Annual Anonymous cyber attack against Israel April 7

'Despite meager achievements of offensive in previous years, take into account this year takes place on weekend'

Contact Editor
Mordechai Sones,

Anonymous Flag
Anonymous Flag
Anonymous under CC 2.0

This year, too, the hacker organization Anonymous has prepared for its annual OpIsrael attack, or its new name, OpIsrahell, scheduled for April 7, next Friday, for the fifth consecutive year. In a series of videos distributed on social networks and on YouTube in English, Arabic, and German, hacker groups associated with Anonymous threaten Israel with "attacking government sites, servers and databases, and disconnecting from the global Internet." The videos also call upon "activists and other subgroups of Anonymous to join us."

Cyber security corporation Celestya, developer of the Q-log system for simulating cyber attacks, has tracked and identified hundreds of groups that have confirmed their participation in the attack. The hacker group has distributed attack tools, with an emphasis on tools for DDoS attack and corruption, and attack targets designed to concentrate the attackers' efforts to achieve maximum impact - with an emphasis on government ministries and government agencies.

The groups leading the offensive this year include Anonymous groups from the Arab world, such as Anonymous Palestine, Anonymous Gaza, and others, and Western groups such as Anonymous Germany, Anonymous RedCult, AnonGhost, and MinionGhost.

The April 7 Anonymous attack was first carried out in 2013, and represents the organization's annual campaign to attack Israel in protest of what the organization calls "Israel's aggressive behavior toward the Palestinians." During the attacks, hackers and other organizations join cyber attacks against the country's Internet infrastructure, official State social media platforms, and government, public, and business websites. Most of the attacks comprise denial of service or destruction of websites, but during the day of the attack hacker groups often publish information from databases that they broke into before the attack - such as email addresses, credit card numbers, and more. In most cases in the past, the attacks were successfully repulsed and were found to have a relatively low level of sophistication, so their impact on Israel Internet activity was very low.

Limor Grossman, cyber expert and marketing and sales manager at Celestya, said, "The main difference we see from previous years is that the date of the attack this year is on a Friday, meaning that organizations are on their weekend. Despite the poor success of the attacks in previous years, we must take into account that most attacks took place on regular work days, when people and systems are on full operation, and are on full readiness to deal with an attack. The effect of the weekend can crack the readiness of organizations to attack, and this requires pre-deployment that will allow for good coping and containment."

Grossman added that "the list of targets disseminated by the attackers in the social networks includes mainly government agency websites - government ministries, government companies, the defense establishment - including the IDF and Israel Police website, WALLA!, Ynet, Sport 5, higher education institutions, and more.

"We also see that relative to previous years, the behavior of the hacker community is calm - there is no fanfare and enthusiasm that is expressed in large numbers of video views or a wide response to invitations to participate in the event pages on Facebook, except for the German branch of Anonymous where we see more interest in the attack. However, a cautionary note is also needed here - we see that more than ever, closed groups of hackers have been formed to prepare for the attack, and it can be assumed that a large part of the preparations were made by hidden and encrypted means that are not exposed to the public eye. In order to create surprises on the side of the attacked about the scope of the attack, the tools that are being used against him, and the targets.

"It is worthwhile to prepare for the attack properly, correctly, and seriously, and be prepared for the hacker's surprises," Grossman concluded. "At the same time, however, it is desirable to put the offensive into proportion and to the context of past experience, which indicates that they have not managed to develop, and even at their peak, organizational defenses were adequate to rebuff them, and the damage was marginal and minimal."

If you want to see if your organization is a target for attack, link to the targets page distributed by hacker groups for the day of the attack: Http://pastebin.com/KSHeFbNc

It should be taken into account that additional pages of targets are posted from time to time, and the fact that the name of an organization is not on the current list does not mean that the organization will not be subject to attack.

Attack estimates - English video:

Assessments for the Attack - Video in Arabic:

Attack estimates - German video: