The Israeli Cyber Space is under attack by Anonymous hackers in retaliation for the Israeli operation “Pillar of Defence“. The military operation began on Wednesday with the killing of Ahmed Al-Jaabari, the commander of the military wing of Hamas, whose car has been hit by an Israeli Missile
If Hamas’s armed wing, immediately after the attack, replied that “The occupation has opened the gates of hell”, the ongoing wave of cyber-attacks against Israeli sites initiated by the Anonymous collective (under the so-called OpIsrael), has analogously opened the gates of hell in the cyber-space.
So far the Anonymous claim that more than 660 websites have been defaced and nearly 90 completely deleted (including the Bank Of Jerusalem), and the list keeps on growing as the cyber-offensive continues (just follow the #OpIsrael hashtag on Twitter). Israel is suffering a growing number of DDoS and SQLi attacks against governmental, retail, and business targets resulting in sites down, data dump and, in the worst cases, databases completely erased. Interestingly, this wave of cyber-attacks has also deserved the attention of the “semi-official” Iranian news agency Fars News, which has dedicated an article to the Anonymous Hacks.
In the past four days, Israel claims to have deflected 44 million cyber-attacks.
Definitely the cyber-space is the fifth domain of war and this sad circumstance is confirming this assertion, not so much for the cyber-attacks (Anonymous cannot be considered an army), but mostly for other aspects typical of real wars that has been applied to the cyber-space.
In response to the Israeli threat to cut Internet off from Gaza, the Anonymous have put together the Anonymous Gaza Care Package a kind of first-aid kit containing instructions in Arabic and English to survive an Internet teardown and to evade IDF surveillance.
On the opposite side, the Israeli Defence Force has released a tool on its blog, called IDF Ranks, that rewards with badges frequent visitors who interact with the site. The scope, according to IDF, is “to help fight the misinformation about Israel and the IDF online”. A clear attempt to use the cyber-space for propaganda.
The attack model based on botnet-generated Distributed Denials of Service is opportunistic. The botmaster selects a target, gathers as many resources as possible among his army of zombie machines, and when he realizes to have achieved enough firepower, simply selects a target and pushes the attack button. After this the target is inevitably flooded by packets generated by the bots, while the unaware owners of the zombie machines perform their normal work or fun activities with their infected computers.
In theory there is only a weak point in this opportunistic model and it consists on the fact that the botmaster controls the compromised machines but cannot control their availability. Simply said, if a user has not switched on his computer while the botmaster needs that machine to execute a DDoS attack, the machine is not available, and there is not so much to do.
Of course this is essentially a theoretical weak point since, quoting a famous phrase, we could say that on botnet empire the sun never sets: indeed botnets are so huge and widespread to be in practice always available (they span different continents and different time zones) and constantly grant enough firepower.
But what happens if some global events or some global festivities make a larger number of computers to be turned off? Quite simple apparently! The firepower of the botnet is hugely affected and the number of DDoS attack drops. This is one of the paradoxical conclusions that can be derived from a paper presented few days ago at the Virus Bulletin 2012 International Conference by Cloudflare (probably the main CDN company in the world), about which an interesting post by Naked Security has provided additional details.
Apparently the number of IP addresses used to execute Layer 7 DDoS attacks in 2012 showed the minimum values just in those days of events or vacations which kept the users away from their Personal Computers. The minimum values occurred in days such as Mardi Gras, Earth Day (the 22nd of April when one billion people around the world chose to keep their computers turned off to reduce energy consumption), the Memorial Day weekend on the 29th May and 28th June, just before US Independence Day celebrations.
Quoting the Naked Security article, the conclusion is quite amusing: if everyone turned off their computers each night, it might not just be good for the environment because of the lower levels of energy being consumed… it could also mean a reduction in botnet attacks.