The FBI is warning U.S. companies that cyber terrorists from the Middle East and North Africa are planning to conduct cyber attacks against Israeli and Jewish interests next week.
The Bureau stated in a security notice to U.S. industry on Sunday that, as of early March, “several extremist hacking groups indicated they would participate in a forthcoming operation, #OpIsrael, which will target Israeli and Jewish Web sites.”
“Given the perceived connections between the government of Israel and Israeli financial institutions, and those of the United States, #OpIsrael participants may also shift their operations to target vulnerable U.S.-based financial targets or Jewish-oriented organizations within the United States,” the FBI warning said. “Based on historical attacks, the FBI assesses that attacks which may spawn from #OpIsrael to target U.S.-based systems will likely constitute only a small percentage of overall activity.”
The FBI said members of at least two extremist hacking groups it did not identify are currently working to recruit hackers for the attacks next week, which will coincide with the second anniversary of the first #OpIsrael cyber attacks. Those were launched on April 7, 2013, and timed to coincide with Israel’s Holocaust Remembrance Day, which begins the evening of April 15.
The groups are located in the Middle East and North Africa and “routinely conduct pro-extremist, anti-Israeli, and anti-Western cyber operations.”
The FBI estimated that the threat to U.S.-based infrastructure from the coming cyber attack is low for well-maintained and updated networks.
However, as part of its program to notify private industry of major cyber threats, the FBI is notifying several possible targets.
FBI spokesman Joshua Campbell said the notice was sent as part of FBI efforts to advise private industry of cyber threat indicators.
"This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals," Campbell said.
The threat assessment, based on past #OpIsrael strikes by cyber terrorists, predicts that the groups are capable of low-level Distributed Denial of Service (DDoS) attacks and Web site defacements.
DDoS attacks typically involve hijacking remote computer servers to generate mass entry requests at targeted websites that permit remote log-ins. The flood of requests causes the targeted sites to crash.
According to the FBI, “the most likely targets for the campaign are Israel-based systems or the systems of worldwide Jewish-oriented organizations like synagogues or cultural centers.”
“Based on historical targeting preferences, the attackers will likely focus primarily on Israeli financial institutions, but may also target Israeli media outlets,” the notice states.
The hacker group Anonymous this week threatened an “electronic Holocaust” in a video statement, Newsweek reported Monday.
The video showed a masked figure who said the attack would come on April 7, five days before the beginning of Holocaust Remembrance Day that ends in the evening of April 16. In Israel the day is called Yom HaShoah.
“We will erase you from cyberspace in our electronic Holocaust,” the video states. “As we did many times, we will take down your servers, government websites, Israeli military websites, and Israeli institutions.” The video accuses Israel of “crimes in the Palestinian territories.”
Benjamin T. Decker, senior intelligence analyst at the Levantine Group, a Tel Aviv-based security group, said hackers have made similar threats in the past and Israel is prepared to deal with it.
“For the most part, this is posturing. This is actually the fourth year that Anonymous has carried out this OpIsrael attack and called on their supporters to erase Israel from the internet,” Decker told Newsweek.
“As the years have progressed we have seen that, despite their increasing sophistication in hacking techniques, we have seen less damage against Israeli cyber infrastructures, largely due to Israel’s pioneering of most cyber warfare tactics, both offensive and defensive.”
A counter-OpIsrael website, opisrael.com, contains a video that warns the cyber terrorists “we will destroy you this year.”
Website defacements are most likely to be the main method used by the cyber terrorists, the FBI said.
“While most Web sites maintain up-to-date content management software, the ease with which attackers can exploit known or un-patched vulnerabilities makes this the more likely vector,” the FBI said. “Sites which maintain updated systems will not likely be impacted by defacement operations.”
The FBI doubts the denial-of-service (DDoS) attacks will produce much in the way of damage because in the past these types of attacks have been “disorganized” and many companies have taken steps to mitigate this type of disruptive cyber strike.
Past anti-Israel DDoS operations failed to produce major “traction” because of “competing priorities for the groups and individuals involved, and the limited number of participants who could organize to conduct successful DDoS campaigns,” the FBI said.
However, the FBI warned that extremist hackers could shut down websites, deface them, and compromise sensitive information that could be used for further harassment operations and identity theft.
The FBI urges companies to conduct data backup operations and implement recovery plans with copies of sensitive or proprietary information that is kept in separate and secure locations.
Also, backed up copies of sensitive data should be made easily accessible to local networks.
Additional suggested measures include careful scrutiny of email attachments, maintaining copies of critical system files, the use of encryption for sensitive information, the use of strong passwords, and the regular changing of passwords.
System administrators also should use network-monitoring tools and employees should be wary of attempts by hackers to obtain sensitive information that can be used in cyber attacks.