How Israel’s Iron Dome Missile Shield Works

Israel’s Iron Dome missile defense shield is hard at work again intercepting militant rockets fired from Gaza to population centers in Israel. Recently Iron Dome has successfully  intercepted 70 explosive projectiles launched at Israeli cities.

But how exactly does Iron Dome work?

The YouTube video above reveals how Israel intercepts air-to-ground missiles.

Hacktivists Targeting DNS Servers & an Effective DNS Offensive Counter-Measure

Denial of Service (DoS) attacks used to be the main tool in the Hacktivists toolbox. For the most part, they are not very hi-tech and anyone can run the software to attack websites to aid in their preferred “cause”. But as the recent hacktivism attacks in Israel (and now Pakistan) have shown, DNS server attacks are now all the rage.

DNS SERVERS TARGETED

Why deface one website, when you can just hack the server that holds the IP address to the victim’s site (or sites)! Changing the registered domain name for a website allows you to point the domain name, like Google.pk to ANY server that you want. So, if you can hack the DNS registrar that holds the records for an entire country, you can change any of the servers that you like to point to any website that you want.

Luckily the pranksters behind these attacks have just been redirecting these hijacked websites to a bragging page, “This site hacked by …” They seem to be in it to bring attention to their group, or a political cause, instead of doing serious damage.

Hacking into DNS registrar servers is the hard part, creating a website that looks like any one of the ones that was hacked is trivial. It only takes a few seconds to create a clone of a website that looks and acts like the real one, but could serve malware or other malicious functions. So far it seems that these hackers are more interested in just getting across a message.

Just in it for the “Lulz”.

But with the apparent ease that this is happening, you can see the dangers if the hacktivists were a more malicious group. Say like Nation State hackers who want to infect groups of systems from a target nation. Or gather pertinent credentials from users who think they are on a legitimate website, and not a spoofed one reached via DNS manipulation.

As you can see locking down these important DNS systems better be a top priority of EVERY nation.

OFFENSIVE COUNTER MEASURE

As mentioned earlier, Denial of Service attacks have not gone away and are still used en mass to tie up websites to make them unavailable. Many times Denial of Service attacks are nothing more than normal communication with a website, but multiplied over many times, from multiple users to tie up a server.

But can anything be done to stop this flood of traffic aimed at a site by thousands if not tens of thousands of attacking machines? Sure there is, according to the popular Patriot Hacker Jester, just reflect the traffic back at the attackers!

During the latest Israel/ Gaza conflict, the hacker group Anonymous jumped in on the Hama’s side and attacked many Israeli websites. So of course, The Jester responded by shutting down 3 Hamas sites and their TV Channel. In response, according to The Jester’s website, Anonymous targeted his website.

So Jester just redirected his DNS server to point back at one of their servers, effectively forcing them to DoS their own server!

His website is protected by “CloudFlare” a popular proxy service that protects users from many attacks. When he saw the incoming attack, he simply told CloudFlare to point his website name “jesterscourt.mil.nf” to one that was supported by Anonymous:

“So I simply redirected my domain name to the Occupy ‘movement’s main website. Known as ‘occupytogether.org’. Remember #Anonhamas are big supporters of the Occupy Movement and many of their ‘members’ are also members of the Occupy Movement. Fair game.”

Denial of Service attacks can last for days or longer. Did the technique work?

Apparently, it did:

The Jester also talks about automatting this process, so when a DoS attack is detected, it automatically forwards the flood of traffic to a list of Anonymous supported sites.

It has been an interesting week. New DNS attacks and apparently new effective offensive counter measures. Will the average corporate website defend itself with The Jester’s techniques?

Probably not, but I could foresee some country’s government sites just might.

Well, maybe off the record…  🙂

Israel’s Deputy Prime Minister Shalom’s Social Media Sites Hacked – Personal E-mails Stolen?

(** Content Warning **)

Israel’s Vice Prime Minister Silvan Shalom’s Twitter account appears to have been hacked by a group called the Zcompany Hacking Crew.

Visitors to Minister Shalom’s Twitter page were greeted with a very modified background image. Also numerous pro-Palestine messages were posted under the minister’s account.

Also a YouTube account under his name was defaced by the same group. Only two videos were present one a ZHC video and one entitled “Free Palestine Free Gaza”.

His Facebook, also allegedly hacked was down and un-available when we checked. But from other sources Minister Shalom’s Facebook page had a “Free Palestine” image on it, and again numerous pro-Palaestine messages were posted under his name.

News of the hack was posted on the hacktivist group Anonymous Twitter feed. Along with the notice was a provocative tweet stating: “So what would happen if a certain vice prime ministers email got released to the public?”

Was just the Deputy Minister’s Social Media accounts hacked, or did they get into his personal system as well? A news report from RT.com stated that the hacker group was able to access his e-mail, contacts and documents.

They also claimed that they will publicly release them.

If this is true, then a hacker group was able to bypass Israel’s cyber defenses and gain access to Shalom’s personal system. Most likely by using some sort of Social Engineering type attack.

We will keep an eye on this story, as accessing a government leader’s personal system is a lot more damaging than just defacing or running denial of service attacks against random Israeli sites.

Israeli Microsoft, CNN, BBC, Skype all Defaced, DNS Server Hacked, or Cyber Trickery?

Visitors to several Israeli websites were greeted with the above message. Numerous big named websites were all supposedly hacked and defaced by a group calling themselves L33t Pakistani H4x0rZ.

About half an hour ago the hacker group anonymous released this message:

And sure enough, if you visited any of these sites, you were greeted with the defaced message from the Pakistani hackers. But were all these websites actually defaced?

A quick ping test tells a different story. All of the IP addresses point to the same address!

As you can see in the screenshot above (taken earlier today) all the websites pointed to the same internet address, or IP address.

It would seem that the hackers were able to infiltrate and modify a DNS server, pointing all of these websites to a single website displaying the Pakistani hacker message. This is actually a scarier attack than just simply defacing a single webpage, as from the browser stand point you would not be able to tell that you are at the wrong website.

But one has to wonder how legit some of the addresses are. Looking at Alexa.com, some of these addresses get very little traffic. And using the internet archive “wayback” machine it looks like some of these haven’t been used (or archived) in years. It appears there may be a bit of “Cyber Trickery” going on here.

Also, some counterhacking might be going on as a few minutes ago surfing to the BBC.org.il website revealed a different message. Just a blank white page with the words, “Pakistans Suck!”

Hacking and counterhacking, when will it end?

* Updated 1pm EST – Added graphic of ping responses from earlier today. It would appear these have been all changed now.