Middle East Cyber War Timeline (Part 5)

Click here for the Middle East Cyber War Master Index with the Complete Timeline.

This week of Cyber War on the Middle East front, has shown a slight change on the Cyber Conflict trend. For the first time since January, psyops have deserved a primary role, maybe on the wake of the video released by the Anonymous against Israel one week ago. Not only the Jerusalem Post calls the video into question, but also argues that it may have been forged by Iran, identifying a state sponsored impersonation behind the entry of Anonymous in this cyber war.

But this has not been the only psyops event as an alleged message from Mossad to the Anonymous has appeared on pastebin, whose beginning sounds like a dark warning: If you want to be a hero start with saving your own lives. Although there are many doubts on its truthfulness, it deserves a particular attention since outlines a new age on psyops, what I call “pastebin psyops”.

But a war is not made only of psyops, so this week has also seen more hostile actions, among which the most remarkable one has been the leak of 300,000 accounts from Israeli Ministry of Construction and Housing. This action had been preannounced by a wave of attacks on primary Israeli sites (which targeted also the PM site), and most of all, has been carried on by 0xOmar, the absolute initiator of this cyber conflict.

Palestine has been targeted as well, and it is really interesting to read under this perspective a statement by Ammar al-Ikir, the head of Paltel, the Palestinian telecommunications provider according to whom cyber attacks on Palestinian websites and internet servers have escalated since Palestine joined UNESCO.

On the Iranian front chronicle report of a failed cyber attacks againstPress TV, Iran’s English-language 24-hour news channel and most of all of a controversial statement by Gholam Reza Jalali, a senior Iranian military official in charge of head of the Iranian Cyber Intelligence, according to whom the country’s nuclear facilities have finally been made immune to cyber attacks. And it is not a coincidence that in this week Iran has kicked off the first national conference on Cyber Defense. A matter that deserves a special attention by Tehran because of the growing number of attacks on Iran’s cyber space by US and Israel. On the other hand, Israel did a similar move one month ago, at very early stage of the cyber conflict.

(more…)

Continue ReadingMiddle East Cyber War Timeline (Part 5)

Exclusive Infographic: All Cyber Attacks on Military Aviation and Aerospace Industry

Cross Posted from TheAviationist.

2011 has been an annus horribilis for information security, and aviation has not been an exception to this rule: not only in 2011 the corporate networks of several aviation and aerospace industries have been targeted by digital storms (not a surprise in the so-called hackmageddon) but, above all, last year will be probably remembered for the unwelcome record of two alleged hacking events targeting drones (“alleged” because in the RQ-170 Sentinel downed in Iran episode, several doubts surround the theory according to which GPS hacking could have been the real cause of the crash landing).

But, if Information Security professionals are quite familiar with the idea that military contractors could be primary and preferred targets of the current Cyberwar, as the infographic on the left shows, realizing that malware can be used to target a drone is still considered an isolated episode, and even worse, the idea of a malware targeting, for instance, the multirole Joint Strike Fighter is still something hard to accept.

However, things are about change dramatically. And quickly.

The reason is simple: the latest military and civil airplanes are literally full of electronics, which play a primary role in managing avionics, onboard systems, flight surfaces, communcation equipment and armament.

For instance an F-22 Raptor owns about 1.7 millions od line of codes , an F-35 Joint Strike Fighter about 5.7 millions and a Boeing 787 Dreamliner about 6.5 millions. Everything with some built in code may be exploited, therefore, with plenty of code and much current and future vulnerabilities, one may not rule out a priori that these systems will be targeted with specific tailored or generic malware for Cyberwar, Cybercrime, or even hacktivism purposes.

Unfortunately it looks like the latter hypothesis is closer to reality since too often these systems are managed by standard Windows operating systems, and as a matter of fact a generic malware has proven to be capable to infect the most important U.S. robots flying in Afghanistan, Pakistan, Libya, and Indian Ocean: Predator and Reaper Drones.

As a consequence, it should not be surprising, nor it is a coincidence, that McAfee, Sophos and Trend Micro, three leading players for Endpoint Security, consider the embedded systems as one of the main security concerns for 2012.

Making networks more secure (and personnel more educated) to prevent the leak of mission critical documents and costly project plans (as happened in at least a couple of circumstances) will not be aviation and aerospace industry’s information security challenge; the real challenge will be to embrace the security-by-design paradigm and make secure and malware-proof products ab initio.

While you wait to see if an endpoint security solution becomes available for an F-35, scroll down the image below and enjoy the list of aviation and aerospace related cyber attacks occurred since the very first hack targeting the F-35 Lightning II in 2009.

Of course aviation and aerospace industries are not the only targets for hackers and cybercriminals. So, if you want to have an idea of how fragile our data are inside the cyberspace, have a look at the timelines of the main Cyber Attacks in 2011 and 2012 (regularly updated) at hackmageddon.com. And follow @pausparrows on Twitter for the latest updates.

As usual the references are after the jump…

(more…)

Continue ReadingExclusive Infographic: All Cyber Attacks on Military Aviation and Aerospace Industry

Middle East Cyberwar Update (Part VI)

Looks like Israel has approached a “wait and see” strategy, as these last days of cyber war have seen almost exclusively actions against that country without any appreciable response. In a certain sense, most of all at the Israeli site, the cyber conflict seems to have fallen into a rest, even if new actors have entered the scene, as is the case of the Mauritania Hacker Team, who opened with the leak of 2500 Israeli emails and claimed to have hacked the Central Bank of Israel. Despite these events the number and intensity of the attacks is no longer that of the early days.

The frequency of the attacks has drastically fallen, even because the early cyber fighters seem to have disappeared, apart from the AlienZ who, every now and then reappear with some dumps against arab sites (and not only).

In the meantime, Iran is suffering several sparse attacks from the Anonymous, targeting that country in the name of #OpIran, and in contemporary attacks its Azerbaijani neighbors considered close to Israel.

Interesting to notice I also found evidence of internal attacks in Iran against reformist websites considered close to former President Mohammad Khatami. The storyboard follows the same line both in real and virtual world.

Apparently Israel seems not to respond to attacks. A temporary truce or a real turnaround?

(At this link you can find the complete Middle East Cyber War Update and follows @paulsparrows for the latest updates.)

(more…)

Continue ReadingMiddle East Cyberwar Update (Part VI)

Middle East Cyber War Update (Part VII)

Updated on March 11 to include the latest cyber attacks to Israeli Websites by @CabinCr3w and Anonymous Crkvina

As reported on the last update, it looks like the Cyberwar between Israel and the Middle East (most of all Iran) has come to an apparent truce, at least from the Israeli Site. A trend confirmed also in this last period in which Israel did not perform any Cyber action, but suffered several sparse attacks (mostly defacements) and a new DDoS against AIPAC (American Israel Public Affairs Committee) with a new threatening message from the Anonymous. In the same time, many other countries all over the world suffered cyber attacks in name of the so-called #OpFreePalestine. These attacks were mainly carried on by a crew called Pak Cyber Pyrates who also defaced the isreaeldefenceforces.com webiste.

Is the static position of Israel a possible prelude for an Israeli Military Action against Iran in the real space? According to a panel of experts the  chance that the United States or Israel will strike Iran in the next year is 48 percent.

But Israel and Iran are not the only unstable zones in the Middle East Cyber Space: a new cyber war front is raising in Lebanon, which has become the target of several cyber-attacks, carried on by hacktivist hacking groups stressing the need of more democracy, rather than by foreign countries.A front joined by the Anonymous who declared the start of #OpLebanon.

Last but not least, although not reported on the chart, I also found a Lebanese Cyber Army that hacked several Facebook accounts belonging to Israeli people.

At this link the complete timeline at the Middle East Cyberwar Timeline and follow @paulsparrows for the latest updates.

(more…)

Continue ReadingMiddle East Cyber War Update (Part VII)

Middle East Cyber War Timeline (Part VIII)

This last week has seen some remarkable events an undoubtable revamp of data leaks inside the Middle East Cyberwar.

Not only the infamous 0xOmar, the initiator of the Middle East Cyber War, reappeared, leaking alleged secret data from some Israeli Virtual Israeli Air Force School websites; but also the Pakistani zCompany Hacking Crew has re-entered the scene unchaining the original weapon, that is the Credit Card leak. As a matter of fact ZHC published 5,166 records containing working credit cards, usernames, emails and addresses of individual supporters of the Zionist Organisation of UK & Ireland (zionist.org.uk).

On a different front, the massive defacements of websites all over the world in support of #OpFreePalestine continued. Under the label of the same operation, the Anonymous also “doxed” several companies and individuals on pastebin.

As far as the two main contenders (Iran and Israel) are concerned, the strategies seem quite different.

Iran has shown a cyber activity culminated in the alleged attack against the BBC Persian Service. For this nation, it is also important to notice its “cyber autarky”, maybe a choice forced by the embargo, that led to the creation of an internal email service, in contrast to the traditional Gmail, Yahoo, etc. This happens few weeks after the decision to develop an internal Antivirus.

On the opposite front, Israel keeps on its apparent cyber silence. Is it the prelude for the feared military action against Iran?

If you want to be constantly updated on the Middle East Cyber War, at this link you find the complete timeline. Also follow @paulsparrows on Twitter for the latest updates!

(more…)

Continue ReadingMiddle East Cyber War Timeline (Part VIII)

Middle East Cyber War Update

Another week of Cyber War in the Middle East…

Another week in which pro Israeli hackers seem to have disappeared, and hence have apparently left the scene to Pro Palestine hackers, although not so many high-profile actions have been reported in this period. The only exception to this schema is represented by Mauritania Hacker Team who dumped 4000 login accounts from Microsoft Israel Dynamics CRM Online website. This action is particularly significant… Not because it targeted a Cloud service, and not even because it targeted a Microsoft Cloud Service, but most of all because on the wake of the multiple dumps performed by Pro Arab hackers against Israel (among which the dump to the Microsoft Cloud Service was only the latest), the Israel’s Justice Ministry has releases guidelines forbidding unnecessary collection of personal national identification numbers. This is the first time in which the aftermath of a Cyber War has direct implications on everyday life.

From this point of view the wars fought on the cyber domain are completely different from the wars fought on the real world… In the cyber battlefield the civilians are the primary targets (since they have their personal data dumped) and not collateral victims…

Read the complete timeline of the Middle East Cyber War at this link and follow @paulsparrows on Twitter for the latest updates.

(more…)

Continue ReadingMiddle East Cyber War Update