Incident: Cyber War Declared on Israel by Anonymous Hackers

Published Date: 2012-11-20

Postmortem Analysis
Timeline 1. The software failure incident of cyber attacks on Israeli websites by hackers, including Anonymous, happened in November 2012 [15618].
System 1. Bank of Jerusalem database 2. Ministry of Foreign Affairs database 3. Israel's MSN 4. Windows.co.il 5. Personal data of 5,000 officials 6. Usernames and passwords to a real estate search site 7. Websites for the IDF, Mastercard, and Bing 8. Israeli-registered sites, including one belonging to Coca-Cola [15618]
Responsible Organization 1. Hackers' collective Anonymous [15618]
Impacted Organization 1. Israeli websites and government networks [15618] 2. Bank of Jerusalem and Ministry of Foreign Affairs [15618] 3. Israel's MSN and Windows.co.il [15618] 4. Personal data of 5,000 officials and usernames/passwords to a real estate search site [15618] 5. Websites for the IDF, Mastercard, and Bing [15618] 6. Israeli-registered sites, including one belonging to Coca-Cola [15618]
Software Causes 1. Hackers launching denial-of-service (DoS) attacks to overload websites and crash servers, making them unavailable to users [15618] 2. Defacing and taking down Israeli websites by hacking groups like Anonymous [15618] 3. Deleting databases of organizations like the Bank of Jerusalem and Ministry of Foreign Affairs, leaking personal data, and taking websites offline [15618]
Non-software Causes 1. Threats to block Palestinians' internet access by the Israel Defence Forces [15618] 2. Physical warfare between Israel and Gaza, including airstrikes and rocket fire [15618] 3. Social network warfare involving propaganda and information dissemination [15618]
Impacts 1. Multiple Israeli websites were defaced or taken down by the hacktivist group Anonymous, with claims of over 650 websites affected [15618]. 2. The Bank of Jerusalem and Ministry of Foreign Affairs databases were deleted, Israel's MSN was downed, and Windows.co.il was defaced [15618]. 3. Personal data of 5,000 officials and usernames/passwords of a real estate search site were leaked [15618]. 4. Websites for the IDF, Mastercard, and Bing were taken offline [15618]. 5. The cyber attacks led to denial-of-service (DoS) attacks, causing temporary disruptions to the targeted websites [15618].
Preventions 1. Implementing robust cybersecurity measures such as firewalls, intrusion detection systems, and encryption to protect against hacking attempts [15618]. 2. Regularly updating software and systems to patch vulnerabilities and prevent exploitation by hackers [15618]. 3. Conducting thorough security audits and penetration testing to identify and address weaknesses in the network infrastructure [15618]. 4. Educating employees and users about cybersecurity best practices to prevent social engineering attacks and unauthorized access [15618]. 5. Collaborating with cybersecurity experts and organizations to stay informed about emerging threats and enhance defense mechanisms [15618].
Fixes 1. Enhancing cybersecurity measures to protect against future cyber attacks [15618]
References 1. Anonymous group [15618] 2. Israel Defence Forces (IDF) [15618] 3. Israel's finance minister Yuval Steinitz [15618] 4. Carmela Avner, Israel's chief information officer [15618] 5. Tel Aviv-based security company Radware [15618] 6. Ronen Kenig, Radware analyst [15618] 7. Erel Margalit, chairman of Jerusalem Venture Partners [15618] 8. Technolytics Institute, a private U.S. consultancy [15618] 9. Kevin Coleman, online security expert [15618]

Software Taxonomy of Faults

Category Option Rationale
Recurring one_organization, multiple_organization (a) The software failure incident having happened again at one_organization: In this case, the software failure incident involving cyber attacks on Israeli websites and networks by Anonymous can be considered as a recurring incident within the context of cyber warfare. The incident involved defacing and taking down Israeli websites, including government networks, in retaliation for threats made by Israel. This incident showcases a repeated vulnerability in the cybersecurity defenses of Israel, leading to successful hacking attempts and disruptions in online services [15618]. (b) The software failure incident having happened again at multiple_organization: The article mentions that in addition to Anonymous, another group called the Pakistani Cyber Army claimed responsibility for hijacking Israeli-registered sites, including one belonging to Coca-Cola. This indicates that multiple groups or organizations were involved in cyber attacks against Israeli websites, suggesting a broader issue of cybersecurity vulnerabilities across various organizations [15618].
Phase (Design/Operation) design, operation (a) The software failure incident related to the design phase can be seen in the article where it mentions that Anonymous, a hacktivist group, targeted Israeli websites and government networks in retaliation for threats to block Palestinians' internet access. This incident was triggered by Israel's public threat to sever all Internet and other telecommunications into and out of Gaza, which crossed a line for Anonymous [15618]. (b) The software failure incident related to the operation phase is evident in the article where it is reported that Anonymous and other protesters bombarded Israeli sites with more than 60 million hacking attempts. However, most of the attacks failed, and the only site that was successfully brought down was up again within minutes. This shows a failure in the operation of the system to fully protect against the cyber attacks [15618].
Boundary (Internal/External) within_system (a) within_system: The software failure incident in this case can be categorized as within_system. The failure was a result of cyber attacks launched by hackers, specifically the hacktivist group Anonymous, targeting Israeli websites and government networks [15618]. The attacks included defacing websites, deleting databases, downing services like MSN, and leaking personal data and credentials. These actions were aimed at disrupting the functioning of the Israeli online infrastructure, indicating that the failure originated from within the system itself.
Nature (Human/Non-human) non-human_actions, human_actions (a) The software failure incident occurring due to non-human actions: The software failure incident in this case was primarily due to non-human actions, specifically a cyber war initiated by hackers, particularly the hacktivist group Anonymous, against Israel's cyber space. Anonymous claimed to have defaced over 650 Israeli websites and launched more than 60 million hacking attempts [15618]. (b) The software failure incident occurring due to human actions: The software failure incident can also be attributed to human actions, as Israel's finance minister acknowledged that the group, along with other protesters, bombarded Israeli sites with hacking attempts. Additionally, the Israeli government's threat to sever all Internet and other telecommunications into and out of Gaza triggered the cyber war declaration by Anonymous, showcasing the role of human actions in escalating the situation [15618].
Dimension (Hardware/Software) software (a) The articles do not provide information about a software failure incident occurring due to contributing factors originating in hardware. (b) The software failure incident reported in the articles is related to cyber attacks launched by hackers, specifically the hacktivist group Anonymous, against Israeli websites and government networks. The attacks involved defacing websites, deleting databases, leaking personal data, and conducting denial-of-service (DoS) attacks [15618].
Objective (Malicious/Non-malicious) malicious (a) The software failure incident in this case is malicious. The failure was caused by hackers from the collective Anonymous who declared a 'cyber war' on Israel in retaliation for threats to block Palestinians' internet access. They defaced and took down Israeli websites and government networks, including deleting databases, leaking personal data, and launching denial-of-service attacks [15618]. (b) There is no information in the articles to suggest that the software failure incident was non-malicious.
Intent (Poor/Accidental Decisions) poor_decisions (a) The intent of the software failure incident related to poor_decisions: - The software failure incident in this case was related to poor decisions made by the Israel Defence Forces (IDF) threatening to cut off internet in Gaza. This threat led to retaliation from hackers, including the hacktivist group Anonymous, who declared 'cyber war' on Israel in response to the threats [15618]. (b) The intent of the software failure incident related to accidental_decisions: - The software failure incident was not related to accidental decisions or unintended mistakes. It was a deliberate response to the actions and threats made by the Israel Defence Forces, leading to a cyber war initiated by hackers [15618].
Capability (Incompetence/Accidental) development_incompetence (a) The software failure incident related to development incompetence is evident in the article as hackers, specifically the group Anonymous, targeted Israeli websites and government networks in retaliation for threats made by Israel to block Palestinians' internet access. The hackers defaced more than 650 Israeli websites and claimed to have taken down or defaced various Israeli sites, including the Bank of Jerusalem, Ministry of Foreign Affairs, Israel's MSN, Windows.co.il, and websites for the IDF, Mastercard, and Bing [15618]. (b) The software failure incident related to accidental factors is not explicitly mentioned in the articles provided.
Duration temporary (a) The software failure incident in this case was temporary. The article mentions that the attacks from hackers, including Anonymous, on Israeli websites and networks were in the form of denial-of-service (DoS) attacks. These attacks work by overloading a website with traffic, crashing its servers, and making it unavailable to users. Although such attacks can effectively knock their targets off the web, they are usually temporary and rarely do lasting damage [15618]. (b) The software failure incident was temporary due to the contributing factors introduced by certain circumstances but not all. The attacks were carried out by hackers in retaliation for threats to block Palestinians' internet access. The attacks were part of a larger cyber war declared by Anonymous against Israel, specifically targeting Israeli sites and government networks. The attacks were a response to Israel's actions in Gaza and the treatment of the Palestinian people. The attacks were not a permanent failure but rather a temporary disruption caused by specific circumstances [15618].
Behaviour omission, value, other (a) crash: The software failure incident related to the cyber war between hackers and Israel did not involve a crash where the system loses state and does not perform any of its intended functions. The attacks were mainly denial-of-service (DoS) attacks aimed at overloading websites with traffic, crashing their servers temporarily, but not causing a permanent loss of function [15618]. (b) omission: The software failure incident did involve omission failures where the system omitted to perform its intended functions at instances. For example, Anonymous claimed to have defaced more than 650 Israeli websites, deleted databases, leaked personal data, and took down various websites in retaliation for Israel's actions [15618]. (c) timing: The software failure incident did not involve timing failures where the system performs its intended functions too late or too early. The attacks were aimed at disrupting services and causing temporary outages rather than delaying the execution of functions [15618]. (d) value: The software failure incident did involve value failures where the system performed its intended functions incorrectly. For instance, personal data of officials was leaked, websites were taken down, and databases were deleted, all indicating incorrect functioning of the systems [15618]. (e) byzantine: The software failure incident did not involve byzantine failures where the system behaves erroneously with inconsistent responses and interactions. The attacks were coordinated by various groups targeting Israeli websites and networks in a somewhat organized manner [15618]. (f) other: The software failure incident involved other behaviors such as defacement of websites, database deletion, leaking of personal data, and taking down various websites. These actions were not typical system failures but deliberate actions by hackers to disrupt Israeli online services [15618].

IoT System Layer

Layer Option Rationale
Perception None None
Communication None None
Application None None

Other Details

Category Option Rationale
Consequence property, non-human, other (a) death: People lost their lives due to the software failure - No information about people losing their lives due to the software failure was mentioned in the articles. (b) harm: People were physically harmed due to the software failure - No information about people being physically harmed due to the software failure was mentioned in the articles. (c) basic: People's access to food or shelter was impacted because of the software failure - No information about people's access to food or shelter being impacted due to the software failure was mentioned in the articles. (d) property: People's material goods, money, or data was impacted due to the software failure - The software failure incident resulted in the hacking and defacing of over 650 Israeli websites by the hacktivist group Anonymous, including the deletion of databases, leaking of personal data, and taking down of various websites [15618]. (e) delay: People had to postpone an activity due to the software failure - The software failure incident did not mention any specific activities being postponed due to the cyber attacks. (f) non-human: Non-human entities were impacted due to the software failure - Non-human entities such as websites, databases, and online services were impacted by the cyber attacks carried out by Anonymous [15618]. (g) no_consequence: There were no real observed consequences of the software failure - The software failure incident resulted in actual consequences such as hacking, defacing websites, leaking data, and disrupting online services [15618]. (h) theoretical_consequence: There were potential consequences discussed of the software failure that did not occur - The articles discussed the potential consequences of cyber attacks, including the disruption of internet services, but these potential consequences did occur as the attacks were carried out successfully [15618]. (i) other: Was there consequence(s) of the software failure not described in the (a to h) options? What is the other consequence(s)? - The software failure incident led to a significant disruption in online services, data breaches, and the need for increased cybersecurity measures to defend against future attacks [15618].
Domain information, finance, government (a) The failed system in this incident was related to the information industry, specifically in the context of cyber warfare and cyber attacks on Israeli websites and networks. The hacktivist group Anonymous targeted Israeli sites and government networks in retaliation for threats to block Palestinians' internet access. They defaced and took down over 650 Israeli websites, including the Bank of Jerusalem, Ministry of Foreign Affairs, Israel's MSN, Windows.co.il, IDF, Mastercard, and Bing. They also leaked personal data and usernames/passwords, as well as released an "Anonymous Gaza Care Package" containing instructions in Arabic and English on steps to take if internet connections to Gaza were shut down [15618]. (h) The failed system also had implications for the finance industry, as Anonymous claimed to have deleted the database of the Bank of Jerusalem and Ministry of Foreign Affairs, leaked personal data of officials, and disrupted financial services by taking down websites related to finance [15618]. (l) Additionally, the government sector was impacted by the cyber attacks, as Israeli government networks and websites were targeted by Anonymous and other groups. The attacks were part of a broader cyber war declared on Israel's cyber space in response to the conflict in Gaza [15618].

Sources

Back to List