The cyber attacks launched by the anti-Israel hacker-group ‘Anonymous’ are more hype than harm, according to Israeli cyber security experts, who claim that media coverage is fomenting unnecessary fear out of sync with the reality of the threat.
Anonymous, a loosely-organized hacking collective that has gone after targets ranging from PayPal to ISIS, has tried to breach Israeli websites annually on April 7, beginning in 2013 when it launched its campaign against Israel on the country’s Holocaust Memorial Day. This year it has threatened to carry out cyber attacks on government offices and to leak personal details of Israeli citizens in an operation dubbed “Operation Israel.”
While so far there have been minor leaks of Israelis’ credit card details taken from poorly secured websites, experts claim that Anonymous has proven to be a relatively amateur organization incapable of breaching Israel’s highly secured internet systems.
Jonathan Glinger, a cyber law attorney, dismisses the threat as unwarranted hysteria. “Each year we see the same thing,” Glinger said. “Anonymous has a list of websites it says it has defaced or is attacking and when you go through all of them you see that some may have been temporarily disrupted but they are up and running again very quickly," he said.
According to Glinger, the extent of cyber threats against Israel does not particularly increase on April 7. “I’m not saying you don’t have to be vigilant. You have to be vigilant all year round. Focusing on one day, though, is not enough,” he asserted.
Anonymous’s main strategy is to generate artificial web traffic to websites in order to overload a website until it collapses, explained Nitsan Sabdan of Israel’s Computer Emergency Response Team (IL-CERT) in an interview with TPS. IL-CERT is Israel’s civilian command center for cyber security.
This hacking tactic, known as “distributed denial of service” (DDoS) attacks, is relatively basic and poses little threat, Sabdan said.
“Usually all we see is a large amount of low-level attackers who use low-level tools. Most of their participants are not very skilled in cyber offense, so their emphasis is on quantity and not quality. But they still remain poorly skilled. Thus far there has been no considerable damage to any Israeli website or service.”
Indeed, Sabdan spoke contemptuously of Anonymous’s activities, deriding their abilities to publicize outdated email addresses and the paucity of advanced breaching mechanisms at their disposal.
“They claim to have more data and tools but we check them all them time and we have found nothing new, threatening, or dangerous. This is simply another ‘Operation Israel.’ This year will also probably end in failure for them, just as in previous years,” Sabdan predicted.
In addition to Anonymous’s weakness in expertise, Sabdan cited Israel’s formidable infrastructure when combating cyber threats.
“Israel’s strong infrastructure is very advanced. Our operation center, IL-CERT, is comprised of Israel’s best security specialists. The knowledge base is massive and the attackers have no tactics, so we can mitigate their attacks.”
While Sabdan conceded that the day had not yet ended and that the possibility of surprises could not be overlooked, he concluded that little damage would be caused and largely agreed with Glinger regarding the disproportionate hype fostered by the media.
“There is a big difference between media hype and reality. Anonymous also tries to make a big deal out of its operation because it wants to attract more cyber attackers.”
Reprinted with permission from the Tazpit News Agency.