Analysis: All it took was one badly guarded website

'Defense is only as strong as its weakest link' is an axiom that holds truer in today’s Internet-dependent world.

By YAAKOV LAPPIN
Cyber warfare US Department of Homeland Security 311 (R) (photo credit: Ho New / Reuters)
Cyber warfare US Department of Homeland Security 311 (R)
(photo credit: Ho New / Reuters)
Military strategists have known for centuries that a defense is only as strong as its weakest link. In today’s Internet-dependent world, infested with hostile, sophisticated hackers, the axiom holds truer than ever.
Anti-Israel hackers, apparently from Saudi Arabia, found one poorly guarded website connected to two online-coupon websites, and used it to access a large number of credit card numbers.
RELATED:Hackers hit US security think tank's website
The hackers chose to target hard-working Israeli families, many struggling to make ends meet. They hoped to create pandemonium and disruption in Israel, and encouraged others to rob the families using stolen credit card details.
Thanks to the swift responses of credit card companies, which scrambled to suspend the affected accounts, the damage appears to be minimal.
But the attack serves as a warning over how vulnerable a country’s vital assets can be if holes in the fence are not mended.
Last summer, the Knesset’s Science and Technology Committee warned that “without tanks, and without planes... it is possible to bring about the collapse of a state, and no military can come to the rescue.”
Israel has already taken concrete steps to protect national infrastructure such as electricity, communications, water, transport and monetary systems.
These critical sites are protected by the National Cyber Defense Authority.
According to the Israel Defense magazine, the authority is run by the Shin Bet (Israel Security Agency), and the organization will soon extend its protective shield to cover banks and cellphone networks.
Some privately owned commercial websites, however, have not yet been brought into the loop, and likely represent the weakest link in the chain.
A study published earlier this year by Tel Aviv University’s Institute for National Security Studies noted that a worldwide cyber arms race has begun. Governments around the world have set up offices and headquarters dedicated to this latest battleground.
The study warned that non-state actors such as terrorist organizations also posed a danger to Internet security.
Tuesday’s credit card attack was a relatively minor incident. But the potential for mayhem caused by a successful attack is great.
Time is of the essence to bringing the commercial Internet sector up to speed on Internet security.
Yaakov Lappin is the author of Virtual Caliphate: Exposing the Islamist State on the Internet.