Connect to share and comment
Israeli security experts say recent hacks are nothing compared to what is possible.
JERUSALEM — Israel’s news cycle has been dominated for the past two weeks by increasingly panicky reports of an escalating cyber war between it and the Arab world.
The successive tit-for-tat squabble started about two weeks ago, when a hacker claiming to be a Saudi citizen and calling himself oxOmar posted personal information connected to about 20,000 Israeli credit card users, causing a nationwide tizzy.
An Israeli hacker gamely identifying himself as oxOmer responded, posting about 2,000 internet passwords belonging to Saudi users, but no personal credit card details. Then, after a warning sent to the Israeli news website Ynet by a previously unknown pro-Palestinian group calling itself “nightmare,” the websites of Israel’s national airline, ElAl, and the Tel Aviv Stock Exchange were marred and briefly shut down.
The next day, Riyadh and Abu Dhabi’s stock exchanges were temporarily crippled by similar assaults. Several Israeli banks blocked access to their sites from all foreign computers.
More from GlobalPost: Does Stuxnet herald the age of cyber warfare?
Not everyone found the Israeli brinksmanship amusing. Israel’s minister for intelligence, Dan Meridor, condemned the Israeli hackers.
"Individual initiatives by Israeli hackers to attack Saudi hackers, or hackers from anywhere else for that matter, are ineffective and shouldn’t be done in Israel’s name," he said in an interview with Israel radio. “And there is no evidence that these hackers are even Saudi.”
Yitzchak Ben Israel, a military expert recently appointed to head the government’s new cyber security task force, sounded exasperated when answering a giddy journalist’s question on the same radio station. About the possibility that any of the rebel Israeli counter-hackers may have links to the government, he said, “These are not even youths. Some of them are actual high school students.”
For all the media hullabaloo, Israeli specialists in the field of cyber security reject the term “cyber war” altogether when it comes to the recent high jinx.
“This is not serious stuff,” said Erez Petrank, a professor of computer science and expect on encryption at Technion, the Israel Institute of Technology. “These hackers are being presented as geniuses. Most of them are simply very patient. They download a number of tools which they don’t even build themselves, and attack and attack sites until they find one that isn’t secure.”
“It is just a group of people with time on their hands. Retirees. High schoolers without enough homework. Anyone can download hacking tools that work automatically,” he added.
More from GlobalPost: Has the internet become an interest group?
Petrank, in fact, is sanguine about the attacks that have taken place.
“Honestly, these companies should all be thankful for what happened,” he said. “This guy posted credit card numbers? We should be grateful! It would have been less surprising if he had simply used those credit cards or taken advantage of them to get money. He posted them and immediately the companies cancelled them all.”
The effect was mostly psychological, Petrank pointed out, and ultimately, the attacks helped companies better understand their security weaknesses.
“Excellent! They discovered breaches in their security and didn’t even have to pay for the service. Companies usually have to pay hackers to break into their sites. This guy gave them a free service.”
A real problem, Petrank said, would have involved a Day Zero scenario in which hackers succeeded in accessing the internal operating system of any of these companies.
“Putting an Arabic sentence on El Al’s website is like playing with a store’s display window. It’s nothing. Real hackers do their business and leave no traces, and they do not run around boasting to news sites,” he said.
More from GlobalPost: How to game a virtual economy and make money playing video games
A number of other sophisticated, successful hacks are known to have taken place. In 2009, Google was the victim of a serious breach it (and the US government) blamed on China. To this day, the extent of the damage and the magnitude of the theft of information remains unknown. More recently. RSA, a major security company, was the victim of a serious hack that exposed hundreds of companies, including Lockheed Martin. Again, the extent of the damage wrought is not known.
The Stuxnet virus, which attacked Iranian nuclear installations and paralyzed centrifuges is still considered the most impressive instance of successful computer hacking, though it is not an example of cyber terror. Petrank estimated the virus cost at least $400,000 to construct. Stuxnet may well still be alive. In a talk in Sydney, Australia four months ago, Israeli cyber security expert Tomer Teller told a Check Point conference that he had analyzed the Stuxnet’s code and said it could be used to modify the course of a nuclear warhead.
“Nuclear warheads are controlled by computers so if someone managed to slip a worm inside a facility that will reach the warhead component, they could launch it and aim it back at the country’s facility,” he said at the time.
“Stuxnet is the first cyber weapon that could cause major disruption."
What makes Petrank’s blood run cold? “Someone getting into an airline’s internal operating system and directing planes to crash.”
In Israel, it turns out, more than a few people are contemplating possible Day Zero possibilities.
Gabriel Weimann, a professor of Haifa University and the author, among numerous titles, of “Terror on the Internet,” pooh-poohs the most recent hacks. “My students could do this type of website defacing or denying customer access, in, at most, two hours,” he laughed.
But, like Petrank, the airline scenario keeps him awake at night. Among other things, he says, “Al Qaeda are looking for more spectacular ways to wage war. They are looking for something more dramatic than 9/11, and that can either be the acquisition of weapons of mass destruction or cyber terrorism — real cyber terror.”
“Events like these of the past few weeks can pique their interest in true cyber warfare,” he warned.
The danger, Weimann said, is of “an actual terrorist attack perpetuated by computers. Real cyber terror involves hitting control systems of airports or other infrastructure, nuclear facilities, transportation systems, hospitals, everything that is controlled by computers. The damage and the risk are huge.”
“This could involve the killing of thousands of people. Imagine someone breaking into Logan airport’s systems, and instead of hijacking planes, now they are programed to collide into one another or crash.”
For now, the real thing remains a nightmare scenario. And hobbyist hackers using names like “nightmare” may have, in fact, intentionally or not, contributed to one of the first open instances of Saudi-Israeli dialogue.