Thousands of Israelis woke up to find their credit-card
stolen and posted on a popular Israeli sports Web site Monday, in an attack that illustrates how technology and the Internet play an increasingly prominent role in Middle East conflicts.
A group of Saudi hackers, believed to be linked to the Anonymous group and calling themselves Group XP, took credit for the hack attack, saying, "We decided to give the world a new year gift, about 400,000+ Israeli people information!!!"
According to the Israeli daily Yediot Aharonot, the file was removed shortly after being posted. It reportedly contained names, e-mails and credit card numbers, including the three-digit security codes. The number of compromised accounts was estimated by top Israeli credit-card companies to be 15,000, though the hacking group claimed it was a far higher 400,000.
The attack comes against the backdrop of social media being heavily relied upon in uprisings against dictators in the Arab world, including the Saudi regime, and the reported use of viruses to attack Iran's nuclear program.
'New Twist on an Old War'
"We have seen people on both sides of this situation attacking each other virtually and physically for quite some time," said Chester Wisniewski, a senior adviser at Sophos, a global cybersecurity firm. "Before Anonymous was distributing the LOIC tool to aid in their fantasy of being some sort of digital Robin Hood, the Palestinians were engaging in the very same practices.
" 'Fight the evil Israelis! Load this tool on your PC and help to silence the infidels.' Not to say that pro-Israeli 'hackers' weren't doing the same thing, it was just a new twist on an old war."
LOIC, or low-orbit ion cannon -- named after a weapon in the Star Wars films -- is a denial-of-service attack used by hackers to overwhelm a Web site to render it inoperable.
The attack against Israelis is an embarrassment in a country that prides itself on having one of the fastest growing high-tech sectors in the world, a phenomenon recently chronicled in the book "Start-Up Nation: The Story of Israel's Economic Miracle," by Dan Senor and Saul Singer.
It is that mastery that led much of the world to see Israel's hand in the Stuxnet virus that caused widespread damage to the uranium enrichment process undertaken by Iran, whose leaders have threatened Israel.
"There's no question that Web-site security in Israel has to improve," Dov Kotler, CEO of one of the affected credit-card companies, Isracard, told Yediot Aharonot. "The newer Web sites pose less of a problem, because their security protocols are higher -- it's the older Web sites that have outdated security."
No Harm Done
The other two companies affected were Cal-Israel Credit Cards; and Leumi Card. The companies said their customers had been shielded from harm. "We blocked all of the cards whose numbers were on the list to online use," Kotler told the Israeli daily. "They can still be used for regular purchases."
There were conflicting reports about where the card data was collected, with some saying that Web sites where Israelis make purchases or give donations were being stalked by the hackers.