Anonymous targets Israeli sites with DDoS attacks over Gaza conflict
The hacktivist collective started its Operation Israel campaign on Thursday and claims to have disrupted up to 100 sites
By Antone Gonsalves | CSO | Published: 11:47, 19 November 2012
Anonymous-led denial of service attacks continued unabated over the weekend against Israeli government and corporate websites in retaliation for airstrikes in the Gaza Strip.
The hacktivist collective started its Operation Israel campaign on Thursday by attacking sites that belonged to the Israel Defense Forces, the Prime Minister's office, Israeli banks, airlines, media outlets and security companies.
Anonymous claimed on a Pastebin post to have defaced or disrupted nearly 100 sites. The actual number could not be confirmed.
Related Articles on Techworld
However, the flood of Web traffic Anonymous aimed at its targets remained heavy on Friday, said Carl Herberger, vice president of security solutions at Radware, which was monitoring the attacks.
"[The attacks have] actually increased both in ferocity and in types of attack tactics," Herberger said.
Anonymous targeted Israeli govt and SMB sites
Radware was unable to say how many sites were disrupted. However, the attackers were targeting small businesses, as well as government and corporate sites.
"You'd be surprised at the sites that are going down," Herberger said. "They seem to be inconsequential in the scheme of things. It seems almost like personal vendettas."
At the same time, the attackers had taken down temporarily the Tel Aviv government website, as well as portions of the IDF site. "These are the brand name sites they've been going after, and they've been effective at it," he said.
Ideology was the most common motivation behind distributed denial of service attacks last year, according to Arbor Networks' annual Worldwide Infrastructure Security Report. The company found that 35 percent of DDoS attacks were either politically or ideologically motivated.
The attacks against the Israeli sites followed a few weeks after the online operations of major US banks were disrupted in a series of attacks. Targeted banks included Wells Fargo, Bank of America, JPMorgan Chase and Capital One Financial.
The attackers claimed to be Islamic hacktivists running a grassroots operation, but experts said the sophistication showed that they were well organised and had access to significant resources, an indication that the attacks were state-sponsored.
Dirt Jumper, ByteDos3.2, Tor's Hammer and LoIC
The latest Anonymous campaign involved a number of well-known network flood tools, such as ByteDos3.2, Tor's Hammer and LoIC, which stands for Low Orbit Ion Canon and is a favorite of the group.
The attackers were also using a more sophisticated tool called Dirt Jumper, which was used successfully in the US bank attacks, Herberger said.
"You see this over and over again," he said. "When there's been a successful set of techniques, [hackers] gather the lessons learned and leverage them the next time there's a campaign. It's almost like a military operation."
In a post on AnonPaste, Anonymous said it did not condone violence by either the Palestinians or Israelis.
"Both Palestinians and Israelis need to find common ground and end the violence that has already resulted in the deaths of innocent people, including children," the statement said. At the same time, Anonymous described the Israeli attacks on Gaza as the "racist oppression of Palestinian people."