Will cyberterrorism affect your business?
Ben Venzke, director of intelligence production, iDefense
Lucent, based in Murray Hill, N.J., may be the first of many U.S. companies and government agencies to be targeted by pro-Palestinian hackers because of its ongoing business in Israel, experts said.
"There could be other organizations hit here in the U.S., but this is the first U.S. corporation named directly on target lists being circulated by pro-Palestinian hacker groups I've seen so far," said Ben Venzke, director of intelligence production at iDefense.
The Fairfax, Va.-based Internet security company has been monitoring the cyberattacks by pro-Palestinian and pro-Israeli groups that have mounted in recent months because of the violence in Israel.
Lucent was hit by what is called a Defend tool, which is similar to the FloodNet program designed and used by Zapatista rebels against the Mexican government during that civil war, Venzke said.
An individual hacker has to target a specific Web site using the Defend tool. Once it is set up and hitting the Web site, it constantly refreshes the page every 2.5 seconds. The only way it can do damage is if thousands of hackers target the same Web site. If requests to the Web page from the attackers come fast enough, the target computer will freeze up.
The Defend tool is different from the Tribe Flood Network, which is more powerful and harder to detect than this version because an attacker secretly embeds software into hundreds of computers, Venzke said. Then, at a selected time, a command is issued that prompts the infected computers to swamp a target Web site or server with messages in a so-called denial-of-service attack. The program does not damage the "infected" computers or the target, but the sudden flood of messages typically knocks out the target system.
"Lucent, like many other companies, is doing business in Israel and has been named as a target by Unity, a pro-Palestinian group" that ironically has had a number of its Web sites attacked by pro-Israeli hackers, Venzke said.
The attack on Lucent comes just days after the FBI issued a warning that the recent email flooding and denial-of-service attacks that shuttered and defaced both Israeli and Palestinian Web sites in the past month could "spill over" to the United States.
"We're aware of this stuff coming from all over the world," Skalko said. "We were ready for this attack because of what we learned from the 'Melissa' attacks last March. That was a wake-up call for all of us. We're always on alert and looking for these types of things to occur."
The Melissa virus struck individuals and businesses hard when it first hit the Internet, causing more than $80 million in damage. The $80 million total was related to the time spent by systems administrators to clear the virus off affected computers.
Although Melissa was an email-related virus, Skalko said the security awareness at his company sparked by the virus allows it to meet cyberthreats early on.
So far, pro-Palestinian attackers have hit at least 30 sites, and at least 15 sites have been hit by pro-Israeli attackers, according to iDefense.
Echoing the earlier warning from the FBI, Venzke said government agencies and businesses in the United States should be prepared for anything as the conflict continues in Israel.