Yesterday was the official Independence Day of Israel, and the event was "celebrated" in typical style by malicious hackers.
In other words, the Facebook account of Israel's Prime Minister was hijacked (albeit briefly) by unauthorised parties who managed to update it with a video of prayers at a mosque, accompanied by Arabic verses from the Quran.
At the same time, the official personal website of PM Benjamin Netanyahu was also briefly knocked offline, seemingly by a distributed denial-of-service (DDoS) attack.
Anonymous Sudan, the group which claimed responsibility for the attacks, is also thought to have been behind other attacks on Wednesday against Israeli targets - which included swamping the websites of Haifa Port and the Israel Ports Development company, which manages the country's ports, with unwanted web traffic and making them inaccessible.
On Monday the same group claimed that they had managed to also bring down the websites of the National Insurance Institute and Israel's spy agency Mossad.
What's important to realise about these denial-of-service attacks launched against websites is that it does not mean that hackers have managed to compromise systems, or gained access to any sensitive information.
Many websites are little more than a glorified leaflet, providing information for its visitors. Yes, for the duration of a DDoS attack, it may be difficult to successfully visit a webpage and read what it has to say. It's certainly disruptive, but for a website that doesn't provide critical information that people rely upon, for or a website that doesn't rely on working properly in order to generate income, it's hardly critical.
It's also a much easier attack to pull off than, say, intruding into a system after stealing passwords, or exploiting a vulnerability to gain unauthorised access to an organisation's infrastructure.
This probably is the reason why many people involved in hacktivism engage in rudimentary DDoS attacks rather than something more spectacular. The simple truth is that it's easy to do, and - when your victim is something like the Israeli Prime Minister or the website of his intelligence agency - yet still likely to generate headlines.
What is of more interest to me, though, is the hack of Benjamin Netanyahu's Facebook account. Although I suspect the Israeli Prime Minister probably doesn't use the account himself, and most likely has minions who have permission to post on his behalf, I am curious to know how it was breached.
According to media reports, the hackers are said to have exploited "a Facebook feature that allows collaboration between pages" to post the unauthorised content.
That sounds to me like a failure of Netanyahu's social media team to properly lock down Facebook's settings - which should have been able to control who could share contact with the page.
No doubt investigations into that are taking place right now, and hopefully care will be taken to reduce the chances of a similar attack succeeding in future.
tags
Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.
View all postsSeptember 06, 2024
September 02, 2024
August 13, 2024
July 25, 2024