Anonymous’ ‘Hack Israel Day’ Could Impact The Entire World

Israel was recently hit by a massive cyber offensive. But unlike other attacks (APTs, criminal campaigns, etc.) to hit the nation, this one has been announced in advance.

It’s Anonymous’ annual OpIsrael attack, which has been taking place on April 7 every year since 2013. According to most Israeli researchers, the attack will fail. It won’t cause any major damage to state infrastructure or scare the Israeli public, and it definitely won’t “erase the Zionist devil from the Internet” (OpIsrael’s declared objective).

The annual operation, which generally consists of DDoS attacks, website defacement and attempts at data theft, has made Israeli users more aware of cyber risks, and acts as a sort of training day for local security companies.

The operation, which generally consists of DDoS attacks, website defacement and attempts at data theft, has had some positive effects: It has made Israeli users more aware of cyber risks, and acts as a sort of training day for local security companies. But this attack has another side, which might have a worldwide impact in the future.

The operation is organized by threat actors from mostly Muslim countries, and relies on quantity rather than quality. Highly skilled attackers who have access to advanced tools won’t waste their time on such a fruitless attack, as the only possible gain is helping spread political propaganda. Hacking is a business, and if there’s no money to be made, most cyber mercenaries aren’t interested.

OpIsrael’s organizers know this, so they try to enlist as many low-level operatives as they can to launch vast DDoS attacks against Israeli websites. But even this vector requires some technical skill, and many OpIsrael enthusiasts simply don’t have the know-how.

Sure, an individual who wants to engage in cybercrime can get the tools and training they need online, but only as long as they can a) reach the crimeware underground and b) pay up (as I’ve stated, this is a business). Even if said individual managed to install TOR and use it, they might not find the relevant crime store or be able to buy what they need.

It is true that crimeware prices are plummeting, and malware costs as little as a few dozen dollars, but this is not small change for everybody. Many of the hacktivists who want to take part in OpIsrael come from countries with weak economies — Indonesia, Malaysia, Syria, Egypt, etc. For an Indonesian activist who makes less than $750 a month, cyber training could be beyond their financial reach. And even if they had the money, they might be refused by crimeware sellers: Newcomer buyers might raise a shopkeeper’s suspicions, and be blocked or marked as possible moles. This is where OpIsrael 2016’s organizers step in.

Teach a man to fish

Unlike in previous years, #OpIsrael 2016 has a well-organized training program. It contains hacker groups dedicated to showing newcomers the ropes. Their keyword is accessibility: If a hacktivist wants to jump in, all they need to do is join the relevant Facebook groups, follow the right Twitter accounts (which are being advertised across social media) and declare their undying hatred for Israel, and they’re one of the gang. 

Sensitive attack details and advanced tools won’t be available to these new hacktivists for reasons of operational security, but they’ll receive DDoS training (available in several languages) and other necessary tools, free of charge. Interactions between newcomer hacktivists and their seasoned guides resemble those found in online support forums, but instead make use of several webchat channels and Telegram groups. Hacking lessons are given by experienced players, some of whom enjoy, celebrity status in the underground communities.

This training program solves OpIsrael’s main problem — mass recruitment. It also lets everybody who wants to get into cybercrime do so, for free.

The next cybercriminals

After this year’s OpIsrael’s dust settles, newcomer hacktivists will come away with a new, albeit very basic, skill set that will enable them to engage in cybercrime. Many DDoS attacks include an extortion element: Attackers can threaten targets with a massive DDoS attack, and launch a low-volume one just to prove their abilities. They can also pose as security researchers claiming to have identified an imminent DDoS attack, and request money in return for stopping the threat.

This is OpIsrael’s unseen effect: Thousands of people will receive professional cybercrime training, which could cause an increase in the volume of worldwide low-level attacks.

Security-focused organizations will know how to treat threats such as these, but most small businesses won’t. Many small businesses fear any disruption to their business process, especially at sensitive times (online stores on Black Friday, for example). Therefore, such businesses tend to give in to a criminal’s demands, since criminals usually won’t ask for more than a few hundred or perhaps a thousand dollars in bitcoin.

This is OpIsrael’s unseen effect: The fact that thousands of people will receive professional cybercrime training. These cybercriminals probably won’t settle for hacktivism for long, or hold their breath until 2017’s OpIsrael. Basic attack tools can easily work like gateway drugs on OpIsrael’s new graduates, who might turn to better tools and tactics and use them to threaten companies all over the world — not just in security-aware Israel.

Anonymous’ training operations could cause an increase in the volume of worldwide low-level attacks. And while these aren’t considered as dangerous as APTs, they currently comprise the lion’s share of cyber attacks and could inflict major damage on multiple industries.

Recode:

 

« CyberScape – The Growing Influence of Cyber (£)
US Cyberwar Against ISIS Begins »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

RIVA Solutions

RIVA Solutions

RIVA provides innovative best practices in IT and management consulting, program support services and emerging technologies.

Exein

Exein

Exein are on a mission to build the world’s first ecosystem for firmware security so that all different types of firmware are secure around the world.

Aptible

Aptible

Security Management and Compliance for Developers. Aptible helps teams pass information security audits and deploy audit-ready apps and databases.

NetSecurity

NetSecurity

NetSecurity is a Brazilian company specializing in Information Security. We provide Managed Security Services (MSS), network security solutions and other specialist services.

CPP Group UK

CPP Group UK

CPP Group UK develops products to help insurers add further value to their products and services through its innovative suite of new products in FinTech, InsurTech and cyber security.

Sequoia Capital

Sequoia Capital

Sequoia Capital is a venture capital firm focused mainly on technology. We partner both with young companies finding their stride and established ones looking for growth.

Cube 5

Cube 5

The Cube 5 incubator, located at the Horst Görtz Institute for IT Security (HGI), supports IT security startups and people interested in starting a business in IT security.

BullWall

BullWall

BullWall is a digital innovator dedicated to fight cybercrime in its many forms. Our overarching purpose is to stop new and unknown strings of ransomware attacks in its tracks.

CyberUSA

CyberUSA

CyberUSA is a collaboration of leaders and states focused on a common mission purpose of enabling innovation, education, workforce development, enhanced cyber readiness and resilience.

CrossCountry Consulting

CrossCountry Consulting

CrossCountry Consulting is a trusted business advisory firm that provides customized finance, accounting, human capital management, risk, operations and technology consulting services.

RiskOptics

RiskOptics

RiskOptics (formerly Reciprocity) equips organizations with one of the most intuitive and powerful information security and cyber risk management solutions in the market.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

UM6P Ventures

UM6P Ventures

UM6P Ventures is an African based early-stage ventures firm operating two funds; a Digital Transformation fund and a Deeptech Ventures fund.

CyberAI Group

CyberAI Group

CyberAI's mission is to pioneer the evolution of the cybersecurity landscape globally, by strategically acquiring and elevating IT consulting firms into leaders of cybersecurity innovation.

Mitra Informatics Integration (MII)

Mitra Informatics Integration (MII)

Mitra Informatics Integration is the information communication technology solution business of the Metrodata Group.

Orca Fraud

Orca Fraud

Orca is an AI-driven fraud orchestration platform. We empower fraud fighters to outpace fraud using our custom ML models.