Information Security News mailing list archives
Hackers Worldwide Fan Flames In Middle East Conflict
From: William Knowles <wk () C4I ORG>
Date: Sat, 25 Nov 2000 22:01:05 -0600
http://www.computeruser.com/news/00/11/25/news1.html By Brian Krebs November 25, 2000 As tensions in the Middle East continue to simmer, more than a hundred Web sites have been defaced or shut down by pro-Palestinian and pro-Israeli hackers, often with the assistance of activist hackers from several countries not actively involved in the conflict, according to security experts. Ben Venzke, director of intelligence production at iDefense, a Web security firm that has been monitoring the Middle East conflict as it plays out online, said hackers from as far away as South America to the U.S. are expanding the conflict by contributing their skills to whichever side has their sympathies. "We're starting to see groups that have no connection or relationship to anything going on in the region jumping into the fray because they think it's a neat thing, want to be a part of it," Venzke said. Venzke said his company's research found that Pakistani hacker groups sympathetic to the Palestinians began attacking Israeli domains earlier this month. In response, pro-Israeli hacker groups have turned their attention to a number of Iranian government Web sites. Brazilian hackers, eager to put each sides in its place, he said, have attacked both Palestinian and Israeli sites. IDefense said roughly 90 pro-Israeli - and 20 pro-Palestinian Web sites - have been defaced or disabled since the conflict escalated online approximately eight weeks ago. In an as-yet unreleased report, iDefense references at least 12 different types of attack tools in active distribution by both sides. The most common weapons used were variations on denial-of-service and "ping-flood" type tools with nefarious names like "EvilPing," "Winsmurf," and "QuickFire." EvilPing - a variation of a tool known as the "Ping of Death" - sends a single 64K packet that can completely crash most machines, Venzke said. Once one side distributes an attack tool, that same tool is then reconfigured and used against the attacker's Web sites, Venzke said. In a report published earlier this month, iDefense said pro-Palestinian hackers had announced an "e-jihad"- or electronic holy war - against Israeli government sites and those companies that make up the nation's telecommunications infrastructure. Among the sites hit at the outset of the conflict online were the Israeli Prime Minister's Office and the Bank of Israel and the Tel Aviv Stock Exchange. Palestinian targets of Israeli hacker counterattack included government sites and those connected to Palestinian nationalist organizations such as Hamas and Hizbollah. In a recent alert posted by the National Infrastructure Protection Center (NIPC, http://www.nipc.gov) - the FBI's cyber crime division - the agency warned it had discovered numerous Web sites advocating cyber-warfare against both Israeli and pro-Palestinian Web sites, and warned that the ensuing activity could spill over into U.S.-based sites. Venzke said pro-Israeli hackers have branched out to attacking not directly involved in the conflict but thought to be sympathetic to the Palestinian cause, in part because of the sheer lack of vital Palestinian pressure points. Among the casualties of pro-Israeli hacker attacks have been the Iranian Ministry for Foreign Affairs and Iran's Ministry of Agriculture. On the Palestinian side, Venzke said, the attacks are becoming more methodical. "There appears to be a coordinated campaign on the pro-Palestinian side to identify vulnerable Israeli sites and gain root access," he said. "It looks like they're systematically going down the list of sites with a '.il' suffix and testing each one." IDefense estimates that 20 groups and roughly 30 core individuals from both sides are behind the attacks. The true number of participants involved over time, however, is probably much larger. "In terms of the numbers of actual participants, it's a substantially larger number," Venzke said. "They run the gamut from traditional terrorist groups to pure hacker outfits." Venzke said U.S. businesses and government sites can expect to bear the brunt of online terrorist strikes should the US ever become the focal point of attention as it was during the Gulf War and following retaliatory strikes against suspected terrorist outfits in Sudan and Afghanistan. "Rest assured that the next time we become involved in that manner, these are the kinds of things that in a relatively short period of time are going to be launched against U.S. sites," he said. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Hackers Worldwide Fan Flames In Middle East Conflict William Knowles (Nov 27)