Israel’s Cyber Defenses Protect Government Sites from 44 Million Attacks

As Israel’s Iron Dome missile defense shield blocks hundreds of incoming missiles from hitting their target, their cyber defense is also hard at work blocking millions of incoming cyber attacks. There have been millions of hacking attempts against government sites that have been intercepted with reportedly only one successfully taking down it’s target. And that for only a few minutes.

Israeli finance minister Yuval Steinitz told reporters that Israel is facing a second front in the battle with Hamas, a wave of cyber attacks. According to Steinitz, Israel’s cyber defense “deflected 44 million cyber attacks on government websites. All the attacks were thwarted except for one, which targeted a specific website that was down for six or seven minutes.”

Of the 44 million attacks:

  • The majority targeted military sites
  • 10 Million attacks targeted President Shimon Peres’s website
  • 7 Million against Israel’s Foreign Ministry
  • 3 million against Benjamin Netanyahu’s site

“The ministry’s computer division will continue to block the millions of cyber attacks” Minister Steinitz said adding, “We are enjoying the fruits of our investment in recent years in developing computerized defense systems.

But apparently, their defense does not defend against Denial of Service attacks as many Israeli sites still appear to be unavailable due to high traffic as this current screenshot of the President’s website shows:

And the Blog of the Israeli Defense Force seems to be offline. This is odd as it is protected by CloudFlare, a company that helps block Denial of Service Attacks :

Israel’s Iron dome is a missile defense shield that works very well. Hamas terrorists have fired approximately 1,000 missiles at Israeli cities. Of these, Iron Dome has successfully intercepted 90% of the projectiles that would have hit populated areas:

We’ve got about a 90% success rate,” he says, proudly giddy. “This is unprecedented in history.” It’s also impossible to confirm, but the lack of Israeli casualties suggests Iron Dome is the most-effective, most-tested missile shield the world has ever seen.

But Israel knows that they must do something about the cyber attacks. The hacker group Anonymous claims to have taken down about 700 Israeli websites, defaced over 100 and apparently wiped Jerusalem’s Bank database(which has since been restored).

Israel is in the process of creating a “Digital Iron Dome”, which according to Prime Minister Benjamin Netanyahu will protect them against future cyber attacks:

Every day, many attempts are made to infiltrate Israel’s computer systems,” the prime minister warned. “Just as we have the Iron Dome against missiles and the security fence against infiltrators and terrorism, we will have a similar protection against cyber-attacks.

Defense will help against incoming attacks, but don’t forget that Israel also has offensive cyber capabilities. The country that helped develop “Stuxnet” is not toothless in the realm of cyber attack. One can safely assume that Israel is tracking the sources of these attacks and will deal with them as they see fit.

Numerous Israeli Websites Down – Anonymous Claims Responsibility

This morning I was on a forum that was discussing IDF Special Forces and one person mentioned that they just ordered a IDF Special Forces t-shirt that they thought was very cool and to check it out. The only problem was the link did not seem to be working. The site seemed to be down. I went to another website that sold IDF t-shirts, again, they appeared to be having website problems. Lastly I went to a real IDF backed site and the website was very sluggish.

Finally, it dawned on me that this could be the work of pro-Gaza Islamic supporters.

Sure enough it looks like Anonymous has stepped into the online social media battle that is being waged between the IDF and Gaza militants. As rockets fall on Israel and Israel retaliated, a war of words was being fought on Twitter and Facebook. As was mentioned yesterday, I figured it would only be a matter of time before political hacktivists would get involved and target websites.

Well, it didn’t take long at all as the hacker group “Anonymous” kicked off “#OPIsrael”.

Anonymous claimed in a tweet to have taken down 40+ Israeli government and military websites in three hours. Not so, claimed the security company Radware in a NY Times Report:

“Radware, a computer security company, said that in all but a few cases they were unsuccessful. But they did take down a blog page belonging to the I.D.F. and replaced the home page of what they said was a private Israeli surveillance and security company with an image of Gaza in flames and the following message: “Stop bombing Gaza! Millions of Israelis & Palestinians are lying awake, exposed and terrified.”

According to the article Anonymous recruited hackers through Twitter, IRC Chat and a Pastebin post to run Denial of Service programs, like the Low Orbit Ion Cannon (LOIC) to attack Israeli backed sites. Apparently the attack is still ongoing as several Israeli government and military themed sites that I tried to visit today were down or seriously sluggish.

Many times Denial of Service attacks are not hi-tech, they simply flood websites with tons of simultaneous requests from thousands of computers and bog the servers down. Called Distributed Denial of Service Attacks, they can be very effective if target websites do not have ways to deflect or absorb the large volume of requests.

I am sure the Israeli Cyber teams will respond with attacks on Anonymous sites and group members. But unfortunately it looks like the the possibility of a ground military operation could be forthcoming as Israel’s Defense Minister Ehud Barak has called for up to 30,000 reservists to be activated. With most of those being from the Engineering Corp, that would prepare paths for armored vehicles to enter into Gaza.

We will have to watch this closely as a military operation into Gaza could cause increased conflict in the area, with one Israeli media outlet even hinting that the escalation could lead to war with Iran.

Israel creating Digital “Iron Dome” to Combat Constant Cyber Assault

(Photo: Reuters)

Israel is facing daily electronic attacks against critical systems, and the attacks are on the increase. To counter the rising cyber storm, they are in the process of creating a digital “Iron Dome”. Which according to Prime Minister Benjamin Netanyahu, will help block the attacks and “protect Israel from cyber terror“.

Israel has been in a battle to survive ever since the nation was re-formed. They have been under constant threat by Islamic nations that simply do not want the country to exist. Now, along with the possibility of physical and even possible nuclear attack, electronic attacks have been rapidly on the rise. All together, Netanyahu recently said that these are “the greatest security-related challenges Israel has faced since its inception”.

Israel has not been sedentary in preparing for these threats. They have put their best and brightest minds at work creating defenses against the unique threats that they face, sometimes on a daily occurrence. For example, the Trophy Active Protection System by Rafael  was created in response to militant RPG attacks against their military vehicles:

(It is interesting to note that the US looked into using the same technology on it’s deployed tanks, but it was turned down due to the possibility of collateral damage.)

The “Iron Dome” system was also created to help protect whole cities against militant rocket launches. Also created by Rafael, Iron Dome is an integrated mobile air defense system that detects, tracks and intercepts incoming short range rocket and artillery shells. Since it has been deployed, it has shot down 90% of the rockets launched from Gaza (over 90!).

Now that Iran has created a 100 man cyber team, ostensibly to attack US and Israeli systems, it sounds like Israel is looking to use the same concept and create a “digital Iron Dome”:

“Just as we have an Iron Dome missile interceptor to protect against missiles, and a border fence to prevent infiltrators and terrorists from entering, we will also have a similar defense against cyberattacks.

For this purpose, I established the National Cyber Directorate a year ago and it has been working to block these attempts by developing what I would call a ‘digital Iron Dome’ to protect Israel from cyberwarfare,” Netanyahu said Sunday at a weekly cabinet meeting.

Though the system is classified and no details have been publicly released, it could not come at a better time.

Iran Double Agents Planted Stuxnet in Nuclear Facilities

As if the story of Stuxnet was not interesting enough already, a report last week from places a shadowy cloak and dagger spin to it. Reportedly, anonymous US Officials claimed that Iran’s Stuxnet infection was a targeted attack by Israeli backed Iran double agents:

“They said using a person on the ground would greatly increase the probability of computer infection, as opposed to passively waiting for the software to spread through the computer facility. “Iranian double agents” would have helped to target the most vulnerable spots in the system.”

According to the report the double agents connected the infected USB drives and once the associated icon was activated, the virus spread rapidly through the network infecting all of the systems, but only activating when it found the target devices.

Apparently the Iran double agents were part of a violent group called the Mujahedeen-e-Khalq (MEK):

Former and senior U.S. officials believe nuclear spies belonged to the Mujahedeen-e-Khalq (MEK), which Israel uses to do targeted killings of Iranian nationals, they said. “The MEK is being used as the assassination arm of Israel’s Mossad intelligence service,” said Vince Cannistraro, former head of the CIA’s Counterterrorism. He said the MEK is in charge of executing “the motor attacks on Iranian targets chosen by Israel. They go to Israel for training, and Israel pays them.” Other former agency officials confirmed this.”

If this is true, then the same group could have also been responsible for the assassinations and bombings that targeted Iranian scientists and heads of the nuclear enrichment program. It would also explain why Iran began arresting what it claimed were “Nuclear Spies” after Stuxnet was discovered.

The ISSSource article is full of interesting quotes from current and former US officials and intelligence agents, and not just about Stuxnet. According to one official the US had infiltrated a lot of Soviet military equipment in the 1980’s:

“We put in bugs inside the Soviet computers to feed back satellite information that had been ‘leeched’ off hard drives, in the Soviet Defense Ministry and others,” said a former U.S. intelligence official.

And claimed that prior to the start of Desert Storm the CIA and British GCHQ released a flood of viruses against Iraq’s command and control, but unfortunately the infected machines were destroyed by kinetic attacks before they could take full effect:

“Once in place, NSA and GCHQ believed the virus would spread like a virulent cancer through the Iraqi Command and Control system, infecting every computer system it came across. But before the virus had reached its target, the air war began. U.S. planes destroyed Saddam’s command and control network, including the buildings where the infected computer hardware had been so successfully inserted. As a result, one of the most successful intelligence operations of the war was buried beneath the rubble. “The intelligence people were very pissed — all that work for nothing,” said a former senior DoD official.”

If it is true, this is very interesting indeed. And it seems to follow the pattern that we have mentioned before on cyber war – that for this type of warfare to be successful, cyber attacks will be used alongside physical attacks.