OpIsrael 2018


OpIsrael is a yearly campaign created by Anonymous in 2012 with the stated goal of “erasing Israel from the internet” in protest against the Israeli government’s conduct in the Israli-Palestinian conflict. Ideology, politics and religious differences are at the core of this operation. Every year the operation begins on April 7th (typically concluding April 14th) and sees participants from Anonymous and a number of other low-level hacktivist groups.

Download Complete Alert

Abstract

OpIsrael is a yearly campaign created by Anonymous in 2012 with the stated goal of “erasing Israel from the internet” in protest against the Israeli government’s conduct in the Israli-Palestinian conflict. Ideology, politics and religious differences are at the core of this operation. Every year the operation begins on April 7th (typically concluding April 14th) and sees participants from Anonymous and a number of other low-level hacktivist groups. Heading into the operation, Radware’s Emergency Response Team has observed hacktivists organizing groups on social media, forums and Internet Relay Chat (IRC) leading up to the operation.


Figure 1: This is a message to the foolish Zionist entities. We are coming back to punish you again, for your crimes in the Palestinian territories. All we see is continuous aggression, bombing, killing and kidnapping of the Palestinian people. We refuse to stand by idly. Our response to these heinous crimes against humanity will be on the 7 of April 2018. As we did many times, we will take down your servers, government websites, Israeli military websites, your banks and your public institutions. We’ll erase you from cyber space as we do every year. We will continue to electronically attack you until the people of Palestine are free.

Source: https://www.cyberguerrilla.org/blog/anonymous-opisrael2018-7-april/

Background

In the past years, Israel has seen moderate attacks launched against networks and infrastructure. The most common tactics are website defacements and denial-of-service (DoS) attacks but have also included application attacks and data dumps.

Each year, hackers organize in public channels like IRC, Twitter and Facebook to discuss operational details in the open. Attackers provide others with tools and technical guidance leading up to the operation’s launch date. They post links to videos, attack tools and recommend VPN’s along with target lists and content for social media posts.

Several tools that are shared leading up to the operation are outdated and easy to mitigate due to exising signatures. Typical tools shared are GUI-based tools like Windows DoS, LOIC, HOIC, Tsunami, An0nStr3ss as well as basic script tools like Torshammer and other HULK varients. TorsHammer, a slow-rate HTTP POST (Layer7) DoS tool that can be carried out through the Tor network, has been a recommended tool since 2012.

OpIsrael receives a large amount of attention for several reasons, one of them being the global media coverage surrounding the Israeli-Palestinian conflict. The other is due to past operational successes by Anonymous, but in recent years this has been slowly fading. OpIsrael is losing its reputation as a successful operation overall. In recent years, pro-Israeli hackers have launched counter attacks against the operation. These attack are often more successful and gain more attention than the operation itself.

The main activity for the operation occurs leading up to April 7th via limited attacks for the rest of the campaign. Defacements are normally the most common attacks seen during the operation and normaly plague unprotected small businesses as the hackers normal can not launch successful attacks against secured targets. DDoS attacks are normally limited and infact just standard DoS attacks since the hacktivist are unable to create botnets of their own for distributed attacks. Successful attacks only last for a few moments as most attackers do not have enough power to keep a website offline.

Under Attack and in Need of Expert Emergency Assistance? Radware Can Help

Radware offers a DDoS protection service to help respond to security emergencies, neutralize the risk and better safeguard operations before irreparable damages occur. If you’re under DDoS attack or malware outbreak and in need of emergency assistance, contact us with the code "Red Button."


Download the complete ERT Threat Alert. Download Now