When hackers become terrorists!

Last week Saudi hacker who identified himself as a member of an anonymous network called XP-group has leaked 400.000 Israeli credit card numbers in one file containing personal information.

The hacker claimed that he hacked the “ONE” sports website and gained the credit card numbers by manipulating the database. He redirected visitors to a site where they could download the file containing the leaked credit card numbers, expiration dates, security codes and victims’ names, addresses, and mobile numbers etc.

The hacker wrote “It will be so fun to see 400,000 Israelis stand in line outside banks and offices of credit card companies to complain that their cards had been stolen. To see banks shred 400,000 cards and reissue them. To see that Israeli cards are not accepted around the world, like the Nigerian cards

There is an ongoing investigation for this breach. While most of the Israelis whose names appeared in the leaked file confirmed they contained their actual addresses and phone numbers, the majority said the credit card details were false, according to many sources.

The attack itself is nothing more than a cybercrime committed by someone or group of hackers who might be from Saudi Arabia or even from other state. There is no evidence to tell that this attack originated from Saudi Arabia or conducted by Saudi hacker at least at this moment.

But there is an interesting part of the story to unfold…

Cybercrime and Political Propaganda!

The Israeli reaction:

Tel Aviv says it will treat cyber attacks as acts of terror. It has also commended the US, who has hinted at retaliating for such assaults with military action.”  Said Deputy Foreign Minister Dany Ayalon in a speech, adding that Israel had not yet ruled out the possibility that the hacking had been carried out by a group “more organized and sophisticated … than a lone youth”.

On the other side, we can see the Palestinian reaction:

Hamas described this attack as “a new form of resistance”

“We urge Arab youth to ignore these cowardly Israeli threats and to use all means available in the virtual space to confront Israeli crimes,” Hamas spokesman Sami Abu Zuhri said in Gaza.

The New War on Terror

It is obvious that Middle East countries are the biggest losers in the so called “Global War on Terrorism” due to religious conflictslow quality of educationilliteracypovertycorruption, and other geo-political vulnerabilities that can be exploited by western powers!

Middle East is also vulnerable when it comes to cyber arena. There are no real capabilities of cyber war in the region, except Iran. No country in the region is able to prevent sophisticated infrastructure cyber attack and in some cases, they won’t be able to detect!

The fragility of ICT infrastructure in MENA, poor education, lack of security awareness programs, poor legislations, and inability of law enforcements to investigate sophisticated crimes are common vulnerabilities among MENA countries.

There are different kinds of expertise in the region related to IT and security but this will not be effective until governments understand the importance of building national capabilities.

It is important for governments and policymakers in MENA to consider physical and logical capabilities when it comes to cyberspace and Cybercrime.

Cyber attacks might lead to a declaration of military attack.

The Israeli official quoted the Pentagon’s document regarding “Cyber Terror” as quoted also in WSJ earlier in 2011 that an unnamed US military official said “If you shut down our power grid, maybe we will put a missile down one of your smokestacks.

The pentagon’s document concluded that severe harm caused by cyber attack on national infrastructure like SCADA systems, oil, chemical sector, economy, could trigger a military response.

The biggest challenge is “How the US and other western countries will be able to pinpoint the source of the attack?” with millions of vulnerable machines worldwide and the availability of anonymizers and open virtual private networks, any investigation will be useless. In addition hackers and cybercriminals are able to make the attack look like it’s coming from multiple countries. Which country will be responsible for this type of attack?

I think we are moving forward to unjust wars “The New War on Cyber Terrorism”