It may or may not be a precursor to something bigger, but right now Israel and Iran are engaged in an online cyber-war, in which hackers from both countries – working independently or in conjunction with their governments – are working overtime to take down sites, dispatch worms, viruses, and other destructive bits of software, and, perhaps most importantly, steal data. And while Israel — and presumably Iran — have departments in their respective security apparatuses to wage cyber-warfare, a group of young Israeli hackers is also pitching in, doing their best to punish Iran for its attacks on Israel.
There are hackers – like the ones that attacked sites in Iran on Thursday, replacing the front pages of Iranian websites with Israeli flags and Zionist slogans – and then there are the “real” hackers, says Oren (not his real name), a 17-year old from the center of the country who counts himself among the latter. “I’m not stupid like those other hackers,” says Omri, who claims to have been hacking since he was 12. “I don’t do DDoS (denial of service) attacks in order to deface them. I just take information off sites.”
Information is power, he says – why would you want to give that power up, and deface sites, guaranteeing that the site owner will shore up its defenses to keep you out next time? Instead of trying to make the news with their antics, hackers should stick to stealing data. This way, “the owner of the compromised site won’t do anything to fix it,” he says, leaving the system available for future raids. He got his experience hacking into Israeli web sites, which he says “I now regret doing.”
Oren, along with six others, are members of a hacking group called Israel Defense Force, who claim, along with other hacker groups, to have stolen thousands of documents from Iranian servers. Israel Defenders worked for months with other hacker groups, along with “star” hacker Hannibal, to obtain the documents, Oren says. Earlier this week, Hannibal posted several dozen documents he claimed were purloined from Iranian servers; the documents are a mix of public relations materials, information about government health services – and documents from the Iranian Army discussing deployment plans, military exercises, and draft criteria.
But that was just a drop in the bucket of what Hannibal, Oren, and other Israeli hackers claim to have on Iran. Many of the so-far unrevealed documents discuss the political and military process leading up to decisions involving Iran’s nuclear program, and perhaps more significantly, “we can hack into Iranian servers and change the documents.” As nuclear science (like rocket science!) is a rather complex area, even a blind change to a formula in a reference document could cause a scientist or nuclear plant worker to make a mistake – perhaps even a grave one, says Oren. He and other hackers plan to publish some of the documents, but most of them will be given to the IDF, CIA, or other security agencies. “What Hannibal published so far is nothing,” Oren says. “We have the real secret stuff, and we are going to put it out.”
Hackers – or those who claim to be – are known for their bluff and bragging, so it’s difficult to know just how straightforward Oren was being about his group’s capabilities, or what he managed to get from Iran. But based on hacking incidents in Iran on Thursday, it appears that Oren is on the level: In a message posted on Pastebin Thursday morning, the Israel Defense Force states that they intend to take down specific Iranian sites later that day – including Press.tv and the Iranian Health Ministry site. And indeed, news reports confirm that those very sites were trashed. Either the writers of that message (presumably Oren and/or his friends) are prescient, or skilled enough to pull off a hack attack when and how they want.
In an email appeal to hackers on the Pastebin site (used by hackers to upload code and exchange messages), Oren said that the Iran cyber-battle would be the last one for Israel Defense Force. For Oren, stopping Iran has become the ultimate battle of his young life. As if to stress what he sees as his “mission,” Oren has adopted the screen name “0xomer,” the Israelized version of 0Xomar, as the Iranian hacker who claims to have broken dozens of Israeli websites calls himself. “We need help from all hackers to take all of Iran’s important information, so we are always looking for help in this battle,” he says.
No one has yet taken credit for the recent Stuxnet virus attacks on Iran’s centrifuge system, which have supposedly caused many months of delay in Iran’s development plans, but Oren says that he knows from firsthand experience (he did not go into details) that IDF, Mossad, or CIA could have easily deployed such an attack – just like they could, and may already have, invaded Iran’s servers and either changed or removed documents. “Israel is the biggest high-tech superpower in the world, and they can do what we do far better than us. The U.S. can too. I don’t know if they are doing it or nor, but I’m sure we can help them. Iran doesn’t have a chance in this cyber-war,” he adds. “The only choice we are going to leave them with is to take down their nuclear program.”