FBI Warns U.S. Companies of Cyber Terror

Israeli, Jewish interests targeted

A screenshot from Anonymous‘ video threatening Israel / YouTube

BY:

The FBI is warning U.S. companies that cyber terrorists from the Middle East and North Africa are planning to conduct cyber attacks against Israeli and Jewish interests next week.

The Bureau stated in a security notice to U.S. industry on Sunday that, as of early March, "several extremist hacking groups indicated they would participate in a forthcoming operation, #OpIsrael, which will target Israeli and Jewish Web sites."

"Given the perceived connections between the government of Israel and Israeli financial institutions, and those of the United States, #OpIsrael participants may also shift their operations to target vulnerable U.S.-based financial targets or Jewish-oriented organizations within the United States," the FBI warning said. "Based on historical attacks, the FBI assesses that attacks which may spawn from #OpIsrael to target U.S.-based systems will likely constitute only a small percentage of overall activity."

The FBI said members of at least two extremist hacking groups it did not identify are currently working to recruit hackers for the attacks next week, which will coincide with the second anniversary of the first #OpIsrael cyber attacks. Those were launched on April 7, 2013, and timed to coincide with Israel’s Holocaust Remembrance Day, which begins the evening of April 15.

The groups are located in the Middle East and North Africa and "routinely conduct pro-extremist, anti-Israeli, and anti-Western cyber operations."

The FBI estimated that the threat to U.S.-based infrastructure from the coming cyber attack is low for well-maintained and updated networks.

However, as part of its program to notify private industry of major cyber threats, the FBI is notifying several possible targets.

FBI spokesman Joshua Campbell said the notice was sent as part of FBI efforts to advise private industry of cyber threat indicators.

"This data is provided in order to help systems administrators guard against the actions of persistent cyber criminals," Campbell said.

The threat assessment, based on past #OpIsrael strikes by cyber terrorists, predicts that the groups are capable of low-level Distributed Denial of Service (DDoS) attacks and Web site defacements.

DDoS attacks typically involve hijacking remote computer servers to generate mass entry requests at targeted websites that permit remote log-ins. The flood of requests causes the targeted sites to crash.

According to the FBI, "the most likely targets for the campaign are Israel-based systems or the systems of worldwide Jewish-oriented organizations like synagogues or cultural centers."

"Based on historical targeting preferences, the attackers will likely focus primarily on Israeli financial institutions, but may also target Israeli media outlets," the notice states.

The hacker group Anonymous this week threatened an "electronic Holocaust" in a video statement, Newsweek reported Monday.

The video showed a masked figure who said the attack would come on April 7, five days before the beginning of Holocaust Remembrance Day that ends in the evening of April 16. In Israel the day is called Yom HaShoah.

"We will erase you from cyberspace in our electronic Holocaust," the video states. "As we did many times, we will take down your servers, government websites, Israeli military websites, and Israeli institutions." The video accuses Israel of "crimes in the Palestinian territories."

Benjamin T. Decker, senior intelligence analyst at the Levantine Group, a Tel Aviv-based security group, said hackers have made similar threats in the past and Israel is prepared to deal with it.

"For the most part, this is posturing. This is actually the fourth year that Anonymous has carried out this OpIsrael attack and called on their supporters to erase Israel from the internet," Decker told Newsweek.

"As the years have progressed we have seen that, despite their increasing sophistication in hacking techniques, we have seen less damage against Israeli cyber infrastructures, largely due to Israel’s pioneering of most cyber warfare tactics, both offensive and defensive."

A counter-OpIsrael website, opisrael.com, contains a video that warns the cyber terrorists "we will destroy you this year."

Website defacements are most likely to be the main method used by the cyber terrorists, the FBI said.

"While most Web sites maintain up-to-date content management software, the ease with which attackers can exploit known or un-patched vulnerabilities makes this the more likely vector," the FBI said. "Sites which maintain updated systems will not likely be impacted by defacement operations."

The FBI doubts the denial-of-service (DDoS) attacks will produce much in the way of damage because in the past these types of attacks have been "disorganized" and many companies have taken steps to mitigate this type of disruptive cyber strike.

Past anti-Israel DDoS operations failed to produce major "traction" because of "competing priorities for the groups and individuals involved, and the limited number of participants who could organize to conduct successful DDoS campaigns," the FBI said.

However, the FBI warned that extremist hackers could shut down websites, deface them, and compromise sensitive information that could be used for further harassment operations and identity theft.

The FBI urges companies to conduct data backup operations and implement recovery plans with copies of sensitive or proprietary information that is kept in separate and secure locations.

Also, backed up copies of sensitive data should be made easily accessible to local networks.

Additional suggested measures include careful scrutiny of email attachments, maintaining copies of critical system files, the use of encryption for sensitive information, the use of strong passwords, and the regular changing of passwords.

System administrators also should use network-monitoring tools and employees should be wary of attempts by hackers to obtain sensitive information that can be used in cyber attacks.

Bill Gertz   Email Bill | Full Bio | RSS
Bill Gertz is senior editor of the Washington Free Beacon. Prior to joining the Beacon he was a national security reporter, editor, and columnist for 27 years at the Washington Times. Bill is the author of seven books, four of which were national bestsellers. His most recent book was iWar: War and Peace in the Information Age, a look at information warfare in its many forms and the enemies that are waging it. Bill has an international reputation. Vyachaslav Trubnikov, head of the Russian Foreign Intelligence Service, once called him a “tool of the CIA” after he wrote an article exposing Russian intelligence operations in the Balkans. A senior CIA official once threatened to have a cruise missile fired at his desk after he wrote a column critical of the CIA’s analysis of China. And China’s communist government has criticized him for news reports exposing China’s weapons and missile sales to rogues states. The state-run Xinhua news agency in 2006 identified Bill as the No. 1 “anti-China expert” in the world. Bill insists he is very much pro-China—pro-Chinese people and opposed to the communist system. Former Defense Secretary Donald H. Rumsfeld once told him: “You are drilling holes in the Pentagon and sucking out information.” His Twitter handle is @BillGertz.

×
THE MORNING BEACON DAILY NEWSLETTER
MAKES IT EASIER TO STAY INFORMED
Get the news that matters most to you, delivered straight to your inbox daily.

Register today!
  • Grow your email list exponentially
  • Dramatically increase your conversion rates
  • Engage more with your audience
  • Boost your current and future profits