'Nightmare' Hackers Take Swipe at Israeli Stock Exchange, Airline
The Tel Aviv Stock Exchange and Israel's El Al airline were slammed with cyberattacks recently that took their respective websites offline for a few hours. Cyberattacks between Israel and various other Middle Eastern countries have been escalating recently, with targets ranging from individuals' financial information to large-scale industrial systems.
Jan 16, 2012 3:11 PM PT
Hackers believed to belong to the pro-Palestinian group "Nightmare" struck at the websites of the Tel Aviv Stock Exchange and Israeli airline El Al on Monday in what appears to be an escalation of cyberbattles between Israelis and pro-Palestinian hackers.
Three Israeli banks were also attacked.
The Tel Aviv Stock Exchange (TASE) reportedly stated its site was slowed down by the attacks, while El Al reportedly took down its site as a precaution.
The attacks constitute the latest round of cyberbattles between Israel and Palestinians.
The Tel Aviv Stock Exchange "was hit with a distributed denial of service (DDoS) attack, which apparently rendered it unusable," said Neil Roiter, research director at Corero Network Security.
A DDoS attack is where the victim's servers or network connections are hit with a flood of requests within a short span of time. This overloads and shuts down the system.
While it's not clear how the El Al site was hit, "the disruption would suggest DDoS as well," Corero told TechNewsWorld.
Both sites were up and running again "in a few hours," Corero added.
Starting the Week Wrong
Monday's attack reportedly saw hits on the First International Bank of Israel and two subsidiaries, Massad and Otzar Hahayal, in addition to El Al and TASE.
The websites of both El Al and the TASE were down early on Monday. TASE later put its site up again and said it had experienced heavy traffic.
The banks said their marketing sites had been hacked, but client services were not impacted.
"Marketing sites are likely to have less focus on security than the financial servers themselves," IT security expert Randy Abrams told TechNewsWorld.
However, "it's unlikely the media is going to be given all of the details of what was affected," Abrams continued.
Shortly after the attacks on Monday, a Saudi hacker calling himself "0xOmar" said he'd teamed up with the "Nightmare" group and warned of more attacks, Ynetnews reported. He also demanded Israel's Deputy Foreign Minister Danny Ayalon retract what he described as a death threat.
Ayalon had previously stated that Israel will view cyberattacks as acts of terror and warned that the country would retaliate forcefully against hackers, Ynetnews reported.
Over the weekend, Hamas had called for an escalation of hacking attacks against Israel.
That followed the publication by an Israeli hacker of details of more than 200 credit cards that he claimed were owned by Saudis. However, he declined to expose the cards' security codes because his aim was just to alert people. This hacker used the handle "0xOmer" -- that is, Omer with an "e" instead of an "a."
On Jan. 11, Anonymous tweeted that it had posted data about Israel's SCADA systems on the Web. However, clicking on the URL provided for the data turned up a blank page.
SCADA, or supervisory control and data acquisition, systems monitor and control industrial, and infrastructure process. They're used in critical infrastructure such as electric grids and power utility plants.
The previous week, the Saudi hacker, 0xOmar, posted details of credit cards owned by Israelis online in two separate incidents. The first incident involved 400,000 cards. Three days later, he released details of another 11,000 cards, but these were infected with a Trojan. Omar's reportedly a member of Saudi hacker community "Group-xp."
This isn't the first time Israel's websites have come under attack. Back in November, the sites for the Shin Bet domestic intelligence agency was taken down by hackers suspected to have been members of Anonymous. Meanwhile, attacks targeting Middle Eastern countries such as Iran have aroused suspicion of Israeli involvement.
The Madness Never Stops
Expect the cyberbattle to escalate even further.
"There's no reason to believe the attacks on Israeli organizations won't continue and even escalate, as long as the attackers feel their tactics are having an effect and they don't get caught and arrested," Corero's Roiter pointed out.
Israel's banking system is said to be considering blocking online access for overseas users over the recent series of cyberattacks on financial websites. First International Bank of Israel (Fibi) and Israel's Discount Bank have reportedly already applied the limitation as a precautionary measure.
Israel's Ayalon has reportedly urged lawmakers to convene an emergency session to consider setting up an elite cyber unit.