“During last week close to a 1,000 Israeli websites were hacked, mostly unprotected sites of private people and foundations, but others as well,” Says Tomer Bakshi, head of cloud services at 2Bsecure, Metrix‘ information security and cyber firm. He also said that in those sites some belong to the government, “Where leaks of users information occured, as well as sites of Media firms and commercial firms.”
Bakshi said that the attacks “are coming from Gaza, but also from every Arab and Muslim state: Pakistan, Algier, Morroco, Indonesia, Malaysia and others, and there were attacks from Germany, the UK and the US.
Bakshi said that “the attackers we see in the last few days are divided to amateurs and professionals. The amateurs cooperate with each other and operate on public platforms such as Web forums, Facebook and Twitter – Which makes it easier to watch them and anticipate their future actions and targets. The professionals get organized in smaller and more secret forums, and are therefore harder to reach and follow. These are pre-organized groups that are trying to initiate more sophisticated attacks.”
Bakshi mentioned that the breaking to the “Statusim Metzayzim” Page (An Israeli community and entertainment facebook page consisting of more than 500,000 likes, which is considered to be one of the most active pages in Israel) for instance was sugnuficant in the technological aspect, since ut reflects an escalation of abilities. The usual automated tools were not used in this breaking, but rather a designated code that was written specific to simulate a convincing message from facebook. The hackers demonstrated good skills of social engineering as well.
To sum things up, Bakshi described the following process: “when organizations realize they have been attacked, they are required to identify where it came from, what was the breach and how it was conducted exactly. Then they have to fix it. In addition, organizations are required to list all the weak spots in their website and fix them on the app level, and then add more protection mechanisms. Our clients were attacked dozens and hundreds of times in the last week and stood strong, without a single breach.”