April has arrived, which means that Israel’s cybersecurity community has its eyes set on the now-annual April 7 cyberattack by Anonymous and a group of anti-Israel hacktivists known as #OpIsrael.
While the country is prepared for a variety of scenarios, most Israeli cybersecurity experts are unperturbed by the threat, since previous years have resulted in minimal damage.
The attack has taken place every year on April 7 since 2013 and was first launched on the eve of the Holocaust Remembrance Day with a stated goal of erasing Israel from the Internet.
“The nightmare scenario could be significant economical, political, social and reputational damage. Stock markets collapse, power goes off, nothing works. Obviously though it is possible, it is more science fiction that a real probable scenario. I expect to see almost no real damage.” said Menny Barzilay, a cyber security strategist and the former CISO of the Israel Defense Forces.
Indicating a business-as-usual approach to this year’s attack, the city of Jerusalem is organizing a Cyber Hackathon this evening with 400 eager participants.
The event simulates a worst case scenario attack on the city with essential computerized systems hacked, including traffic light failure, airplanes, power plant and other scenarios.
“The teams will be given challenges which they will have to resolve in order to get everything back in order. Among the judges will be industry prominent figures and the whole event will be accompanied by mentors from leading cyber companies. The first three winners will be awarded one-on-one meetings with industry-leading mentors,” according to a press release.
The ad hoc nature of the enemy, seemingly recruited from chat rooms, message boards, and internet forums may be one reason for the somewhat nonchalant response to the impending threat.
Although anti-Israel hackers operate under the guise of the Anonymous brand, it would be misleading to portray the situation as an all out war between Israel and Anonymous.
“Since Anonymous is more an idea than a group it is hard to tell who is part of Anonymous and how is not. Different people, with different goals and incentives are assuming the anonymous brand name in order to support their action. This is why you see both pro-Palestinian and pro-Israel groups using the Anonymous brand while fighting each other,” said Barzilay.
While the government, banks and other major institutions are prepared, smaller sites with fewer resources might have a tougher time fending off the attackers.
“Large organizations will be prepared for the attack. They will scale up their staff and pay closer attention to alerts. They are already working with their security vendors and service providers to make sure that everything is up to date. The real victims will be the small organizations that do not have sophisticated security operations or even lack an understanding of the layers that they need to have in place. They face the risk of defacement of their brands or even breaches,” said Gil Barak, the CTO and Co-Founder of SECDO.
“In a nightmare scenario, attackers would affect the day-to-day lives of Israelis and the financial health of Israeli companies–attackers could do that by causing downtime in one of Israel’s few critical dairy or bread factories, for example, “ said Yoni Shohet, CEO and cofounder of SCADAfence.