Gaza Ceasefire Doesn't Hold Online: New Anonymous Hack
War of words and hacked websites continues, even as the Palestinian territories receive upgraded state status from the United Nations.
In the wake of the eight-day war between Hamas and Israel in the Gaza Strip -- halted last week after a mutually agreed ceasefire -- a majority of the United Nations General Assembly voted Thursday to elevate Palestine from a U.N. "entity" to a "non-member observer state." The vote passed despite strong opposition from the United States and Israel.
In the online realm, however, despite the ceasefire and U.N. vote, related skirmishes have continued without stop, with hacktivist supporters from both sides continuing to knock websites offline and release sensitive information.
Notably, Anonymous -- as part of its Operation Israel (OpIsrael) campaign -- announced Thursday that it had hacked the Debka news agency in Israel, and released login email names and passwords -- all in plain-text format -- for 91 of the site's users.
"We have managed to hack their systems and acquire highly sensitive information, including employees' and authors' personal information, labs details and of course their subscribers," according to the Anonymous statement, which was released via Pastebin. "For now, we [will] only release [a] portion of what we have got."
That data breach followed the online release, earlier this week, of the email addresses for 167 people who are allegedly connected to Israel's nuclear weapons program. The data was apparently stolen from the U.N.'s International Atomic Energy Agency (IAEA), which is currently investigating Iran's nuclear program. A never-before-seen hacking group, Parastoo -- which in Persian means "swallow," as in the bird, and is a popular female name in Iran -- claimed credit for the breach, which it said involved an IAEA server located in Vienna.
"You will be hearing game changing news from us frequently from now on," the group said via Pastebin, signing its message with a variation on the Anonymous hacktivist-collective's "We are Anonymous" tagline: "You are not anonymous. Expect us."
The IAEA has confirmed the data breach. Spokeswoman Gill Tudor told Reuters that the data was stolen from "an old server that was shut down some time ago," said that the agency "deeply regrets" the incident and noted that the vulnerability exploited by attackers has been mitigated.
"The IAEA's technical and security teams are continuing to analyze the situation and do everything possible to help ensure that no further information is vulnerable," she said.
The ceasefire between Israel and Hamas, signed in Cairo, took effect on November 21, thus putting an end to eight days of conflict, including Israeli airstrikes, that the U.N. estimates resulted in the death of 158 Palestinians -- including 103 civilians -- as well as 1,250 being injured. Meanwhile, four Israeli civilians, as well as two soldiers, were reportedly killed by Palestinian rocket fire, and 224 Israelis were injured.
In the wake of the ceasefire, however, supporters from both sides intensified their distributed denial of service (DDoS) attacks against each other. Matthew Prince, CEO of CloudFlare, which helps businesses defend against DDoS attacks, told Wired that while the identity of the attackers remains a mystery, his company has recently signed up as customers 10 "fairly high-profile" websites from both sides of the conflict that were hit with DDoS attacks. He said the pace of DDoS attacks noticeably increased in the hours after the ceasefire was signed.
Security Job #1 For FedsThe 2014 InformationWeek Government IT Priorities Survey shows federal IT pros care about security - itís rated as very important by 69% of respondents, 30 percentage points ahead of the No. 2 priority, disaster recovery. Will the upcoming NIST cyber-security framework help manage risk?
Join us for a roundup of the top stories on InformationWeek.com for the week of December 7, 2014. Be here for the show and for the incredible Friday Afternoon Conversation that runs beside the program!