(Originally published on re/code)
Israel was hit by a massive cyber offensive this week. But unlike other attacks (APTs, criminal campaigns, etc.) to hit the nation, this one has been announced in advance.
It’s Anonymous’ annual OpIsrael attack, which has been taking place on April 7 every year since 2013. According to most Israeli researchers, the attack will fail. It won’t cause any major damage to state infrastructure or scare the Israeli public, and it definitely won’t “erase the Zionist devil from the Internet” (OpIsrael’s declared objective).
Teach a man to fish
Unlike in previous years, #OpIsrael 2016 has a well-organized training program. It contains hacker groups dedicated to showing newcomers the ropes. Their keyword is accessibility: If a hacktivist wants to jump in, all they need to do is join the relevant Facebook groups, follow the right Twitter accounts (which are being advertised across social media) and declare their undying hatred for Israel, and they’re one of the gang.
Sensitive attack details and advanced tools won’t be available to these new hacktivists for reasons of operational security, but they’ll receive DDoS training (available in several languages) and other necessary tools, free of charge. Interactions between newcomer hacktivists and their seasoned guides resemble those found in online support forums, but instead make use of several webchat channels and Telegram groups. Hacking lessons are given by experienced players, some of whom enjoy celebrity status in underground communities.
This training program solves OpIsrael’s main problem — mass recruitment. It also lets everybody who wants to get into cybercrime do so, for free.
The next cybercriminals
After this year’s OpIsrael’s dust settles, newcomer hacktivists will come away with a new, albeit very basic, skill set that will enable them to engage in cybercrime. Many DDoS attacks include an extortion element: Attackers can threaten targets with a massive DDoS attack, and launch a low-volume one just to prove their abilities. They can also pose as security researchers claiming to have identified an imminent DDoS attack, and request money in return for stopping the threat.
Security-focused organizations will know how to treat threats such as these, but most small businesses won’t. Many small businesses fear any disruption to their business process, especially at sensitive times (online stores on Black Friday, for example). Therefore, such businesses tend to give in to a criminal’s demands, since criminals usually won’t ask for more than a few hundred or perhaps a thousand dollars in bitcoin.
This is OpIsrael’s unseen effect: The fact that thousands of people will receive professional cybercrime training. These cybercriminals probably won’t settle for hacktivism for long, or hold their breath until 2017’s OpIsrael. Basic attack tools can easily work like gateway drugs on OpIsrael’s new graduates, who might turn to better tools and tactics and use them to threaten companies all over the world — not just in security-aware Israel.
Anonymous’ training operations could cause an increase in the volume of worldwide low-level attacks. And while these aren’t considered as dangerous as APTs, they currently comprise the lion’s share of cyber attacks and could inflict major damage on multiple industries.