Small Wars Journal

‘Close the Internet’: Why the Israel National Police is Recommending Avoiding the Internet for the Next Few Days (OR NOT!)

‘Close the Internet’: Why the Israel National Police is Recommending Avoiding the Internet for the Next Few Days (OR NOT!)

Elad Popovich

On April 6th 2016, Israel Defense Forces radio station’s ‘communication, science and technology’ reporter tweeted that Israel’s National Police had recommended to its employees to avoid, as much as possible, using the internet over the next few days. The recommendation was supposedly one of the solutions to the upcoming annual cyber-attack against Israel known as “OpIsrael.”  The first OpIsrael campaign was initiated on the eve of Israel’s Holocaust Remembrance Day in 2013 (which was April 7th).

The slogan and goal of the campaign is “erasing Israel from the internet” due to its alleged crimes against the Palestinian people. Since 2013, OpIsrael attacks, have been led by several cyber collectives such as ‘Anonymous,’ ‘AnonGhost,’, ‘Fallaga Team,’ and ‘RedCult.’ In the past the attacks mainly targeted Israeli government websites as well as Israeli telecommunications and financial services. Most of the attacks used techniques consisting of denial-of-service, web intrusion, website defacement, database hijacking, and admin panel takeover.  In general, these campaigns were moderate and mostly failed to cause substantial damage to Israel.

So what, if anything changed this year?

Firstly, the OpIsrael 2016 campaign is more organized than in the past and also pre-provides a vast list of potential targets to attack, including all Israeli government ministries; the Israeli banking system (including private banks); all of Israel’s universities and colleges; as well as a variety of  financial, communication, and legal establishments. Secondly, in preparation for OpIsrael 2016, some hackers released new tools (with accompanying guidance) to extend the vectors and possibilities of the attacks.  These hacking tools are mainly directed at generating a mass amount of web-traffic that can potentially create a loss of service for users.

On the one hand, as in the past, Israel is relatively well protected against cyber-attacks, and especially well protected are its government and business sectors. On the other hand, in the cyber realm the most important protection is situation awareness – something that a lot of common users lack.

Some things are pretty obvious. It is important to change passwords. It is dangerous to open or reply to emails originating from an unknown source. It is also dangerous to open files, or even click on the links attached to these emails. In fact, these were exactly the directives given in the document, supposedly distributed by the Israeli police that was attached to the IDF’s reporter’s radio tweet.

The document also directed users to beware of phishing attacks; not to click on seductive banners or website commercials during this period; to take extra care regarding smart-phones which are more sensitive to hacking; to avoid as much as possible video chat, voice call services and applications such as Skype; and to avoid using USB Flash Drives. The document concludes that on April 7, 2016 Israeli government web payment systems will not be operating, and on other sensitive web sites; including governmental, national security organizations, and police; email addresses will be locked.

Despite all this, it seems that the IDF’s radio reporter was also hoodwinked. The document that he quoted was not distributed by the Israeli police, rather by a private Israeli marketing communications company to its own employees.

Nevertheless, the OpIsrael 2016 campaign is real and as it has occurred every second week of April for the past 4 years, Israel will suffer from cyber-attacks. Israel is ready, but the conclusion of the document mentioned above raises two other important concerns. (1) If the Israeli government periodically closes its own internet (and it’s has the ability to do so), then this will be a real victory for the OpIsrael campaign; and (2) the fact that the above-mentioned document was misunderstood and/or misquoted illustrates the power of the internet as a public terrorizing tool,  again  giving success to cyber-hacktivists.