“The cyber attacks that Israel’s various websites and internet suppliers are experiencing are some of the biggest that were ever recorded in Israel,” says Tomer Bakshi, head of cloud in 2Bsecure, Metrix‘ Information security and cyber firm.
Bakshi spoke to People and computers about the SHABAK’s official announcement regarding the ongoing attempts by hacker groups from all over the world to shut down the Israeli Internet.
“It was a DDOS attack with traffic of more than 1 TB, that consisted of tens to hundreds of thousands zombie servers, each with more resources than a personal computer and with a larger bandwidth, capable of causing bigger damage,” said Bakshi, also adding that The specific attack that targeted Netvision was on its DNS servers, meant to cause severe overload on the line leading to those servers. It is comparable to a hose that’s being filled so you can’t use it to stream water.”
Bakshi explained that “The damage made by this kind of attack is double – al the clients of the supplier (Netvision in this case – O.P.) are having trouble accessing the web. In addition, all of the websites who are hosted with the supplier are suffering, since surfers are having trouble in accessing them.”
“Netvision dealt with the attack by blocking communication from abroad, singling out the servers that attacked it and blocking them specifically. That way they managed to deflect the problem before it reached Israel. The attacks on Triple C and Bezeq International were less significant,”, added Bakshi.
He noted that this kind of attacks are gaining more capabilities and sophistication with time: “In the past we saw attacks in which a hacker used to call out ‘take a tool and participate in an attack against Israel’. Now, a hacker first find a weakness, say WordPress content management system, and it allows him to attack the multitude of sites using it and that has the same weakness, and than use this to attack a strategic site – being security related, government or financial.”
“The groups in the current wave of attacks are not necessarily from a specific country. They spread out, and we don’t know their geographic location – only that they support the Palestinians and that they communicate between them over Facebook and Twitter. We predict that these attacks will continue and grow in volume. Our clients are also experiencing attacks, but not in the same capacity,” he concluded.