Newsletter Signup
Stay informed with the
NEW Casino City Times newsletter! |
Gaming News
Israeli Firm Claims It Can Track Cyber-Attackers16 November 2000JERUSALEM, Israel -- An Israeli firm says it has found a way to trace hostile hackers, even if they've routed their attacks through several intermediate countries on the way to their final target - and that it has already identified some of the Pakistani perpetrators of recent cyber-attacks against Israeli Web sites. "We already have the names and addresses of several people in a group that calls itself GforcePakistan," said Ehud Tenenbaum, chief technical officer of 2XS, a Tel Aviv-area security consultancy firm. "And when we get a little more information, we'll be ready to hand it over to FBI investigators who are looking into some Web site attacks." According to Tenenbaum, GforcePakistan claims to have penetrated and defaced, or denied service to about 100 Israeli and Israeli-linked Web sites during the "electronic jihad" (Arabic for holy war), which has been launched by pro-Palestinian groups since Israeli-Palestinian violence flared in late September. "Until now," said Tenenbaum, "these assaults have been difficult to trace back, if the attacker operates through a chain of Internet addresses, starting out in Pakistan and then passing through, for example, Switzerland, France, the United States and New Zealand before reaching its target." He said that his firm has developed a method to follow that trail, without involving Internet service providers in the intermediate countries. Fighting hackers is a new switch for Tenenbaum, who gained notoriety in 1997 by breaking into a number of Pentagon Web sites and becoming the subject of a worldwide search. After more than a week, the US Federal Bureau of Investigation and the Israel Police traced the attacks to Tenenbaum, then 18, who used the hacker handle "Analyzer." No charges were filed against Tenenbaum, who was drafted into the Israeli army a few months later. Tenenbaum - who after his discharge from the army joined 2XS as CTO, a consultancy firm working on the other side of computer security - got involved in the Israel-Arab cyber-war in early November, when he got an electronic mail message from members of a hacker group called Israel Internet Underground (IIU). "I'd helped form IIU when I was 16, and hadn't heard from them in years," Tenenbaum said. "Now they wanted me to help them." Though he'd never met any of the IIU members other than over the Internet itself, Tenenbaum and his firm agreed to help. He consulted with 2XS officials, including founder Sharon Weiss, and decided that as a commercial firm, they couldn't take part in any offensive activity. "But (we) will help by offering solutions to security problems of Israeli and Israel-linked firms operating on the Internet, free of charge," he said. Tenenbaum's firm and the IIU then registered a domain name and set up a Web site (www.iiu.org.il). Israeli or Israeli-linked firms visiting the site are asked to fill in a form providing IIU with some essential information to identify themselves, he said, "And then we'll check their security and offer some recommendations, free of charge. "They'll be simple things, like fixing a patch here or changing some other program there, kind of first-aid advice. And we're not pretending to offer permanent protection, just something that will last a month or so." Tenenbaum won't estimate how many companies have used the free service over the two weeks it has been in operation, but he added that "We have hundreds of thank-you e-mail messages." Since Israeli and pro-Palestinian hackers began attacks and counter-attacks in late September, more than 100 Israeli sites and a similar number of pro-Palestinian and other Arab sites have come under attack. Israeli targets include the Israel Defense Forces, the Prime Minister's Office and the Knesset, or parliament. On the Arab side, pro-Israeli groups have raided the Iranian Ministry of Agriculture, the Royal Jordanian site and Albawaba.com, a Jordanian portal that says it has no political line. There have also been attempts to shut down Israeli ISPs using a tactic called denial of service, similar to the attacks that temporarily shut down CNN and eBay in February. In denial of service, hostile attackers attempt to flood Web sites with large numbers of simultaneous electronic mail messages or requests for Web pages, causing overloaded sites to shut down. NetVision, Israel's largest ISP with about 290,000 customers, has beefed up its defense systems and added new links to the Internet backbone. "We're now built like two ISPs, with a satellite link and an undersea cable link," says NetVision CEO Gilad Rabinovich. After it beefed up its defenses, Rabinovich said, NetVision has still come under attack, but its new systems are effective enough to make its customers unaware of any deterioration in service. Naftali Keren, the Middle East regional manager for CheckPoint, the Ramat Gan-based firm that is one of the world leaders in "firewall" Internet security, says that attack methods have improved since last February's attacks on major international Web sites. "But so have the defenses," Keren said. "And it's always a race to stay one step ahead of people who want to do harm." CheckPoint developed an attack-detection system that spots attempts at denial of service just when they are launched, allowing Web sites to take defensive measures. And while defenses of this type have been installed at many individual CheckPoint clients, Keren suggests that they should be installed in the backbone of the Internet as well. Tenenbaum says 2XS is also in the final stages of developing what it calls a smart IDS (intrusion detection system), which has been used to trace the Pakistani hackers. But he says that technology won't be used to launch a counter-attack against those who try to break into Israeli Web sites or interfere with e-commerce operations. Referring to suggestions that Israeli hackers initiated the Internet conflict by defacing several Web sites belonging to Hizballah after the Lebanese Shi'ite Muslim group kidnapped three Israeli soldiers in late September, Tenenbaum Said, "That was a foolish thing to do. … Israel should be the last one to be involved in that kind of conflict. After all, we are an advanced society which depends on computers." Reported by Newsbytes, www.newsbytes.com. |