Mideast cyber spat ups the hacktivist ante

By | January 16, 2012

Posted in: Network Security Trends

We have to assume that the kinds of cyber attacks taking place in the Mideast, most recently attacks against Tel Aviv Stock Exchange, Israeli national airline El Al, and several Israeli bank website, augur more and more ideological cyber warfare.

I don’t believe that this means we’ll see a wave of government-on-government attacks and counterattacks in the form of sabotage or significant disruption of government services and critical infrastructure. We expect, might even insist that our government engage in cyber espionage and counter-espionage, digital spy-versus-spy stuff.  And the kind of industrial/commercial espionage executed by China in the modern manifestation of its Great Leap Forward.

While many governments clearly have the means and, perhaps, in some cases,  the motives to execute these kinds of attacks, they shy away from this level of escalation for much the same reasons they don’t launch physical attacks. The victim is going to hit back. Hard. The U.S. has made it clear that a major cyber attack on critical interests could be met with a military response (you hit me with an attack on the electrical grid, I hit you with a bomb).

The stock exchange attack was clearly distributed denial of service (DDoS), the El Al and bank attacks mostly likely the same. They were the latest in an escalating series of attacks by purported pro-Palestinian hackers and counter-attacks by Israeli hackers. It all started last month when a Saudi-based hacker, oxOmar, posted thousands of credit card records belonging to Israelis online, and an Israeli hacker dubbed Hannibal responded by publishing personal information about thousands of Arab Facebook users. A Hamas spokesman supported the attacks: “The penetration of Israeli websites opens a new front for electronic resistance and war against the Israeli occupation.”

Ideological hacking, or hacktivism, is growing more prevalent and somewhat more menacing. There is no reason to believe we won’t see more of it. The attacks have effect, and the attackers have little if any reason to fear consequences, especially if they are outside the jurisdiction of the victim country.  DDoS attacks, in particular, threaten to be particular disruptive, and hacktivism is a wild card that makes it increasingly unpredictable (how do you know when you’ve ticked someone off enough to DoS your company?) and somewhat scary.


You May Also Be Interested In: