Israel, a country well-known as a terror target, is puzzled by the actions and identity of a “Saudi hacker” who may or may not be a cybergenius. Welcome to the future of terrorism and warfare.
Our story begins with a break-in at “ONE,” an Israeli sports-oriented Web site: On Jan. 2, instead of the usual soccer scores, the compromised site carried a message linking to a separate site, pastebay.com.
There, a hacker calling himself “0xOmar” claimed to have obtained, from his Saudi lair, the financial details of hundreds of thousands of Israeli citizens and companies. He published several long files listing details of credit information: names of credit cardholders, card numbers, expiration dates — the works.
His downloadable files (later found to be tainted with Trojan-type malware) also contained purported credit data of some non-Israeli “Zionists” who bought goods from a site called “Judaism” and others who sent donations to “Zionist Rabbis.”
It’s my “gift to the world for the new year,” the hacker boasted, calling on people to use the credit details to purchase lucrative goods.
Why? According to 0xOmar: “It will be so fun to see 400,000 Israelis stand in line outside banks and offices of credit-card companies to complain that their cards had been stolen. To see banks shred 400,000 cards and reissue them. To see that Israeli cards are not accepted around the world, like the Nigerian cards.”
He further explained his motives later in an e-mail to the popular Israeli news site ynet: “Israel attacks and kills innocent Palestinian people, they [commit] genocide, they even break legal international rules, all the world [has a] problem with Israel.”
He had written ynet to complain about the site’s report on an Israeli college student who said he’d found the “real” hacker. Using a bit of creative cybersleuthing, he identifed 0xOmar as a 19-year-old native of the United Arab Emirates now residing in Pachuca, Mexico.
No way, 0xOmar told ynet, insisting he was operating from Riyadh, and adding a taunt and a challenge to the Mossad and Interpol to find him.
Meanwhile, it turned out that his initial boasts were exaggerated. Some “victims” said their published details were incorrect or contained canceled credit cards. Israeli credit-card companies announced that, at most, only 15,000 accounts had been compromised (not 400,000) and that they’d already contained the damage.
Nevertheless, the event was big enough to lead the news in Israel for days. The Bank of Israel (the equivalent of the Federal Reserve) announced an investigation. Presumably, other security bodies around the world are hard at work.
Meanwhile, according to reports in the Gulf, Saudi banks are bracing for Israeli cyberretaliation. That threat, so far, has failed to materialize and, given Israel’s interest in maintaining banking stability, it seems hyped.
Yet the possibility that a lone hacker could start a regional war is now out of the bag.
Yes, credit theft isn’t new. In Central Park back in the early 1970s, a long-haired dude dressed in purple handed me a list of numbers belonging to “evil” corporations, the “CIA” and other arms of “American imperialism.” He claimed that if I gave one of those numbers to a telephone operator, I’d be able to make then-expensive international phone calls for free. Surprisingly enough, it worked.
But today’s hackers can wreak far more havoc than that hippie. As 0xOmar demonstrated, they can quite easily commit “acts intended or calculated to provoke a state of terror in the general public for political purposes” — terrorism.
And since the earliest days of modern Israel, terrorists have “beta-tested” their tactics on the Jewish state. What starts out as a little-noticed cyberattack in Israel, in other words, might well morph into a global war with America as target.
Remember: “Little” plane hijackings and suicide attacks that started in the Mideast decades ago evolved into the 9/11 attacks.