Security Blog Log: Israeli-Hezbollah war spills into cyberspace

This week blogosphere warily watches online attacks inspired by the Mideast conflict and rants over the latest security incidents at AOL and the VA.


Security Blog Log
The war between Israel and the Lebanon-based Hezbollah militia is spilling into cyberspace, where hackers from around the world are launching Web-based assaults against anyone perceived to be on the wrong side of the fight.

It's a side battle being watched closely by security bloggers, some of whom worry that site defacements could give way to more serious cyberattacks against vital infrastructure.

The Darknet blog cited a report from the Zone-H Web site about attacks against the Web sites of NASA, the University of California at Berkeley and several military sites, including the U.S. Navy's.

"The war in Lebanon is now showing its consequences in the digital world and a huge number of Web sites have been attacked and defaced as a protest against the invasion of Lebanon by Israel," Darknet said. In one case, two NASA Web sites were compromised by a Chilean group of crackers called the Byond Hackers Crew. The group entered an SQL injection into the system and then wiped out user names, passwords and emails from the NASA Web server.

About Security Blog Log

Senior News Writer Bill Brenner peruses security blogs each day to see what's got the information security community buzzing. In this column he lists the weekly highlights. If you'd like to comment on the column or bring new security blogs to his attention, contact him at [email protected].

Recent columns:
Has CSI/FBI survey jumped the shark?

Was the analyst a VA scapegoat?

Metasploit creator promises browser flaws galore

Darknet, a group specializing in password cracking, cryptography, programming and other areas of network security, expressed surprise that Web sites from a government agency like NASA could be vulnerable in this way. "[It] seems like a pretty straightforward attack … a high-profile government site being prone to SQL injection that allows admin escalation [is] pretty bad," Darknet said.

Darknet also noted that Israeli hackers have decided to "help and join the war against Palestine."

One group calls itself IDF, or Israeli Defense Force, and has hacked dozens of sites, erasing site content and replacing it with a photo of destruction from Lebanon, where Israeli and Hezbollah forces are doing the bulk of the fighting. Above the picture, the hackers left text that read, "You touch Israel, We touch you."

"Let's hope things don't boil over to attacking power stations or anything that will cause collateral damage," Darknet said.

The keeper of the FEWL.net blog, a 23-year-old IT specialist for the U.S. Navy who only uses his first name, Jim, wrote that while the hackers claim to be protesting the war, they'd probably be defacing sites without a war for the sake of fame. He's not as worried as Darknet about the potential for more destructive attacks.

The attacks, he said, are not an impressive feat. The NASA hacks were all done via simple SQL injection, as were most of the rest. He said the Navy site that was targeted had already moved and was probably going to be shut down, and another Department of Defense site that was targeted "was just the military television's version of TV Guide."

Rants against AOL data dump; VA security woes
As some bloggers focused on cyberattacks inspired by the Mideast conflict, others were busy taking AOL and the U.S. Department of Veterans Affairs (VA) to task for putting people at risk for identity fraud.

A self-described information security investigator who goes by the online name SecurityMonkey said he was calling this week "Clueless Monkey Week" because of breaches involving AOL and the VA.

This week AOL apologized for releasing keyword search data from about 658,000 anonymous AOL users, amid growing criticism from privacy rights advocates. AOL, a division of Time Warner Inc., released data on about 20 million searches from 658,000 users of its AOL software during a three-month period. AOL spokesperson Andrew Weinstein described the incident as a "screw up" involving a research project.

Meanwhile, the VA suffered its second major security breach in three months when a desktop PC with information on up to 36,000 veterans was stolen.

In the case of the VA security breach, SecurityMonkey noted that those affected include 2,000 deceased patients from a VA medical center in Pennsylvania.

"Holy smokes. Not only is that a lot of data, but some of the victims are dead!" he said. "This is an identity thief's dream!"

Read more on IT risk management