as a “new kind of resistance,” and called on others to take part in the internet war.
0xOmar’s recruitment call was soon answered by other Arab hackers, who shut down the Tel Aviv Stock Exchange website as well as the official site of Israel’s national air carrier El Al.
Within a day, Israeli hackers grouped together once more, and replied by shutting down the websites of the Saudi Arabian Monetary Agency and the Abu Dhabi Stock Exchange.
The Israeli hackers told me they were planning far more painful strikes on sensitive Arab financial and other high profile websites, adding that they could keep critical sites offline for “weeks and even months.” They were waiting to see if Israel came under further online attacks before escalating their response, the hackers said, citing the need to create deterrence.
The tit-for-tat continued soon afterwards, when Gaza-based hackers penetrated the server of the Israeli government’s Anti-Drug Authority, and redirected visitors to a site filled with jihadi rhetoric.
Visitors who had intended to visit the Anti-Drug Authority found themselves looking at a page depicting a Palestinian gunman crouching near the Dome of the Rock in Jerusalem, while hearing militaristic jihadi chants.
Israeli hackers responded by taking the websites of the Gaza-based Arab Bank of Palestine and the UAE’s Central Bank offline.
To gauge how serious these attacks are, one must examine both the target selection and the type of attack.
Most of the affected websites in Israel supply relatively important information to the public, but their temporary removal from the internet did not affect the country’s daily routine. In the case of the credit card hack, members of the public were unaffected thanks to the swift response by the credit card companies.
Two types of web attacks have so far been used against Israeli sites. The first, distributed denial of service (DDOS), involves flooding servers with false requests for information, thereby making them unavailable to other web users. This can be achieved by planting “bots” in the computers of unsuspecting third-party users. Large numbers of ‘hijacked’ computers can then send information requests to the targeted site, making it unavailable. This type of attack is a nuisance, but does not compromise servers.
A second form of web assault seen this month involves breaking into servers. This is a far more serious type of incident and involves more advanced hacking skills.
These developments all underline the need for Israel’s private sector and some government portals to beef up internet security. Israeli government websites were subjected to 5 million attempted online attacks in 2011, and the number is expected to grow.
This month, Israel’s National Cyber Defense Authority (NCDA) became operational.
At the request of Prime Minister Binyamin Netanyahu, the NCDA was founded in 2011 by cyber security expert Professor Yitzhak Ben Israel.
Headed by Dr. Avitar Matanya, the NCDA is tasked with overseeing the protection of vital online and computerized assets, such as electricity, water, communications, government portals, and transport.
Critical assets were already being protected by Government Infrastructure for the Internet Era (known as Tehila in Hebrew), the Shin Ben (Israel Security Agency), and the IDF’s signals intelligence group Unit 8200, but the NCDA was envisaged as an overall body responsible for internet security.
Yet budgetary disputes and disagreements over the extent of the NCDA’s role have kept it from fully taking off, according to a recent report in The Marker..
Additionally, most of the private sector remains vulnerable and its internet security is unregulated.
The recent attacks have, ironically, assisted Israel, as they have prompted the NCDA to take banks and cell phone companies under its protective wing.
The race to protect national infrastructure is playing out across Western countries. In the United States, the USA PATRIOT Act noted that the sectors of telecommunications, energy, financial services, water, and transportation have cyber components that require protection.
Now would be the ideal time for Israel to optimize internet defenses. For while young tech-savvy hackers in the Muslim world can cause some disruption through internet attacks, a state-sponsored assault backed by a regime such as Iran would represent a more significant threat to Israel’s national security.
Yaakov Lappin, JINSA Visiting Fellow, is a journalist for the Jerusalem Post, where he covers police and national security affairs. For more information on the JINSA Visiting Fellows program, click here.