Pings and E-Arrows Fly in Mideast Cyber-War

By Lee Hockstader
Washington Post Foreign Service
Friday , October 27, 2000 ; Page A01

Originally posted at: http://www.washingtonpost.com/wp-dyn/articles/A21154-2000Oct26.html

JERUSALEM, Oct. 26 –– The Web site of Hezbollah, the militantly anti-Zionist Islamic guerrilla movement, has a surprising new look. Click on the Hezbollah home page and you are greeted by the Israeli flag, Hebrew text and a slightly tinny piano recording of "Hatikva," the Israeli national anthem.

A spearhead force of Israeli hackers, augmented by thousands of teenage keyboard warriors, launched their Internet assault on Hezbollah and other Arab world Web sites earlier this month as violence in the region spun out of control.

This week the Arabs struck back with a fury, apparently led by pro-Palestinian cyber-soldiers in the United States. In a sustained, coordinated counterattack, Web sites of the Israeli army, Foreign Ministry, prime minister and parliament, among others, have been staggered by a barrage of hundreds of thousands--possibly millions--of hostile electronic signals.

"We checked it and for what we found, this is the first full-scale war in cyberspace," said Gilad Rabinovich, CEO of NetVision, Israel's largest Internet provider. "It's costing a lot of money and human resources. . . . Instead of being billable, our technical experts are busy protecting the Web sites."

The cyber-war between Arabs and Jews that peaked this week has raged parallel to the fighting on the ground, and while it is not deadly, it appears to involve at least as many people and all the same passions.

What distinguishes this cyber-conflict from past ones, such as during last year's Kosovo war, is that it is not exclusively, or even mainly, a cat-and-mouse game of highly specialized hackers attempting to play havoc with one another's sites.

Thousands of Israeli and Arab youngsters apparently have also joined in the contest, sending the other side nasty, racist and occasionally pornographic e-mails and, within their own camps, circulating Web site addresses with simple instructions for how to ping, zap and crash the enemy's electronic fortresses.

As one of the most computer-literate societies in the world, Israel has an immense advantage. There are about 1.1 million Internet hookups in the Jewish state, or more than in all 22 Arab countries combined.

But Israel's phenomenal connectedness also means it offers more targets and is vastly more vulnerable to attack. And Arabs are finding ways to strike back.

For half of Wednesday and virtually all day today, the Israeli Foreign Ministry site, an encyclopedic and popular database, has been inaccessible as computer technicians work to build stronger firewalls to protect it. Also today, following three straight days of concerted attacks, the Israeli army announced it had hired AT&T as a backup Internet provider in case the electronic firestorm makes access impossible through NetVision, its usual server.

"It's a brain war because [of] all the time we need to analyze the ways our attackers tried to penetrate the site," Rabinovich said. "After we learn what they've done, we have to build the right shields to protect [against] it."

Even Israel's right-wing Likud Party has come under a low-tech attack. Starting around dawn this morning its Web site was bombarded by several thousand e-mails with such messages as "Death to the Jews," "Hell is waiting for you" and obscenities.

Israel, whose extraordinary security-mindedness extends to the Internet, appears so far to have prevented the attackers from penetrating and meddling with any of its sites. Although Internet access in Israel has at times slowed to a crawl, and several sites have been forced to suspend operations to fortify themselves, none seems to have been breached by invaders.

Israeli hackers, however, seem to have had some success in breaking and entering the sites of their enemies, notably Hezbollah.

The heavy-duty Israeli cyber-attacks on Hezbollah apparently began about three weeks ago after the Lebanese Shiite guerrillas seized three Israeli soldiers on patrol along the border with Lebanon, and held them for ransom.

Israelis began circulating among themselves electronic chain letters and other messages containing instructions for how to strike back against Hezbollah, as well as pro-Palestinian Web sites and portals around the Arab world. Many Israelis say they received a half-dozen or more such e-mails.

Within days, Hezbollah's site was flooded by millions of "pings"--the low-tech cyber-equivalent of knocks on the door. It crashed. Hezbollah then tried reviving its site under slightly different spellings, but they too were attacked in turn. One of them, www.hizballa.org, was penetrated, Hebraized and adorned with the Israeli flag and a galaxy of Stars of David.

The chief means that Israelis use to attack Hezbollah and other Arab Internet targets seem to be Web sites that make it astonishingly easy for even novice surfers to join in the action.

One address offers surfers a menu of targets to attack, including the sites of Hezbollah, the Palestinian National Authority, the Palestinian militant group Hamas and a half-dozen others.

"Come and help us stop their pan-Arabic campaign of incitement," the site says in Hebrew. "Our purpose is not to allow the cruel terror organizations to continue with their sites spreading terror, articles and sick pictures throughout the Internet."

The site then invites users to click on the targets they would like to disable, and offers a set of simple instructions for executing the assault. The whole process takes no more than a minute or two, and can generate multiple and high-speed attacks.

"It's a very simple yet effective idea based on having people log on, and the Web site will automatically do the attacking for them," Ali Ayoub, the Hezbollah site webmaster, told the Daily Star, an English-language daily in the Lebanese capital of Beirut. "Every time a user chooses one of nine sites listed on the Web site, a file is activated to target the site every second."

Ayoub's comments, published Tuesday, appear to have contributed to the counterattack by Arab Internet users. Internet chat rooms popular among Arabs were used to circulate information on how to attack Israeli sites.

The Daily Star quoted an unnamed Arab "Internet programmer" as saying that some Israeli sites not only had been knocked out of action but also badly damaged, their data deleted.

Israeli Internet sources denied that, but acknowledged that a few of the attacks had been highly sophisticated.

On both sides of the Internet shootout, Web site officials denounce the conflict. Some Israelis say it is the work of bored teenagers spoiling for an antiseptic fight.

"Sometimes it's a 14-year-old guy who calls himself the Red Dragon," said Gadi Shimshon, editor of an Internet portal in Tel Aviv called Nana. "These are kids' games. Every kid nowadays has an Internet connection, and they can do it. . . . Hormones are awful at this age."

Others contend the attacks in cyberspace are more pernicious, and amount to an assault on free expression itself.

"Destroying an innocent site here or there is crude vandalism, it is not an act of war," said Ori Noy, director of the information division of the Israeli Foreign Ministry. "Shutting down a site is like burning books. And in another era this was very symbolic. We are talking about the Nazi era."

One Israeli lawmaker, former science minister Michael Eitan of the hard-line Likud Party, said he favored international agreements and legislation criminalizing attacks on Web sites, whether by Israelis or anyone else.

"I'd like to see that real enemies who want to kill each other--that they still should respect freedom of press, the rights of reporters, of safe transport for the Red Cross and the injured, and also for the Internet, which should be protected by agreement," he said.

"Even sides in a state of war shouldn't bring the war to the Internet because the Internet is something international. It was not established for war but as an arena to exchange views and make connections."



Last updated 7.21.03