Feeds

Celebrity hacktivist joins the Mid-East cyber-war

DoctorNuker talks politics to the Reg

  • alert
  • submit to reddit

3 Big data security analytics techniques

An attack by pro-Israeli hackers against the Hizbollah and Palestinian Authority Web sites over a week ago initiated the current Middle-East cyber-war, which has widened considerably, lately affecting sites in other countries and drawing talent from overseas.

One incredibly prolific hacktivist and defacement artist known as DoctorNuker, founder of the Pakistan Hackerz Club, not only threw down the gauntlet on the Palestinian side last week, but even attacked an influential Jewish lobbying group on US soil -- the American-Israel Public Affairs Committee (AIPAC) -- with a hacked homepage featuring links to enormously disturbing photos of Israeli aggression dating from 1948 to the present.

More significantly, he also compromised two of the organisation's databases, one containing approximately 3500 e-mail addresses of members, and another containing the names, addresses and credit-card account details of roughly 700 donors.

The public exposure of personal data marks an interesting escalation in a battle previously characterised by the aggravations of packet floods and DNS hijacks.

"The idea of posting members' information came when I saw the e-mail addresses of [AIPAC contributors] belonging not only to big companies but government organizations -- US Senate and military departments. Nothing is effective unless it affects the big bosses," DoctorNuker told The Register.

Until now the Doctor has been concerned chiefly with India's heavy-handed treatment of Kashmir, attacking scores of sites and numerous US government facilities in protest, including the hacked homepage at the Department of Commerce, where he warned the USA to "stop interfering in our internal affairs....or we will perform our next nuclear test....in your ass."

The recent Palestinian cyber-resistance attracted DoctorNuker's interest because, as he told us, "we share the religion and we think alike."

Meanwhile, the AIPAC Web site remains off-line while the organisation seeks to beef up its security. AIPAC will resume its on-line presence in a week or two, but "may not continue signing members up on-line," AIPAC press spokesman Ken Bricker told The Register.

Interestingly, the people whose details were exposed have in large part been indulgent. "Of the sixty or seventy affected people who called us, most were sympathetic," Bricker said. "Only one I can remember was actually shrill."

Also notable here is the characteristic restraint with which PHC members and fellow hackers have treated the exposed database of credit information. "We're aware of only three incidents of fraud associated with the intrusion," Bricker told us.

Hackers, as we have pointed out before, tend not to be motivated by personal gain, but more by curiosity or bragging rights. Hacktivists, naturally, are even less concerned with material advantage.

Bricker interprets the hack as an opportunity to reflect on the importance of solid Web security, and emphasises that the organisation is in no hurry to restore the site until its vulnerabilities are understood and adequately addressed. The FBI's National Information Protection Centre (NIPC) is doing what it can to trace the attack back to its source.

DoctorNuker has of course assumed this much and says he "will not touch [AIPAC] for a while now....I know they are watching the logs and methods closely."

But he's far from backing down. He may need to leave AIPAC alone for a bit, but he'll be pleased to deal with other targets. He'll "continue the cyber attacks, some hidden hacks and some public defacements, until they realize that they are in trouble," he told us. ®

Related stories

Cyberwarfare levels the playing field
Cyberwar in the Middle East

High performance access to file storage

More from The Register

next story
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
It may be ILLEGAL to run Heartbleed health checks – IT lawyer
Do the right thing, earn up to 10 years in clink
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.