Another week of Cyber War in the Middle East…
Another week in which pro Israeli hackers seem to have disappeared, and hence have apparently left the scene to Pro Palestine hackers, although not so many high-profile actions have been reported in this period. The only exception to this schema is represented by Mauritania Hacker Team who dumped 4000 login accounts from Microsoft Israel Dynamics CRM Online website. This action is particularly significant… Not because it targeted a Cloud service, and not even because it targeted a Microsoft Cloud Service, but most of all because on the wake of the multiple dumps performed by Pro Arab hackers against Israel (among which the dump to the Microsoft Cloud Service was only the latest), the Israel’s Justice Ministry has releases guidelines forbidding unnecessary collection of personal national identification numbers. This is the first time in which the aftermath of a Cyber War has direct implications on everyday life.
From this point of view the wars fought on the cyber domain are completely different from the wars fought on the real world… In the cyber battlefield the civilians are the primary targets (since they have their personal data dumped) and not collateral victims…
This last week has seen some remarkable events an undoubtable revamp of data leaks inside the Middle East Cyberwar.
Not only the infamous 0xOmar, the initiator of the Middle East Cyber War, reappeared, leaking alleged secret data from some Israeli Virtual Israeli Air Force School websites; but also the Pakistani zCompany Hacking Crew has re-entered the scene unchaining the original weapon, that is the Credit Card leak. As a matter of fact ZHC published 5,166 records containing working credit cards, usernames, emails and addresses of individual supporters of the Zionist Organisation of UK & Ireland (zionist.org.uk).
On a different front, the massive defacements of websites all over the world in support of #OpFreePalestine continued. Under the label of the same operation, the Anonymous also “doxed” several companies and individuals on pastebin.
As far as the two main contenders (Iran and Israel) are concerned, the strategies seem quite different.
Iran has shown a cyber activity culminated in the alleged attack against the BBC Persian Service. For this nation, it is also important to notice its “cyber autarky”, maybe a choice forced by the embargo, that led to the creation of an internal email service, in contrast to the traditional Gmail, Yahoo, etc. This happens few weeks after the decision to develop an internal Antivirus.
On the opposite front, Israel keeps on its apparent cyber silence. Is it the prelude for the feared military action against Iran?
After latest F-35 hack, Lockheed Martin, BAE Systems, Elbit under multiple cyber attacks….right now.
Cross Posted from TheAviationist.
I have just published a timeline covering the main Cyber Attacks targeting Military Industry and Aviation, but it looks like the latest events will force me to post an update, soon.
Although perpetrated with very different timelines, origins and motivations behind them, the last three days have seen a new wave of attacks against military industry that has unexpectedly become the point of intersection between cybercrime and cyberwar.
The first clamorous attack was disclosed a couple of days ago, when the Sunday Times revealed that alleged Chinese Hackers were able to penetrate into computers belonging to BAE Systems, Britain’s biggest defence company, and to steal details about the design, performance and electronic systems of the West’s latest fighter jet, the costly F-35 Joint Strike Fighter. The hacking attack has raised concerns that the fighter jet’s advanced radar capabilities could have been compromised and comes few weeks after papers about the future British-French drone were stolen in Paris.
Apparently, once again, an APT-based attack, or maybe one of its precursors, since it was first uncovered nearly three years ago. In any case, according to the sources and the little information available, it lasted continuously for 18 months, exploiting vulnerabilities in BAE’s computer defences to steal vast amounts of data. A fingerprint analogous to other similar cyber operations, allegedly generated from China such as Operation Aurora or the controversial operation Shady RAT.
Details of the attack have been a secret within Britain’s intelligence community until they were disclosed by a senior BAE executive during a private dinner in London for cyber security experts late last year.
Curiously the F-35 seems to be a very attracting prey for hackers as it was already the victim of a Cyber Attack in 2009; once again the latest attack is believed to be originated from China, who is showing a restless cyber activity.
Although completely different for impact and motivations, a second attack has just been announced by the infamous hacking collective Anonymous, which, in name of the #OpFreePalestine operation, has published the contact details for senior staff at BAE (hit once again), Lockheed, Gulfstream Aerospace, a division of General Dynamics, and the United States Division Of Israeli Owned Arms Company Elbit Systems. An attempt to embarrass military industry considered involved in the events happening in Palestine.
Although the data dumps apparently contain little valuable information (according to V3.co.uk many of the telephone numbers listed are for company headquarters, while several of the names appear to be out of date), the latest attacks represent a quantum leap in the Middle East Cyber War, after the “reign of terror” threatened by Anonymous against Israel.
The F-35 JSF is not only the most advanced stealthy fighter plane of the next future. It is also the most expensive. That’s why some partners have been compelled to downsize their initial requirements because of cuts imposed by the increasing unit price (with the new contract the total unit cost for an LRIP 5 jet is 205.3 million USD!!).
Apparently these cuts are interesting even the IT Security budgets of the manufacturers.
If you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow the author of this article @pausparrows on Twitter for the latest updates.
Updated on March 11 to include the latest cyber attacks to Israeli Websites by @CabinCr3w and Anonymous Crkvina
As reported on the last update, it looks like the Cyberwar between Israel and the Middle East (most of all Iran) has come to an apparent truce, at least from the Israeli Site. A trend confirmed also in this last period in which Israel did not perform any Cyber action, but suffered several sparse attacks (mostly defacements) and a new DDoS against AIPAC (American Israel Public Affairs Committee) with a new threatening message from the Anonymous. In the same time, many other countries all over the world suffered cyber attacks in name of the so-called #OpFreePalestine. These attacks were mainly carried on by a crew called Pak Cyber Pyrates who also defaced the isreaeldefenceforces.com webiste.
Is the static position of Israel a possible prelude for an Israeli Military Action against Iran in the real space? According to a panel of experts the chance that the United States or Israel will strike Iran in the next year is 48 percent.
But Israel and Iran are not the only unstable zones in the Middle East Cyber Space: a new cyber war front is raising in Lebanon, which has become the target of several cyber-attacks, carried on by hacktivist hacking groups stressing the need of more democracy, rather than by foreign countries.A front joined by the Anonymous who declared the start of #OpLebanon.
Last but not least, although not reported on the chart, I also found a Lebanese Cyber Army that hacked several Facebook accounts belonging to Israeli people.
The more I look inside the Middle East Cyber War between Israel and the Arab Hackers, the more I realize that it follows exactly the same shape than the real conflict.
In particular this last week has seen a strong reduction of the cyber events between the involved parties, although it is not clear if this was due to stronger cyber defenses enforced, or it was rather a kind of “calm before the storm”.
Among the reported events I considered particularly meaningful the attack of InLightPress, a Palestinian news website, of whom I did not find any other report except the one quoted in the Infographic which comes from a Pro-Israeli Website (this is the reason why this event must be considered with the necessary caution). Maybe it is not directly related to the Middle East Cyber War, anyway it looks like this attack was not originated by Israeli hackers, but had rather been “commissioned” by the Palestinian Authority. In the real world political parties or movement have different wings (typically hawks and doves), it looks like this is true for the cyber world as well. On the other hand, some believe that also the attack carried on last week against the Israeli newspaper Haaretz, considered close to Pro-Palestinian movements, has an internal origin, that maybe explains the subsequent excuses by the alleged authors of the attack (BTW at the above link there is an interesting list of the hack published in pastebin by the Israeli Hackers).
Do you believe the descending trend of the cyber events will be confirmed in the next period, or it is rather a temporary cyber truce before the digital storm?