Hackers or cyber terrorists?

The recent tit-for-tat between Saudi and Israeli hackers raises the question of whether cyber war is truly a danger.

Bletchley Bombe_390 (photo credit: ALESSIA PIERDOMENICO / REUTERS)
Bletchley Bombe_390
Eyal recalls the moment that he first learned that a selfdeclared Saudi hacker calling himself 0xOmar had posted over 11,000 credit card numbers belonging to Israelis on the Web on January 5 and threatened to expose tens of thousands of more numbers. “I wasn’t filled with rage, I kept cool,” says Eyal (not his real name). “I knew that a ʽZionistʼ response was needed.”
There was no independent confirmation that the source of the attack was in Saudi Arabia, but public figures and the press reacted as if the hacker attack, which set off no small amount of consternation among Israeli credit card holders, was an enemy attack on the state. Deputy Foreign Minister Danny Ayalon described it as “a breach of sovereignty comparable to a terrorist operation.” A Hamas spokesman called on “Arab youth to use all possible means through virtual space to confront Zionist crimes.”
When hackers struck again ten days later, taking down the websites of the El Al airline and the Tel Aviv Stock Exchange for several hours on January 16, Eyal decided that he could no longer remain passive.
The next day, a shadowy group of Israeli hackers calling itself IDF-Team, which Eyal claims he is a member of, shut down stock exchange sites in Saudi Arabia and the United Arab Emirates in retaliation, and boasted that this was only a taste of the damage that they could do.
“Expectations for the future are very interesting” is all that Eyal is willing to say in reply to a question regarding what IDFTeam is planning to do if hackers strike Israeli sites again. “We will not sit with our hands folded while the privacy of Israeli citizens is attacked. Our response will be painful.”
Many nervous Israelis wondered whether a new cyber front of war had opened up against the country, with headlines asking how far tit-for-tat escalations of attacks could go. Experts, however, almost unanimously dismissed the spate of January hacking attacks as little more than an amateurish nuisance.
No need for panic
“There is no need for panic,” says Nitzan Miron, a former member of Matzov, the cyber security division of the Israeli military, and now chief executive of 6Scan, a website security start-up in Tel Aviv. “This is psychological warfare, not a serious attack. The media are falling into a Saudi trap by exaggerating what amounts to vandalism against a few websites into a frightening cyber war campaign.”
Gabriel Weimann, professor of communications at Haifa University, shares Miron’s dismissive attitude towards the January hacking attacks. “They were very primitive,” says Weimann. ‟Any of my students could do what they did in under two hours. This does not merit the term cyber terrorism.”
Weimann, however, does warn about vast potential damage that could be caused if and when major terrorist organizations launch a serious cyber attack. “Some fears are unjustified. But imagine if a terrorist organization manages to take over the air traffic control system of an airport, bringing down dozens of planes in the air,” says Weimann. “Imagine if they take over railway traffic systems, which are all softwarecontrolled today, or the computers running nuclear energy plants. The results could be more catastrophic than 9/11. That can keep me awake at night.”
In its broadest meaning, using “information technology” to gain an advantage over an enemy has been a part of warfare since the dawn of humanity. Archaeological digs indicate that ancient Judean cities tried to defend themselves from an attack by Babylon in the 6th century BCE by relaying fire signals from one hilltop to another in the ancient world’s version of the Internet. By the time of the American Civil War in the 1860s, president Abraham Lincoln could send telegraph messages directly to battlefields.
The historical watershed for the use of information technology in warfare, however, is World War II, as electronic technology became an increasingly important element in war. In Bletchley Park in Buckinghamshire, a team of mathematicians led by Alan Turing cracked the Nazi Enigma code, an accomplishment that has been identified by historians as one of the decisive elements in the victory of the Allied forces. The war also ushered in the development of the world’s first electronic computers, and it is no coincidence that Turing is also remembered today as one of the legendary founders of the field of computer science.
In the 1960s, the United States Department of Defense became increasingly concerned about the vulnerability of the country’s communication system to being knocked out by a handful of Soviet bombs in the event of a third world war. It initiated a project to develop a communication network that would not be dependent on central hubs, based on the theory that such a network would be resilient to attack, since the destruction of any single node would still leave plenty of other paths open for signals to travel on. The network that emerged from that project was called the Internet, which burst into the public’s consciousness in the mid 1990s in the form of the Web.
The Web today, of course, reaches into virtually every office, home and mobile telephone. But a funny thing happened along the way from the first email message sent over the Internet in 1971 to today’s Twitter feeds. The network that started out as a robust military creation is now exposed to a whole host of threats due to its hyper-interconnectedness. The more interconnected it becomes, the easier it is for crucial information to be shared, but at the same time opportunities for adversaries to exploit vulnerabilities increase exponentially. A single bomb might be ineffective against a tightly woven web of connections, but from the perspective of the creator of a virus, the tighter the connections the greater the potential damage.
In addition, the more people have access to sensitive information, the more it becomes vulnerable to falling into the wrong hands. An individual with a memory stick today can within seconds steal more secret documents than could be loaded on a fleet of trucks when documents existed solely in printed form.
“The centralization of data is a serious risk,” says Yael Shahar, a cyber terror expert at the Interdisciplinary Center in Herzliya. “There is a trade-off. With more compartmentalization you lose interconnectedness. FBI offices were not connected by Internet pre-9/11, which led to research inefficiency. But with more connections, more people have access to sensitive data. The US military is now limiting the number of documents that can be accessed at any one time.”
Shahar sees a silver lining in the recent hacker attacks. “The good thing is that it did not cause too much damage, but woke people up to the problem,” she adds. “The wake-up call can get the people who need to put money into guarding their sites to increase their awareness.”
Retaliation is counterproductive
According to Miron, there are between 2,000 to 3,000 successful hacker attacks on computers throughout the world on any given day, with an estimated 60 percent of sites vulnerable to cyber vandalism. “Most such hacker attacks can be easily avoided,” he tells The Jerusalem Report. “There are several companies providing software services to small and medium-sized businesses that can protect them against data theft and hijacking of websites.”
The most basic cyber protection software package sold by Miron’s company 6Scan can cost as little as $10 a month; more sophisticated and comprehensive packages sold by cyber security companies can cost hundreds or thousands of dollars a month, depending on a client's needs.
Miron has little regard for vigilante hacker retaliations for attacks on Israeli sites, such as those conducted by IDF-Team. “It’s not smart,” he remarks. “The response should be better protection for Israeli sites. These sorts of retaliation rounds tend to escalate back and forth, and no one wins.”
If cyber attacks escalate to high enough and concerted enough levels, they can amount to more than mere nuisances. Coordinated attacks on Estonia in April 2007, in the midst of a diplomatic row between Estonia and Russia, shut down the websites of banks, ministries, communications networks, and the nation's parliament, paralyzing daily life in some parts of the country. A similar wave of attacks froze many central websites in Georgia, during a war between Russia and Georgia in August 2008.
Even attacks of that scope, however, have relatively limited long-term damage potential. “Those types of attacks are mostly simple denial of service attacks,” says Shahar. “They can be dealt with simply by cutting off communications from certain sites and locations that serve as the source of the attacks. That may incur a temporary cost, but it is bearable.”
Israel well defended
The true danger of cyber warfare, experts agree, is to vital infrastructures, such as airports, railways, communications, water and electricity networks, and even traffic light controls. In this regard, Israel is actually one of the best-defended countries in the world. According to a recent report conducted by the Security and Defense Agenda and McAfee Systems, Israel came on top of a list of 23 countries, along with Sweden and Finland. The report gave Israel four and-a-half stars out of five, with the United States, Britain, Germany and France each getting only four stars.
Israel’s advantage stems from the existence of well-honed top professional teams devoted to maintaining the country's edge in national cyber security. “Israel has a national authority for information security that is part of the Israel Security Agency (Shin Bet),” Miron tells The Report, noting that in the cybersphere “there is extensive cooperation between security authorities and various bodies, such as the water and electricity systems, gas networks, communications and transportation bodies, major financial institutions and many others.”
Shahar sees Israel’s preparedness in the context of broad trends in warfare. “We are among the most protected because we have been at war so long,” says Shahar. “The vulnerability of civilian infrastructures is part of the general extension of systems of conflict from armies on battlefields. The home front is more of a player in warfare now, and this is expressed in cyber security concerns. Similarly, dangerous hackers do not necessarily work for governments.”
What does give Shahar concern is the possibility of cyber attacks on vital infrastructures through physical infiltration. “An attack on an infrastructure system could come from within, by a memory stick smuggled in and connected directly to the system,” she points out.
Weimann, who has been studying the use of the Internet by terrorist groups for the last ten years, has been tracking their increasing sophistication. “Post-modern terrorists are taking advantage of the fruits of globalization and modern technology to plan, coord i nate and execute their deadly campaigns ,” he says, pointing out that they are particularly adept at using social net work i ng sites, such as Facebook and Twitter, to gather information, monitoring military personnel sharing information on networking sites.
The more data gets put online, the easier it becomes simply to download instructions for constructing a homemade bomb or operating a Stinger anti-aircraft missile. “Google Earth is a wonderful service for terrorists,” adds Weimann. “It gives them satellite imagery once available only to armies for free, and no one can even tell they are accessing it.”
Although no major cyber terrorism attack has yet happened, it is not for lack of trying, according to Weimann. Security professionals have so far managed to keep at least one step ahead of the terrorists. “We will need to keep working to guard against a cyber attack that will be a step up over 9/11,” concludes Weimann. “Cyber terrorism is like a dark cloud fast approaching on the horizon. We have to prepare our umbrellas.”