Cyber attacks on Israel – glitch in the system or cause for concern?
Is Israel in the midst of cyber war? Will blocking websites to overseas access help? Who are these hackers, anyway? Ynet presents a quick guide to cyber vandalism
The cyber attack on Israel is raging. Experts say that none of Israel's strategic systems have been compromised, but is there really no need to panic? Ynet offers a quick guide to cyber vandalism.
Who is behind the cyber attacks on Israel? The majority of cyber attacks are perpetrated by amateur hackers, who are usually young – sometimes even just teenagers known as "script kiddies." They often use a variety of tools that are available online and can be used with virtually no expertise. The presence of professional, experienced hackers has so far been conspicuously absent in this case.
Related stories:
- 'Cyber attacks didn't harm vital systems'
- Experts: Israel's cyber readiness poor
- Saudi hacker's identity uncovered?
Why now? Cyber attacks on Israel are actually quite common – not a week goes by without some Israeli website becoming the target for an amateur hacker. Still, in tumultuous political times, we can see a surge in such attacks. The newfound fame of Saudi hacker "0xOmar," who leaked the credit card information of thousands of Israelis, has likely inspired others.
Should the public be concerned? The public seems much less concerned than the media at this point, and rightfully so. There is no need to panic, as evident from the case of the leaked credit cards: Israelis whose cards were compromised were notified by the credit cards companies and those were quick to limit and replace the compromised cards, resulting mostly in inconvenience. A hacker's greatest affect is the fear effect – and this time at least, the attempt to rouse fear has faltered.
Mere inconvenience? Really? Yes. There is a great difference between the database system of an organization like the Tel Aviv Stock Exchange and its website. Think of a website as a notice board: An organization's website is where it pins various notices – it is not the safe where it keeps important information. A hacker essentially comes up to the board, tears down the notices and scribbles graffiti all over it. It's annoying – especially if we were interested in what the notices had to say – but it's not truly harmful.
Downed El Al website
But didn't "0xOmar" hack into the credit card companies' database? It is highly unlikely that "0xOmar" actually obtained the information that he leaked online. The data was previously stolen but not from the credit card companies – from smaller, unsecure websites that the users gave their information to. That is why the leaked file contained a great deal of false data. "0xOmar" simply gathered the information and posted it in one place, striking a media coup, if nothing else.
Are the recent attacks evident of hackers' success? The recent series of cyber attacks – which included the TASE and El Al websites – indicates relative success, since they were not trivial websites but sites that usually enjoy vast security resources. It is, however, important to understand that this was not a major hacking coup. The systems and the information they store were not compromised in any way and the only blow was to their image.
But when a site is hacked it still indicates a failure. True. Such things should not happen and those in charge of information and web security will have to answer for it; but you must also remember that cyber attacks are somewhat like fires – they are not completely avoidable, regardless of how many precautionary measures are applied. The important thing to gauge is a website's recovery time, the conclusions drawn from such cases and how the lessons learned are implemented.
Is blocking websites to overseas access effective? Not necessarily. Such a move it largely motivated by panic. If someone is determined to hack into a website – hack it they will. The smart hacker will not see this measure as much of a challenge. Blocking websites may be a strategically sound move in cases of a wide, comprehensive cyber-assault, but otherwise, it mostly has only a psychological effect.
- Receive Ynetnews updates
directly to your desktop
