Government // Cybersecurity
News
11/30/2012
09:58 AM
Connect Directly
RSS
E-Mail
50%
50%

Gaza Ceasefire Doesn't Hold Online: New Anonymous Hack

War of words and hacked websites continues, even as the Palestinian territories receive upgraded state status from the United Nations.

In the wake of the eight-day war between Hamas and Israel in the Gaza Strip -- halted last week after a mutually agreed ceasefire -- a majority of the United Nations General Assembly voted Thursday to elevate Palestine from a U.N. "entity" to a "non-member observer state." The vote passed despite strong opposition from the United States and Israel.

In the online realm, however, despite the ceasefire and U.N. vote, related skirmishes have continued without stop, with hacktivist supporters from both sides continuing to knock websites offline and release sensitive information.

Notably, Anonymous -- as part of its Operation Israel (OpIsrael) campaign -- announced Thursday that it had hacked the Debka news agency in Israel, and released login email names and passwords -- all in plain-text format -- for 91 of the site's users.

"We have managed to hack their systems and acquire highly sensitive information, including employees' and authors' personal information, labs details and of course their subscribers," according to the Anonymous statement, which was released via Pastebin. "For now, we [will] only release [a] portion of what we have got."

That data breach followed the online release, earlier this week, of the email addresses for 167 people who are allegedly connected to Israel's nuclear weapons program. The data was apparently stolen from the U.N.'s International Atomic Energy Agency (IAEA), which is currently investigating Iran's nuclear program. A never-before-seen hacking group, Parastoo -- which in Persian means "swallow," as in the bird, and is a popular female name in Iran -- claimed credit for the breach, which it said involved an IAEA server located in Vienna.

[ Izz ad-Din al-Qassam Cyber Fighters resurface. See U.S. Bank Attackers Dispute Iran Ties. ]

"You will be hearing game changing news from us frequently from now on," the group said via Pastebin, signing its message with a variation on the Anonymous hacktivist-collective's "We are Anonymous" tagline: "You are not anonymous. Expect us."

The IAEA has confirmed the data breach. Spokeswoman Gill Tudor told Reuters that the data was stolen from "an old server that was shut down some time ago," said that the agency "deeply regrets" the incident and noted that the vulnerability exploited by attackers has been mitigated.

"The IAEA's technical and security teams are continuing to analyze the situation and do everything possible to help ensure that no further information is vulnerable," she said.

The ceasefire between Israel and Hamas, signed in Cairo, took effect on November 21, thus putting an end to eight days of conflict, including Israeli airstrikes, that the U.N. estimates resulted in the death of 158 Palestinians -- including 103 civilians -- as well as 1,250 being injured. Meanwhile, four Israeli civilians, as well as two soldiers, were reportedly killed by Palestinian rocket fire, and 224 Israelis were injured.

In the wake of the ceasefire, however, supporters from both sides intensified their distributed denial of service (DDoS) attacks against each other. Matthew Prince, CEO of CloudFlare, which helps businesses defend against DDoS attacks, told Wired that while the identity of the attackers remains a mystery, his company has recently signed up as customers 10 "fairly high-profile" websites from both sides of the conflict that were hit with DDoS attacks. He said the pace of DDoS attacks noticeably increased in the hours after the ceasefire was signed.

While CloudFlare didn't detail its customers' identities, they reportedly include both the Israeli Defense Forces as well as al-Qassam, the paramilitary wing of Hamas.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PJS880
50%
50%
PJS880,
User Rank: Apprentice
12/12/2012 | 5:41:46 AM
re: Gaza Ceasefire Doesn't Hold Online: New Anonymous Hack
Did these attacks play any role politically, were they just looked at as attacks or political targets? Is this PastoralG«÷s only documented attack or do they have similar attacks they claim credit for? I am sure that the groups were trying to make their point stand out a little more by increasing the attacks after the ceasefire was signed. Did CloudFlare's account on any of the attacked systems get their data stole? On anther note any ceasefire is a great thing!

Paul Sprague
InformationWeek Contributor
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.