Cyber War in the Middle East
AT&T Corp. could be the next target of the hacking war which is running parallel to the violent Palestinian-Israeli conflict.
Security-information company LogiKeep Inc. said that notes posted in recent anti-Israel site defacements indicate that attacks against the telecommunications company are planned. It is the latest shot in an online war that is being fought far from Gaza and the West Bank. There are also indications that hackers are active within Saudi Arabia, although they have not been linked to the Israeli-Palestinian conflict.
The messages on the defaced sites, from a group called GForce Pakistan, suggest the group is planning to reroute traffic from AT&T (stock: T) to competitor Qwest Communications International Inc. (stock: Q). The notes predict more attacks against Israel and offer help in coordinating the actions.
More than 40 sites have been attacked by the two sides since Oct. 6, according to security consultants Infrastructure Defense Inc., Fairfax, Va.
Attacks on Palestinian websites have come from western Europe, according to Arab sources, while leading Israeli ISP NetVision claims that it has been targeted by hackers from the U.S., Germany, and Scandinavia as well as Lebanon, a center of pro-Palestinian optimism.
Pakistani involvement became apparent last week when the website of the American Israel Public Affairs Committee, a Washington, D.C. lobby group, was brought down by a hacker styling himself "Doctor Nuker," who has been responsible for more than 80 attacks over the past year under the guise of the Pakistani Hackerz Club. Contacted online by TechWeb, Doctor Nuker would not comment on his location.
Given the control that NetVision has over the Internet within the Palestinian Authority territory and Israel's sophisticated security forces, it is unlikely that pro-Palestinian attacks come from within the Authority. However, Arab sources claim Israeli universities have been the source of some pro-Israeli hacking.
LogiKeep executives speculate that AT&T attacks may stem from a request by the Israeli government for backup servers from the company. AT&T is aware of the threats and is prepared to defend its network, a company spokesman said. AT&T declined to detail what, if any, additional security steps have been taken.
Threats against AT&T come days after pro-Palestinian hackers launched a failed denial-of-service attack against Lucent Technologies Inc. (stock: LU).
Separately, TechWeb has learned that the website of a European e-tailer was subjected to an apparent denial-of-service attack late this summer originating from Saudi Arabia. No motive was apparent, casting doubt on the secretive kingdom's control of the Internet.
All international IP traffic from Saudi Arabia's approximately 27 ISPs goes through a small number of proxies at the Internet Services Unit, King Abdul Aziz City for Science and Technology, Riyadh (KACST-ISU), which says logs are kept. However, a manager at the European e-tailer said that when he asked for an investigation, KACST-ISU replied that it had lost the logs.
"This means that anybody in Saudi can do what they like and can't be traced," he said, adding: "We now block all traffic coming from their routers at our firewall."
KACST-ISU spokesman Fahad Hoymany said: "We take hacking and network abuse very seriously, and we do not tolerate that in Saudi Arabia. KACST-ISU has demanded a set of procedures be carried out by all ISPs to try to deter hacking and spamming attempts. These include anti-address-spoofing measures and logs of activities."
Regulations outlining fines and other penalties for offenders would be issued shortly, he said, adding that he was not aware of any hacking prosecutions in Saudi Arabia to date. The number of Internet users in Saudi Arabia is estimated to reach 300,000 by the end of this year. KACST-ISU figures suggest most are young, educated people connecting from home, although other reports say that Internet cafes are growing in importance. Tarik Allagany, spokesman for the Saudi embassy in Washington, declined to comment.