Not So Anonymous

04.08.13

Why #OpIsrael Was an #OpFail

Hackers threatened to ‘wipe Israel off the Internet.’ That so did not happen. Eli Lake talks to the hackers who launched the counter-offensive.

It was supposed to be a debilitating assault on Israel’s Internet. On Sunday—timed to coincide with Holocaust Remembrance Day—hackers affiliated with the collective, Anonymous, launched #OpIsrael, an attack that promised to “wipe Israel off the internet.”

130408-Lake-Hacking-Israel-embed
Palestinian youth look at a screenshot depicting the "#Op_Israel" campaign launched by the activist group Anonymous in Gaza City on April 7, 2013. (Said Khatib/AFP/Getty)

A message purporting to be from Anonymous on the anti-secrecy website, Cryptome, threatened to expose the coordinates of “special buildings” in Israel so the next time Hamas fired missiles they “wouldn’t land in desert or ocean.”

So far, OpIsrael appears to be an OpFail. As of Monday, no major sites were shut down or defaced, says Ronen Kenig, director of security solutions for Radware, a cyber-security firm that has analyzed attacks on the Israeli Internet. Though OpIsrael claimes to have done damage to more than 100 websites in Israel, including the press office for the Israel Defense Forces, Kenig says he has seen no evidence of that. “From the hackers’ point of view it’s a total failure at this point,” Kenig said in an interview.

Instead of taking the Jewish state offline, the attack from Anonymous roused a group called IsraeliElite, comprised of a dozen pro-Israel hackers. One of the founders, who calls himself Mitziyahu, told The Daily Beast that the group formed on April 5, a few days before the OpIsrael attack, as a way to restore the confidence of Israelis in its own hackers. 

While Israeli websites had been attacked in the past by Anonymous, IsraeliElite noticed that Israelis were more worried about the pending cyber-attack this time around.

“Most Israeli hackers acknowledged the fact that the Arab hackers are... well not smart,” Mitziyahu said. “So we did nothing. But this time, the public got scared, so we set out to regain their confidence.”

IsraeliElite attacked a string of sites, according to its own releases sent out on Pastebin, a posting site favored in the past by Anonymous and its spin-off groups like Lulzsec. In a process known as “doxing,” the group revealed the online identity of an anti-Israel hacker. The group also claims to have infiltrated a series of Palestinian Authority websites as well as an Iranian bank, a Pakistani bank, and websites affiliated with the government of Turkey.

The group says it then brought down websites affiliated with Hezbollah and the Syrian government through a distributed denial of service attack, or DDOS. These attacks flood a server with junk requests until it can’t perform basic functions for normal users, and eventually shuts down.

“Most Israeli hackers acknowledged the fact that the Arab hackers are ... well not smart,” Mitziyahu said.

In the interview, Mitziyahu would not say much about his identity. He said he’s not a “white hat,” or a hacker who works to identify system vulnerabilities for the government or private companies. “Technically I launched the idea, but it was a joint venture of some very old friends,” Mitziyahu said, siting the screen names of several of his cohorts, including Oshrio, xxtr, Kavim, md5c, bl4z3, gal-, Buddhax, Mute, gr1sha, nyxman, amenefus, TheD34thAngel, Aph3x and TGOH.

In another move, IsraelElite says it tricked some of the OpIsrael hackers into attacking the website of Btselem, an Israeli peace group that documents human rights violations in the Palestinian territories.

Uri Zaki, the director of Btselem USA, said Monday that his website was attacked and that it went down briefly. At first, he thought the attack was from OpIsrael, but when he learned the group was potentially gulled into attacking the website by the pro-Israel hackers, he said, “These right-wing hackers are not any better than these groups who use this cyber terror.”

On Cryptome, OpIsrael claimed to have access to files from an Israeli security company known as Decell Inc., which it said was a company owned and operated by Israel’s ministry of defense. The document says Decell analyzes cell phone traffic from cars as well as GPS data for the Mossad and the Israeli internal security service. One of Decell’s engineers told The Daily Beast that it’s a privately held company, and said he did not know of any website defacement or intrusion into the network. Nonetheless, the message from OpIsrael published a list of web addresses of what it said was Decell’s client base.

Parmy Olson, the author of We Are Anonymous and a technology writer for Forbes, said the latest OpIsrael attack was a “successful trolling measure,” or the kind of attack that is aimed at angering the target but not necessarily causing permanent damage.

“It’s difficult to measure how much damage they really did,” Olson said. “A couple of years ago, Anonymous went after single target websites. They are going after all kinds of little websites now. . . .  On the other hand they have not really wiped Israel off the map, they have just caused a lot of upset.”