August 25, 2014
Iranian Hackers Step Up
The current war between Hamas and Israel as, like the two previous conflicts, brought out a lot of pro-Arab (if not pro-Hamas) hackers to attack Israeli Internet operations. This time around the attacks, while low level (defacing websites and trying to shut down sites with DDOS attacks) were more intense. Most were from Moslems far from the Palestinian territories who had acquired some hacking skills. While the Moslem nations have lower percentages of Internet users and Internet experts, that is slowly improving every year. More worrisome to Israel is the apparent growing of Cyber War operations in Iran. All this increased hacking against Israeli targets is no surprise and it has been developing since September 11, 2001. Israel also now accuses Iran of using Cyber War operations to aid Moslem anti-Israel groups. This support does not include high grade stuff, which only Iranian hackers are allowed to use, but training and hacker software that many eager Moslem amateurs were not aware of or felt capable of using.
Israel has been making preparations and some have been made public. In 2013 Israel revealed that it had activated new military Cyber War units dedicated to monitoring networks for Internet based attacks and organizing a quick response. Photos of the operations center for this new unit were shown. At the same time Israel is trying to restrain its many freelance hackers from retaliating against pro-Arab hackers who have been making low-level attacks (grabbing credit card info from poorly protected online merchants and staging denial of service attacks on prominent websites). Israel does not want to reveal its Cyber War prowess unless it’s an emergency. It also does not want to see a lot of innocent third-parties suffer damage from a hacker war. The Israeli hackers can do a lot more damage, and garner a lot of bad publicity for Israel. Israel is also reluctant to put too many of its Cyber War resources into this, as the hacker community will simply develop new methods to evade detection, once they have seen what the Israelis can do. Meanwhile, Israel is using the situation to encourage Israeli firms and government agencies to increase their Internet security.
In 2012 Israel admitted it (and much of the Middle East) was increasingly being attacked by Iranian (or Iranian backed) hackers and that Israel is increasing its Cyber War defenses to deal with the problem. While Israel is the most vulnerable nation in the region (because of the number of PCs and networks), it is also the best protected. The 2012 surge of Iranian attacks did much less damage in Israel than in Arab countries. At the same time Internet security researchers revealed that a new Cyber War class computer program has been unleashed in the Middle East. Similar to Stuxnet and Duqu (both created by a joint U.S.-Israeli effort for use against Iran), the new bit of malware was called Gauss, and it is being used to monitor Hezbollah financial activity. Gauss was apparently unleashed in 2011 and had already done its job. It is tools like Gauss that make Israeli so confident when they accuse of Hezbollah of specific terrorist attacks.
The U.S. and Israel have not provided any details about their Cyber War activities, although for a long time rumors about this have been in circulation. The U.S. and Israel were long suspected of being responsible for the appearance of “weapons grade” computer weapons. Both nations had the motive to use, means to build, and opportunity to unleash these powerful Cyber War weapons against Iran and others that support terrorism.
Iran has responded to these attacks. Although not a serious Cyber War threat to the United States, Iran was trying to build nuclear weapons and apparently Israel had already been looking into using a Cyber War weapon to interfere with that. Given the nature of these weapons, which work best if the enemy doesn’t even know they exist, don’t expect many details to be released about this Cyber War program. What is known is that the Cyber War weapons unleashed on Iran were designed to concentrate only on very specific targets. So far, only a few of these weapons are known. One (Stuxnet) was designed to do damage to one specific facility, the plant where Iran produced nuclear fuel for power plants and atomic weapons. That one worked. The other two (Duqu and Flame) were intelligence collection programs. They also apparently succeeded, remaining hidden for years and having lots of opportunity to collect enormous quantities of valuable data.
The U.S. and Israel have been successful with “software attacks” in the past. This stuff doesn’t get reported much in the general media, partly because it’s so geeky and because there are no visuals. It is computer code and arcane geekery that gets it to its target. The earlier attacks, especially Stuxnet, Duqu, Flame and Gauss, spread in a very controlled fashion, sometimes via agents who got an infected USB memory stick into an enemy facility. Even if some copies of these programs get out onto Internet connected PCs, they do not spread far. Worms and viruses designed to spread can go worldwide and infest millions of PCs within hours.
Despite all the secrecy, this stuff is very real and the pros are impressed by these high-grade Cyber War weapons, even if the rest of us have not got much of a clue. The demonstrated capabilities of these Cyber War weapons usher in a new age in Internet based warfare. Amateur hour is over and the big dogs are in play. Actually, the Cyber War offensive by the U.S. and Israel appears to have been underway for years, using their stealth to remain hidden. There are probably more than three of these stealthy Cyber War applications in use, and most of us will never hear about it until, and if, other such programs are discovered and their presence made public. Iran is trying to respond and is looming as the most serious threat from the Islamic world. So far the Iranians have not been able to score a significant win, but they are making rapid progress.
No comments:
Post a Comment