Categories: HackingSecurity

#OpIsrael & attack to Mossad,cyber dispute or misinformation campaign?

Israel is considered by various group of hacktivists an enemy state to fight, for this reason they decide a joint operation to start on April 7th as part of #OpIsrael.  The attack started in 2012 against the protest against Israeli bombing of Palestinian territory, hacktivists are expressing full solidarity with the Palestinian people, the interest is high to the point that some have even suggested an infiltration of members of Hamas, among its members on internet is also circulating the news that Anonymous prepared a “care package” containing information on evading IDF surveillance for residents of Gaza to use if Israeli will attack Internet connections.

Waiting the fatidic date the hacktivists have started to attack other high-profile Israeli websites to protest against Israeli policy, last offensive was the resulting of collaboration between Anonymous, group 404 and Turkish RedHack team. The super team coordinated a distributed denial-of-service (DDOS) attack against the official website of the Israeli Secret Intelligence Service mossad.gov.il, the official website of the Israeli Secret Intelligence Service.

But is known that too much security experts tend to underestimate the effect of a DDoS, they wrongly consider it a minor cyber threat simple to mitigate. Hackers gathered and disclosed personal information of more than 34,000 individuals, including politicians, military representatives, government employees and police officials, source of intelligence confirmed that data leak is not directly linked to the DDOS attack launched against Mossad website.

Interesting also the division of tasks between the groups hacktivists, while Anonymous and RedHack stolen the data Sector 404 conducted the DDOS attack.

The information stolen by hackers include names, email addresses, physical addresses, fax numbers and phone numbers of the victims, they were published on various sources on-line but many of them have been already removed. Following a couple of links where is still possible to reach the data.

https://docs.google.com/file/d/0B_j9nHbEe0UUS2xNOGtOWUpqMlU/edit 
https://anonfiles.com/file/d9f4c3eaec587f9c97bc8b6c1d91f23b

Currently, mossad.gov.il is up again, Israeli institutions haven’t made any official comment in Mossad website hack.
Buy a contradictory news is circulating on internet, Dr. Tal Pavel, an Internet security expert and professor at the Tel Aviv University, revealed that the leaked information doesn’t belong to Israeli officials.

Whatever they stole, it probably wasn’t secure details of top Israeli brass, either from the army or the Mossad,” Pavel told The Times of Israel.

 “There is no doubt that they got some identification information about Israelis, but the claims that they hacked the Mossad site and got a list of Mossad agents is most likely psychological warfare, and not a hack into an important database,” added Pavel.

The gathered data appears related to businesses, educational institutions, synagogues and  municipalities connected to Arab communities from Israel. Pavel sustains that Anonymous and similar groups are simply trying to increase their reputation claiming victories against giant such as Israel and its secret services.

At this point is clear that we are in the middle of a misinformation campaign, one of the two contenders tells lies. The management of information is strategic, it’s clear that in this situation the announcement made by hacktivists related to the list of alleged Mossad Agents could be an embarrassing mistake that certainly would not help his popularity.

Let’s remind that Anonymous started a cyber offensive against Israel in the end 2012 to protest for the attacks on Gaza, the hacktivists defaced and  taken offline hundreds of websites, such as The Jerusalem bank and Israel’s Ministry of Foreign Affairs, and have exposed information stolen during the hacks.

The complete list of web sites attacked has been published on Pastebin, a second list related to a Phase 2 of the attacks has been also published on the same website.

The offensive was  serious and well structured, according former Israeli Finance Minister Yuval Steinitz over 44 million hacking attempts have been detected from the beginning of the operation #OpIsrael, although most have not been successful … and the declaration was released on November 2012. The Minister highlighted that non-government web site reported serious damage, the offensive has created problems primarily to private companies, small business is usual more exposed to cyber threats due limited economic resource.

The hackers also violated every target not properly secured exposing private info of tens of thousands of Israeli citizens and personal data of 5,000 Israeli government officials. A great source of statistics on the attacks is represented by the web site OZDC that analyzed the leaked data providing meaningful information of the #OpIsrael.

Returning to our case and the attack to Mossad website, why the hacktivists should publish a list found to be false and not correct?

Who has managed these activities?

Why the list has been immediately banned from the internet? Does it contain some really interesting name or is it simply the result of a cut and paste from previous data theft?

Expect further revelations  …

Pierluigi Paganini

(Security Affairs – Hacktivism)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services…

25 mins ago

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

4 hours ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

18 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

1 day ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

2 days ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

This website uses cookies.