Israeli Computer Hackers Foiled, Exposed
By Michael Gillespie
Wa****ngton Re****t on Middle East Affairs
9/03/02
http://www.middleeast.org/comments/1/5669.shtml
Israeli cyber warfare professionals targeted human rights and anti-war
activists across the USA
in late July and August tem****arily disrupting communications, harassing
hundreds of computer
users, and annoying thousands more.
The Israeli hackers targeted Stephen 'Sami' Mashney, an Anaheim,
California,
attorney active in
the effort to raise awareness of the plight of Palestinians.
'People have found an alternate way to communicate through the Internet,'
Mashney, a
Palestinian-American, told the Wa****ngton Re****t on Middle East Affairs,
'and this attack is
backfiring on the hackers. Many people are being educated.'
Mashney, who co-manages a popular pro-Palestinian e-mail list hosted by
Yahoo! logged onto his
Internet accounts on July 31 to find hundreds of e-mail messages from
angry
Americans. He
quickly realized that hackers had appropriated or 'spoofed' his e-mail
addresses and identity
and sent out a message titled 'Down With America' in his name. The message
named and included
contact information for 16 well-known human rights activists and falsely
claimed the activists
wished to be contacted by anyone desiring advice or assistance in
fomenting
and carrying out
anti-American, anti-Christian, or anti-Jewish activities. In an obvious
attempt to damage
Mashney's reputation, the hackers appended his name, office telephone
number, and website
address to the spurious e-mail.
As Mashney was looking up the telephone number of the local FBI office to
re****t the hackers'
crime, his phone rang. It was the FBI calling, from Wa****ngton, with
questions about the forged
e-mail message. Mashney later met with FBI agents in California.
'I answered all their relevant questions,' said Mashney, who notes that
the
hackers' attacks
continued unabated for weeks and expanded to include other new and
innovative methods of
harassment that were used against many other activists associated with
Free
Palestine and other
public and private e-mail lists.
Dr. Francis A. Boyle, professor of International Law at the University of
Illinois College of
Law, is a human rights activist who served on the board of Amnesty
International USA. A member
of Free Palestine and other activist lists, Dr. Boyle was also targeted by
Israeli hackers who
sent counterfeit e-mails in his name. Again, the hackers' intention was to
sow confusion,
provoke animosity, damage a reputation, and restrict ability to
communicate.
When Boyle
returned from a vacation in mid August, he found 55,000 e-mails waiting
for
him. Like Mashney,
Boyle spent days sorting through the messages, writing personal apologies
to
those offended by
the bogus e-mails, and deleting thousands of bounced messages.
Unflappable,
Boyle takes it all
in stride.
'You can't keep the Irish down,' wrote Boyle in an e-mail message to this
re****ter.
Israeli hackers also targeted Dr. Mazin Qumsiyeh, associate professor at
the
Yale University
School of Medicine. The hackers forwarded to some 1,500 members of the
Yale
community e-mails
that Qumsiyeh had sent to a private list of activists. Many of his
university colleagues were
annoyed, but Qumsiyeh, too, feels that the hackers are doing the Zionist
cause more harm than
good. Qumsiyeh said the hackers' efforts have generated new networking
op****tunities among
activists and groups who did not know of each other's existence before the
hackers targeted them.
Monica Terazi is director of the New York office of the American Arab
Anti-Discrimination
Committee (ADC). Terazi's e-mail privileges were yanked by Yahoo! for a
time
after hackers
'spoofed' her e-mail address and identity to send a message to some 80
Yahoo! groups. Terazi,
like Mashney, spoke with the FBI about the new Israeli cyber warfare
tactics, which have piqued
the interest of Internet communications professionals. For a story
published
August 23, Terazi
wrote to Wired News re****ter Noah Shachtman, 'While these e-mails are a
nuisance, offensive and
intimidating, the FBI didn't find anything illegal: There haven't been
threats that rise to the
level of a hate crime, no money has been stolen, public safety has not
been
endangered and, as
far as we can tell, our computers have not been hacked or 'technically
intruded into' as one
agent put it.' The offensive messages are all protected by the First
Amendment, said Terazi.
By mid August, the Israeli hackers had begun to target activists in Iowa,
where it seems the
Israeli hackers have 'technically intruded' into computers. It is also
likely their helpers
here have forwarded addresses from private lists to Israel. Iowa activists
re****t that people
and organizations on their private e-mail lists: family members, friends,
acquaintances, media
contacts, government officials, interfaith relations organizations,
activists, and activist
organizations suddenly found themselves receiving tens, hundreds, or
thousands of anti-Arab,
anti-Muslim and anti-Palestinian 'spam' e-mails per day. Many on private
e-mail lists re****ted
receiving anti-Arafat cartoons and racist diatribes, along with e-mail
thataggressively
connected to a web site that took control of their computers, turned the
screen white, and made
it necessary to shut down and re-start the computer. Some also re****ted
that
their e-mail
addresses had been 'spoofed' and their on-line identities appropriated for
the distribution of
racist messages.
Darrell Yeaney, a Presbyterian campus minister who retired after serving
at
the University of
Iowa, is active in Friends of Sabeel, an e***enical Christian organization
that sup****ts the
ministry of Sabeel, the center for Palestinian E***enical Liberation
Theology. He and his wife,
Sue, now serve as co-moderators for the Middle East Peacemaking Group in
Iowa. The Yeaneys
re****t that the hackers appropriated their address and sent out spurious
e-mail in their names.
Ames-based activist, author, and editor Betsy Mayfield, whose work has
appeared in the
Wa****ngton Re****t on Middle East Affairs, was busy with plans for a
mid-September Des Moines
film festival, 'Boundaries: The Holy Land,' when the hackers turned their
attentions to her
computer.
Several Ames women whose only association with the crisis in the Holy Land
is their commitment
to the Ames Interfaith Council (AIC) re****ted being shocked by the sudden
appearance of
****ographic e-mail and racist diatribes on their computer screens.
Many Iowans were targeted for harassment by the hackers, and hundreds of
others suffered
varying degrees of inconvenience because they were somehow connected to
the
cause of peace and
justice in the Middle East. Similar scenarios played out in other states
across the USA.
The scale of the Israeli cyber warfare campaign, the number of targets,
and
the variety of
techniques used, coupled with specifically targeted intrusions calculated
to
provide additional
target addresses for the application of the hackers' various forms of
harassment, suggest a
sophisticated, coordinated, government-sponsored program designed to
impact
directly upon the
communications abilities of the human rights and pro-Palestinian anti-war
activism communities
in the USA.
When the Israeli hackers 'spoofed' the AIC's e-mail address, they invited
a
response they did
not expect. Because the AIC list was hosted by Iowa State University
(ISU),
because the world's
first electronic digital computer was invented at ISU in a Physics
Department laboratory in the
early 1940s, and because he has represented the ISU Muslim Student's
Association on the AIC
cabinet, ISU Physics Department computer administrator Dr. Bassam Shehadeh
decided to track the
hackers down.
'The hackers access the internet via an ISP called on the West Bank,' said
Shehadeh.
When did not respond to his repeated e-mail enquiries, Shehadeh called the
company, informed
their representative that Palnet facilities were being used to interfere
with communications at
a state institution in the USA, and demanded an explanation. He provided
information that
enabled Palnet technicians to identify the phone number of the customer
harassing Iowans.
'Everyone here is a victim but the hackers,' said Shehadeh. 'The hackers
use
stolen
identification to get access to Palnet.'
Shehadeh said the contact line the hackers used for at least one message
to
the AIC list
address was an Israeli number in West Jerusalem or one of the surrounding
settlements. A Palnet
representative also told Shehadeh the hackers have used several lines and
methods to access
Palnet's facilities.
'Afterwards, the hackers compromise another service system here in the USA
by passing the
e-mail message with Simple Mail Transfer Protocol (SMTP), using HELO verb.
The hackers don't
have a valid principal host but overcome that by using a internet Protocol
number (IP address)
at a location anywhere on the web. Web hosting servers tricked into
transferring these e-mails
include Digital Cube, Inc., Verizon DSL Network, and Iowa Online Web
Access
located in
Wa****ngton, Iowa,' said Shehadeh
Shehadeh and other computer professionals working in the USA re****t that
ISPs and companies
with IP addresses are typically very cooperative when notified that their
equipment is being
misused. Most act promptly to end the hackers' access.
Given widespread and systematic destruction of electronic communications
facilities by the
Israeli Defense Force (IDF) in the West Bank in recent months, the
continued
existence of
Palnet facilities suggests that the Israeli government had reason to
permit
Palnet's continued
operation and raises questions about the ability of Palnet's owners to
refuse service to
Israeli hackers or otherwise interfere with their activities.
This particular campaign in Israel's cyber war seemed to have been
curtailed, at least
tem****arily, on August 29, soon after Shehadeh tracked the hackers to the
West Bank ISP and,
finally, to an Israeli phone number, while other computer professionals in
the USA, along with
some of the targeted activists themselves, quietly contacted management
representatives at
various IP addresses around the globe and notified them that their
facilities were being abused.
|
