Cyber-attacks strike Israeli stock exchange, airline, banks

Israel/Palestine
on 59 Comments
The Tel Aviv stock exchan 007
The Tel Aviv stock exchange was targeted by hackers. Photograph: Oliver Weiken/EPA

The websites of Israel’s national carrier El Al Airline, the Tel Aviv Stock Exchange, and the First International Bank of Israel including two subsidiary banks were all paralyzed on Monday by a cyber attack.

A hacker (or network of hackers) identified as “Nightmare” was the culprit, according to an email exchange between the Jerusalem Post and the hacker 0xOmar who claimed this attacker “answered his call to attack Israel”.

This cyber attack follows on the heels of two others previously reported here; the “Gaza Hackers Team” who took over the Israeli fire services website, as well as hacker 0xOmar’s cyber attack on Israeli online shoppers .

The websites affected today were targeted by a DOS attack– denial of service–in which computers taken over by trojan horses were ordered to visit the targeted websites. The result was flooding the servers with requests, thereby making them unavailable to legitimate users.

Boston Globe:

JERUSALEM—A hacker network that claims to be based in Saudi Arabia paralyzed the websites of Israel’s stock exchange and national airline on Monday, escalating an international cyber war that has jolted this security-obsessed country.

(clip)

On Monday, El Al Israel Airlines took down its website after hacker OxOmar, who has been linked to the Saudi group, warned that both sites would be targeted by allied pro-Palestinian hackers, a person close to the company said. The source was not authorized to speak to the media and requested anonymity.

Guardian:

Stock trading and El Al flights operated normally despite the disruption, which occurred as Israeli media reported that pro-Palestinian hackers had threatened at the weekend to shut down the Tase stock exchange and airline websites.

“They have demanded an apology for Israel’s defensive measures,” the deputy foreign minister, Danny Ayalon, said on his Facebook page, alluding to the conflict with Palestinians.

The Jerusalem Post‘s email exchange with hacker 0xOmar offers a more explicit explanation of that demand:

“I’ll hack Israeli servers and publish their data, I’ll publish credit cards. Imagine every possible Cyber Attack, I’ll do it. There is no end for it, but if Israeli authorities ask for apologize [sic] for their genocide in Palestine and Gaza, I’ll reduce attacks,” the hacker said.

Asked by the Post whether he was concerned that Saudi nationals and other Arabs could be caught up in a retaliatory strike by a network of Israeli hackers, 0xOmar dismissed the threat, saying, “No one from my country would suffer!” He dismissed the publication of hundreds of Saudi credit cards by the Israeli hackers last week as ineffective.

Hamas spokesman Sami Abu Zuhri, speaking from Gaza, characterized the cyber attack as:

“a sign of the Arab youth’s creativity in inventing new forms of Arab and Islamic resistance against the Israeli occupation.

“Hamas praises the Arab hackers and calls on the Arab youth to play their role in cyberspace in the face of Israeli crimes,”

Check out for Al Akhbar’s interview with the elusive Saudi hacker 0xOmar.

About Annie Robbins

Annie Robbins is Editor at Large for Mondoweiss, a mother, a human rights activist and a ceramic artist. She lives in the SF bay area. Follow her on Twitter @anniefofani

Other posts by .


Posted In:

59 Responses

  1. Shunra
    January 17, 2012, 10:07 am

    That’s an odd choice of targets, isn’t it?

    Wouldn’t you think a serious hacker would put out of commission sites that have more to do with the actual business of occupation? Like, say, the pretty-much unprotected sites of settlements, the online forums where price-tag attacks are discussed, and the sites that post the Jewish-law justifications for attacks on Palestinians?

    There is something very Israeli about the whole way this is done, and I don’t just mean the fact that the IP addresses doing the DDOS were from Israel (which, apparently, they were, according to reporting in Haaretz.)

    False flag own-goal? Lying is, after all, Israel’s first weapon.

    • Shmuel
      January 17, 2012, 10:19 am

      I know what you mean, Shunra. These targets are too perfect – the only things that Israel’s elite actually cares about (money, travel and … money). If it wasn’t an inside job, whoever did it had top notch info on what makes Israeli society tick. The Israelis that “count” don’t give a damn about the occupation, but touch their portfolios or shopping weekends in Europe and they panic.

    • MRW
      January 17, 2012, 10:20 am

      Shunra, interesting: “There is something very Israeli about the whole way this is done, and I don’t just mean the fact that the IP addresses doing the DDOS were from Israel (which, apparently, they were, according to reporting in Haaretz.)”

      What if it is Ayalon’s son and it’s coming from his own house.

      • Shunra
        January 17, 2012, 11:29 am

        Only if Ayalon lives in Pi Glilot, where the infamous 8200 signal intelligence unit is stationed.

      • Shmuel
        January 17, 2012, 11:55 am

        Ayalon lives in the ethnically cleansed village of Ijzim (now Kerem Maharal), near Haifa: http://www.palestineremembered.com/Haifa/Ijzim/

      • Annie Robbins
        January 17, 2012, 12:07 pm

        thanks shmuel and shunra

    • Annie Robbins
      January 17, 2012, 10:22 am

      shunra, kershner @ the nyt opens with:

      Israel faced an escalating cyberwar on Monday as unknown attackers disrupted access to the symbolically strategic Web sites of the Tel Aviv Stock Exchange and El Al, the national airline.

      iow, it was primarily symbolic. there wasn’t much damage done.

      as far as the false flag thing, i just don’t know. this is a really really volatile pr time given that jan 26th is coming up. lots of fancy framing is going on right now wrt negotiations.

      which reminds me i better get on that…

      • Shunra
        January 17, 2012, 11:27 am

        While El Al and the stock exchange are certainly symbolic for Israelis (and possibly for U.S. Jews), they don’t (as far as I can tell) carry any special relevance in the mechanism of occupation nor in the daily oppression of people purportedly having full citizenship.

        It reminds me very much of the choice of National Enquirer for the oh-so-scary anthrax attack, in October 2001 (just after 9/11) – the clue for that being an inside job was, for me, the choice of a target that was a significant gadfly in the U.S. but basically unknown outside it. Too perfect.

        As to Kershner, I find her assessments exactly as impressive as her journalistic integrity – not at all. It seems to me that she thinks like an Israeli or American (as the “hackers” seem to be), not like a Palestinian nor like someone with solidarity for Palestinians.

      • Annie Robbins
        January 17, 2012, 11:49 am

        As to Kershner, I find her assessments exactly as impressive as her journalistic integrity – not at all.

        yep. i still think it was primarily symbolic tho.

        symbolic for Israelis (and possibly for U.S. Jews)

        you forgot someone. the average american, the average non jew. the average joe. airline/ stock exchange sounds inflammatory. even more inflammatory is the oxOmar’s rhetoric in the online engagement with jpost (in the blockquote above)

        Israeli authorities ask for apologize [sic] for their genocide in Palestine and Gaza

        if nothing else, this is a PR boon for poor lil israel. (check witty’s 11:28 am comment)

        iow, good call

      • Annie Robbins
        January 17, 2012, 11:51 am

        here’s what i can’t figure out shunra. i am not very tech savy but isn’t israel supposed to be the most happening techies place on the planet. what’s taking them so long? the fbi would have had this figured out in a nano second.

      • American
        January 17, 2012, 12:00 pm

        Israel says it is planning another Gaza attack…..similar to Cast Lead so could be false flag excuse.

      • Annie Robbins
        January 17, 2012, 12:06 pm

        american, if it is a false flag i think it’s probably more aliened with propping up israel’s victim status going into the quartet deadline. not the deadline so much as the possibility palestinians will proceed w/the UN bid, that would be symbolically hell for israel. i predicted they would be pulling out all the stops on this one. not so sure another gaza massacre would be beneficial for their reputation right now or on the immediate agenda. oh, i heard their next meeting in jordan is the 25th, one day before the deadline. the screws will be applied.

      • Shunra
        January 17, 2012, 1:00 pm

        Yup. PR boon for Israel. Yet another clue as to the affiliation of the perpetrators.

      • Shunra
        January 17, 2012, 1:03 pm

        My initial working assumption is that if I hear a statement from Israel, it’s probably incorrect (either intentionally or otherwise).

        I see no reason to change my assumption in this case.

      • Annie Robbins
        January 17, 2012, 1:26 pm

        always assume a liar is lying unless evidence points to the contrary. especially professional liars who invest millions in duping others.

    • Avi_G.
      January 17, 2012, 1:37 pm

      Shunra,

      Though I have yet to form an opinion on the latest wave of hack…ings?
      Anyway, there is the possibility that they hacked into those companies and institutions because they were the most vulnerable as they are highly connected to the telecommunications network.

      I’m speculating, but if those hackers are not picking and choosing their targets, then they are hacking whatever is most vulnerable.

      Consider this analogy, if a burglar were attempting to enter into a building, which would he prefer, one where there are 500 residents, each with his/her own set of keys — which increases the likelihood of one of them losing the keys, getting them duplicated at a local hardware store, etc.. — or a building in which only one person resides and whom the doorman knows very well? I think the burglar would prefer the building that has more potential vulnerabilities. I’m just thinking outloud here.

      • Shunra
        January 17, 2012, 2:13 pm

        Personally, I’d avoid breaking in to people’s homes and stores, actually, Avi.

      • Avi_G.
        January 17, 2012, 2:58 pm

        Sure, in an ideal world, yes. But if one is a kleptomaniac? ;)

      • Shunra
        January 17, 2012, 9:23 pm

        Perhaps, in such a case, one should steal quietly into the office of a psychiatrist? (there was a lovely story about that in Fantasia 2000, back in the 80s.)

      • Annie Robbins
        January 17, 2012, 10:07 pm

        i’d choose the one with 500 residents.

  2. American
    January 17, 2012, 10:11 am

    They should hack Israel’s central bank..transfer all their money to Isle of Man, Belize or some other non cooperative country.
    It would be great if war could be confined to bloodless financial cyder warfare.
    BTW….somewhere, while looking for anonymous, I read that people can volunteer their computers for DOS attacks. Anyone know anything about that?

    • seafoid
      January 17, 2012, 11:35 am

      Great suggestion, American.

      Send all the money to the central bank of Zimbabwe

      • piotr
        January 17, 2012, 5:34 pm

        Throw all the money to Caymans! Or give it to Bernard Madoff to invest… they will never find it.

  3. justicewillprevail
    January 17, 2012, 10:31 am

    Well I don’t see how Israel can complain at all, since it specialises in this type of activity itself, from stuxnet to bombarding sites it doesn’t like with cheap propaganda. Not to mention its ownership of foreign telecoms networks with access to their contents.

  4. Les
    January 17, 2012, 10:50 am

    Israel is more recently famous for committing terrorism rather than being a victim of what our media will call terrorism. This may help to get SOPA and PIPA passed by our Congress which remains Washington’s largest whorehouse.

  5. Kathleen
    January 17, 2012, 10:57 am

    The pathway that Mossad has been taking would not put this past them.

    Although have always been intrigued with that four part Fox News report by Carl Cameron just after the 9/11 attacks about Israeli owned communication and datamining systems and a back door that was allegedly infiltrated

    • American
      January 17, 2012, 11:44 am

      Mossad is highly overrated. Comes from two things I think….their need to brag about and hype themselves and the fact that what they do always screams Israel.
      Smart groups like the Russian KBG on the other hand never really get nailed down because they don’t advertise their prowess or use only one mo.

  6. HarryLaw
    January 17, 2012, 10:58 am

    Annie, I heard the Israelis have delivered their proposals to the Quartet, Mr Chutzpah for the Israelis handed Tony Blair a Hebrew Bible and said all our border proposals are in there.Mr Blair thanked him for the reasonable proposals and said this proves the Israelis good intentions towards peace. Mr Blair would not discuss the contents because they need to consult with Egypt, Jordan, Saudi Arabia,Kuwait, Iraq, Syria and Lebanon since they may have to cede parts of their Territory to Israel, but don’t worry no big deal, its mostly only desert.

    • Annie Robbins
      January 17, 2012, 11:35 am

      i’d wager you heard wrong harry. i’m working on a draft about this very thing right now and last i heard the only thing israel has turned in is a ‘position paper’ , 21 pt plan
      as a prelude to potential talks. nothing about borders or anything. the israelis are trying to squiggle around the deadline by setting their own delayed deadline by starting the threee months when the ‘new negotiations’ allegedly started recently. this is not a proposal that meets any of the quartets requests. if you have a link dig it up, i will be happy to add it to the array of hasbara links i’ve assembled today to demonstrate the lengths israel has gone to for the purpose of appearing to be cooperating, but they aren’t. at least not in relation to the quartets original request.

      of course the quartet could be molding a new position to conform with israel. that wouldn’t surprise me. but i will eat my words and forever have egg on my face if israel turned in anything resembling “border proposals”.

      balls in your court.

    • Kathleen
      January 17, 2012, 2:51 pm

      Is Blair an Evangelist? I think I remember reading something about this

  7. Richard Witty
    January 17, 2012, 11:28 am

    Its not dissent. Its an act of war.

    It is not directed at any specific military threat to anyone. In that light it is an attempt at collective punishment.

    It shouldn’t be applauded.

    • justicewillprevail
      January 17, 2012, 11:56 am

      you have adopted an entirely ridiculous interpretation of ‘collective punishment’, one not recognised by anybody save your fantasy logic. Are you trying to debase the term, or do you think you sound terribly clever? Either way it is a laughable use of the term, and no, it doesn’t score you any points, just makes you seem unable to use language with any degree of precision or understanding.

    • American
      January 17, 2012, 11:56 am

      Richard Witty says:
      January 17, 2012 at 11:28 am

      Its not dissent. Its an act of war”

      se taire!, σκάσε!, chiudere!, kjeft!, den Mund halten!
      You are the __ who said bombing Iran’s facilities wasn’t an act of war.

    • goodman
      January 17, 2012, 12:00 pm

      But, you have no problem supporting the blockade on Gaza. Go figure! Is this yet another manifestation of the effects of Ziocaine?
      http://mondoweiss.net/2011/01/gisha-israeli-flotilla-inquiry-cannot-authorize-the-collective-punishment-of-a-civilian-population.html/comment-page-1#comment-270899

      • Richard Witty
        January 17, 2012, 3:23 pm

        It doesn’t attack the party that is objected to, only civilians.

        “Collective punishment”.

        Its malicious destruction. Simple.

        Make the better argument already.

      • Shingo
        January 17, 2012, 6:51 pm

        Its malicious destruction. Simple.

        Israel is the champion of collective punishment Witty. Make the better argument already.

      • straightline
        January 17, 2012, 7:38 pm

        Look guys, stop being so silly. Witty’s logic is clear – love that word taught to me by eee.

        Collective punishment means that it makes life a little inconvenient for ONLY civilians. If you bomb a region and kill many civilians and a few military that’s ok.

        If you kill a nuclear scientist because there is a possibility that the project he is working on might at some future stage if required for the defense of the country develop into one that makes nuclear weapons then that’s fine.

        If you drop thousands of cluster bombs on a country within hours of an upcoming agreed ceasefire that’s fine because while it will undoubtedly maim and kill many innocent people it might just kill a soldier of the side that you are agreeing the ceasefire with.

        You just have to understand Witty’s logic and stop being hard on him.

      • eljay
        January 17, 2012, 7:41 pm

        >> Israel is the champion of collective punishment Witty. Make the better argument already.

        Zio-supremacists excuse themselves from having to make better arguments. Probably because they suffer from a Holocaust-related “collective psychological complex”.

      • justicewillprevail
        January 18, 2012, 6:04 am

        Richard, you are making yourself even more ridiculous. That is not ‘collective punishment’, merely your (deliberate?) misuse of the term, no doubt as a feeble effort to equate a hacking incident, which has caused no harm to anybody, with the very real collective punishment by the Jewish State of innocent Palestinians which, unlike your example, is vicious, life-threatening, inhumane and illegal. And tacking on your favourite cliche about a ‘better argument’ is facile in the extreme, when you are incapable of making a coherent argument yourself. You appear unable to grasp the implication of the words you use so randomly and illogically.

      • Richard Witty
        January 18, 2012, 6:34 am

        Don’t make my points for me Justice and Eljay.

        My point is that any collective punishment is wrong.

        In the present, the Palestinian “yishuv”, there are other options than punishment and warring to accomplish Palestinian rights.

        As Zionists that engage in collective punishment HURT the Zionist cause, Palestinian solidarity that attempt it, do as well.

        Dangerous “friends”.

      • justicewillprevail
        January 18, 2012, 1:40 pm

        My point, for the third time, is that this hacking incident is not, by any measure, ‘collective punishment’. Nobody is putting words in your mouth, you are putting them there along with your foot, which is why your claims are absurd.

  8. annie bis
    January 17, 2012, 11:35 am

    If this is not an inside job, the game is dangerous. The demands are not even serious.

  9. HarryLaw
    January 17, 2012, 12:05 pm

    There is one thing for sure Israel will never delineate its Internationally recognised [in law] borders , to do so would be to reject its never to be set aside claim to the whole of the Land of Israel, Home rule of some kind in Bantustans with no sovereignty is all they will agree to and all within Israels territorial claim. My earlier comment was of course in jest.

  10. JohnAdamTurnbull
    January 17, 2012, 12:15 pm

    The speculation that his is a false-flag operation can’t be disproved, but it seems much less likely than the surface story. The fact that many of the attacking IPs were in Israel is due to the nature of a denial of service attack; you need a lot of unprotected computers that are geographically close to the target servers. I suppose that if you were in Saudi Arabia, you might have less to work with. In any case, the attacking bug spreads itself — once you let it out, it will go where people allow it to go, usually to their friends’ unprotected machines.

    By the way, the hacker’s name is 0xOmar (with a leading zero — not an “o”). It’s kinda of a geeky pun, a reference to the “hexidecimal encoding” that most machines use to represent values.

    • Annie Robbins
      January 17, 2012, 12:30 pm

      By the way, the hacker’s name is 0xOmar (with a leading zero — not an “o”)

      thanks john, will edit accordingly.

    • piotr
      January 17, 2012, 5:41 pm

      What values can be represented with 0x prefix? Honesty, charity, generosity? Perhaps thrift … you can save some bytes.

  11. HarryLaw
    January 17, 2012, 12:31 pm

    Deputy Foreign Minister Danny Ayalon has said” these cyber attacks are a breach of sovereignty comparable to a terrorist operation and must be treated as such”,and “Israel has active capabilities for striking at those who are trying to harm it, and no agency or hacker will be immune from retaliatory action” BBC news Middle East 7th Jan 2012. All the usual threats and arrogance from that cesspool of Humanity Ayalon. People all over the world are planning worse things for this rogue state, the CIA gave Israel 20 years, thats far too generous.

    • MRW
      January 17, 2012, 9:32 pm

      Anyone notice that whatever curtailing of our freedoms here starts in Israel? Could this be tied to trying to get the net (here in the US) curtailed through phony cyber attacks?

      We now have Israeli-style airport procedures. We now have local law enforcement using Israeli-style tactics on our streets. We now have Israeli-style indefinite detentions of people deemed by an elected or appointed official an ‘enemy combatant’.

      Cyber attacks are now Terrorist Operations? Oh, please. How about it’s bad coding and poor SOP computer security on your part. How about it’s your sloppy fault.

  12. HarryLaw
    January 17, 2012, 12:44 pm

    Incidently Ayalon unfortunately may have a point on the terrorism angle,In the UK our terrorism Act 2000 Interpretation says [1] in this act “terrorism” means the use or threat of action where- [e] is designed seriously to interfere with or seriously to disrupt an electronic system.

    • MRW
      January 17, 2012, 9:38 pm

      Yeah, but what if it’s kids who just want to have fun. A lot of these electronic systems are decades old with patched code created with out-of-date compilers. Don’t buy this bullshit.

      These governments should be made to made to prove their systems are deemed impenetrable before slapping a terrorism label on them if they are breached. It’s like calling a burglar a terrorist because he came in through an open window.

  13. split
    January 17, 2012, 5:17 pm

    “Cyber-attacks strike Israeli stock exchange, airline, banks” – Israeli hackers claim that they have hit Saudi stock exchange – Now imagine that this so called “Saudi” hacker ‘0xOmar’ is an Iranian agent ,…

    • pineywoodslim
      January 17, 2012, 8:23 pm

      “Now imagine that this so called “Saudi” hacker ’0xOmar’ is an Iranian agent ,…”

      Well, I would imagine then that he/she is collecting a bonus.

      • split
        January 18, 2012, 2:50 am

        Hey I wouldn’t be surprised if this was an Iranian payback for Stuxnet that the zio-freaks were bragging about in Jewish media ,…

  14. piotr
    January 17, 2012, 5:37 pm

    Harry, but what if an action, rather that disrupting an electronic system seriously, does it hilariously?

    Without jokes, the hack sites were not related to security of flights etc. but to PR.

  15. MRW
    January 17, 2012, 9:46 pm

    What’s their operating system? What are they coding in? What language were they written in? English? Hebrew? How many systems are patched together? Who patched them and when? What compilers were used? When was the last time they were updated? Who did it, and what were their credentials?

    This story is lacking so many fundamentals that it is impossible to take it seriously.

    Something gets breached and it’s the attacker who’s to blame? A basic police report would contain more information about the nature of the breach, and don’t tell me its national security not to discuss the details because that BS doesn’t fly in an open source world. (Just read discussion of discussion of security holes on the web. Any serious researcher identifies the offending code, and explains why it was breachable.)

    The more I think of it, this is a gigantic bamboozle with a bunch of “Umm’s.” And there is an ulterior motive. Don’t fall for it. It’s a lot of hand-waving with no fundamental facts.

    • CloakAndDagger
      January 18, 2012, 1:18 am

      My understanding is that this was a fairly simple (and primitive) DOS (Denial of Service) attack (SYN flood). These are trivial to block.

      Which begs the question, why?

  16. HarryLaw
    January 18, 2012, 4:39 am

    MRW and PIOTR Re the hacking of electronic systems, I rather foolishly engaged my keyboard before my brain, on reflection I would regard these electronic attacks as a legitimate act of resistance from freedom fighters or probably belligerent reprisal might be the better and more appropriate descripion.

Leave a Reply