Israeli hackers bring down Saudi, UAE stock exchange websites

[Bombay Dude]

Israeli hackers brought down the websites of both the Saudi Stock Exchange (Tadawul) and the Abu Dhabi Securities Exchange (ADX) Tuesday, in the latest episode of a continuing cyber war between hackers in the two countries.

The Israeli hackers, who go by the name IDF-Team, were able to paralyze the Tadawul website, while causing significant delays to the ADX exchange site.

The hackers wrote that the attack came in response to the “pathetic” hacking of Israeli sites on Monday. The hackers warned that if the attacks continue, they will “move to the next stage and paralyze websites for a period of two weeks to a month.”

Earlier Tuesday, a pro-Israel hacker published a list of 30,000 e-mail addresses and Facebook passwords of "helpless Arabs" on a popular hacking site. The hacker, who goes by Hannibal, wrote that his actions - which began Friday - are a "counter-attack" following the publication of Israeli credit card details on the Internet by a reportedly Saudi hacker.

"I noticed that poor intelligence of 0x omar and his friends [sic]," he wrote on pastebin.com, the same site used by the Saudi hacker. "State of Israel, not to worry, you're in the hands of the world's best hacker that I am [sic]," Hannibal reassured. "I will continue to support the government of Israel will continue to attack the Arab countries," he wrote.

Hannibal claims to have 30 million e-mail addresses of Arabs, complete with passwords, and to have fielded e-mails not only from potential victims but from officials in France and other countries asking him to desist. But if Prime Minister Benjamin Netanyahu declares a cyber war, he's ready to publish the details of 10 million bank accounts, Hannibal wrote, adding that he also had information on 4 million Arab credit cards.

Israeli hackers bring down Saudi, UAE stock exchange websites - Haaretz Daily Newspaper | Israel News

The Revenge taken for:

http://www.defence.pk/forums/world-...kers-releases-400-000-israeli-cc-details.html

 

[Machine]

Stupid act if it is true, criminal is a criminal no matter where they come from, they are inflicting damage to people who had nothing to do with an attack on Israeli public.

 

[RazPaK]

Damn. Arabs got owned?

 

[TheJewverine]

OWNED

 

[boris]

Arab Hackers forgot that alone one fellow from Weizmann who can hack will own them.

 

[RazPaK]

It's ok. The Arabs are still new to computers. Give them about 10 years.

 

[Al Bhatti]

January 18, 2012

Abu Dhabi bourse denies website hacking

Abu Dhabi Securities Exchange says their website only experienced 'technical difficulties'

Abu Dhabi’s stock exchange on Wednesday denied rumours that its website had been attacked by hackers.

“ADX website experienced some technical difficulties yesterday, 17th of January, resulting in the site running slow; we have subsequently resolved these technical issues and the website was back to its normal original state," the Abu Dhabi Securities Exchange said in a statement.

Several media outlets had reported that an Israeli group calling itself IDF Team had targeted the websites of stock markets in Saudi Arabia and Abu Dhabi in retaliation for a similar hacking assault on Monday that targeted the websites of the Tel Aviv Stock Exchange and El Al, the Israeli national airline.

gulfnews : Abu Dhabi bourse denies website hacking

--------------
18 January 2012

Abu Dhabi bourse denies tit-for-tat hacker attack

Abu Dhabi Securities Exchange (ADX) and the Saudi Stock Exchange (Tadawul) on Wednesday both denied claims by Israeli hackers that their websites had been attacked.

Cyber-criminals claiming to be Israelis said they had brought down the sites of both the Tadawul and ADX in a retaliatory strike, days after a Saudi hacker attacked the Tel Aviv bourse.

“Abu Dhabi Securities Exchange denies the rumours that its website was hacked, as claimed by some media outlets,” the bourse said in an emailed statement to Arabian Business.

The company blamed its slow-running site on Tuesday on technical glitches, adding the website was now “back to its normal, original state.”

Abu Dhabi bourse denies tit-for-tat hacker attack - Technology - ArabianBusiness.com

--------------

Jan 19, 2012

Abu Dhabi stock exchange denies attacks by hackers

Stock exchange officials denied yesterday that website problems on Tuesday were caused by Israeli computer hackers. The Abu Dhabi Securities Exchange (ADX) website was operating slowly and the site for Saudi Arabia's stock exchange, Tadawul, was not loading at all on Tuesday evening.

A group of hackers called IDF-Team claimed it had targeted the sites, and those of banks, airlines and government organisations

ADX said yesterday "technical difficulties" had since been resolved. "We were doing maintenance on our website," said Abdullah Salem Al Naimi, the head of market surveillance at ADX. "Everything is OK and under control. We are continuously monitoring the website and following up with Etisalat."

Tadawul said all its systems were working normally. "Reports about hacking of Tadawul website and/or degradation of website performance are incorrect," it said. "The exchange website remains accessible and fully operational. Tadawul deploys advanced systems and processes to protect the integrity and continuity of its infrastructure."

The claimed attacks were the latest in a series of cyber battles between Israeli and Arab hackers. Website access to the Tel Aviv Stock Exchange, El Al Airlines and several Israeli banks was disrupted on Monday.

This month a hacker in Saudi Arabia, named OxOmar, posted online thousands of active credit-card numbers belonging to Israelis. In response, Israeli hackers posted the personal information, including email and Facebook passwords, of thousands of Saudi residents.

“If the lame attacks from Saudi Arabia continue, we will move to the next level, which will disable these sites longer term,” the group said.

Dr Ibrahim Baggili, director of the cyber forensics laboratory at Zayed University, said it was difficult to know whether the hackers’ attack had been successful.

“What bank would like their customers to know they were hacked?” he said. “Banks and stock exchanges are the kinds of organisations that will not be happy to disclose these things.”

Other targets of the hackers, which included Arab Bank and SABB, the Emirates Identity Authority (Eida), the Dubai Government site, Saudi Arabian Airlines and a UAE airport information directory, also denied being affected.

“We hear from here, there and everywhere that this happened, but no one can tell us what is going on,” said a representative for Saudi Arabian Airlines.

An Eida official said the authority would not comment because “we can’t issue a statement about nothing … there’s nothing to deny in the first place”.

An analyst at a bank in Jeddah said the Tadawul website was not working yesterday morning unless the browser had been left open from the day before.

“If the Capital Market Authority admitted the stock exchange website was hacked, the repercussions would have been strong,” the analyst said.

“From a political standpoint, you could see they would want to calm things down. Also, it is earnings season, and the financial results of close to 100 companies had to be uploaded, which could also have been been a reason why the website was down.”

Dr Baggili said the UAE was better prepared for cybercrime than other countries in the region, but security required vigilance.

“Hacking is no longer just for the tech-savvy or the computer geek,” he said. “It is now more accessible, and whether the steps the UAE has taken are enough, we will find out in the future.”

Abu Dhabi stock exchange denies attacks by hackers - The National

 

[Al Bhatti]

It's ok. The Arabs are still new to computers. Give them about 10 years.

Before 10 years:

September 27th, 2001

Police Blocked 5,000 Hacking Attempts in Dubai

Hackers from the UAE and abroad have failed to undermine the Dubai police computer network as trained personnel were swift to react and block more than 5,000 sabotage attacks, top officers said as quoted in the Dubai police website and local press.

At a seminar held in the emirate of Ras El Khaima under the patronage of Chief Police officer Colonel Taleb bin Saqer Al Qassimi, the director of Dubai police strategic planning department, Issa Bin Salem Al Jallaf said, “Dubai police IT site was targeted by more than 5,000 hacking attempts from within the country and abroad but the police have succeeded in blocking them all,” adding that the recent days have witnessed 40 crimes linked with hacking.

The head of Dubai police said that the police efforts have not been limited to blocking the hackers’ attempts but they were also able to trace them and prevent cyber crimes targeting other institutions in the country, including banks.

Other crimes targeted the conservative social and family values.

Brigadier Sharafiddin Mohammed Hussein told the meeting that the his men had stopped a crime in which a hacker was able to break into the e-mails of local women, acquire their photos and post them on the internet coupled with porno images

Police Blocked 5,000 Hacking Attempts in Dubai | Al Bawaba

-------------

October 29th, 2001

The newly created Dubai Police unit to handle online crimes has achieved a measure of success in nabbing perpetrators, even those based in other countries, said a senior official in a press release.

"In one recent case, we were able to trace the identity of the person who was sending questionable pictures to email addresses in this country, even though he was based outside. This we could do with the help of the security agencies in that country," said Brig. Nasser Syed Razooqi, assistant commander-in-chief of the Dubai Police.

Razooqi said in the statement that they now had an electronic services department, whose main objective was to “track the perpetrators of cyber crimes to their source.”

Members of this special unit were trained abroad for security-related issues, he noted.

"With the great usage of the internet, cyber crime is a new area for the police forces to fight. In the last 18 months or so, we have installed the best of networks, whether it is internal or external, to handle such issues that crop up.

"Dubai Police has also witnessed a few breaches of security from cyber attacks. But with the proper traces, we have been able to prosecute them, often in cooperation with other agencies," he added.

The official said that tackling cyber-related crimes or breaches and ensuring security was "of the highest priority for our department."

"But this has to happen with the collaboration of all concerned - the police, security experts, etc," he added.

Dubai Police Establish Cyber Crime Unit | Al Bawaba

 

[Al Bhatti]

It's ok. The Arabs are still new to computers. Give them about 10 years.

Present times

 

[Al Bhatti]

It's ok. The Arabs are still new to computers. Give them about 10 years.

And they confess their weaknesses as well:

Dec 16, 2010

Young cyber-experts warn that UAE is too easy to hack

The UAE's computer networks are weak and susceptible to attack, say two students who are training to be the country's future cyber crime experts.

Hanadi al Zaabi and Asma Aidrous, fourth-year Information Security students from Zayed University, are the first Emirati women to be awarded the certificate in Ethical Hacking from the International Council of Electronic Commerce Consultants. Known as the EC Council, it was founded in the US following the September 11 attacks.

"Every day, people are becoming familiar with hacking, and hacking tools are becoming much easier to obtain," said Ms al Zaabi, 21.

Ms Aidrous, also 21, said, "The systems here are not secure. It's too easy to hack."

The women will both go on to study for a Masters in Digital Forensics degree, also at Zayed University, later this year. "We must raise awareness of the issue, making people more aware of the need for security," said Ms al Zaabi.

The women, who took the certification in their free time during the summer, covered areas such as e-mail penetration, viruses and hacking laws.

In 2007, the first known case of cyber warfare occurred when Russia froze Estonia's infrastructure, including banks and government agencies, through remote computer access after Estonia removed a symbolic Soviet war memorial, causing offence to its neighbour. More recently in Iran, the Stuxnet virus disrupted nuclear activities at the Bushehr plant after hackers infiltrated the system.

Maurice Danaher, an assistant professor in the college of information technology at Zayed University, said: "Cyber crime is recognised around the world now as a growing threat, second to the nuclear threat. We're seeing a proliferation of crimes on the internet now. Hackers could bring the country to its knees through infrastructure like attacking the power or desalination plants or banks."

Around 200 people, mostly expatriates, have taken the ethical hacking qualification in the UAE over the past three years. Many work for ministries such as the Ministry of Presidential Affairs, the police or companies such as the Abu Dhabi National Oil Company.

So high is international demand for experts, the qualification is available in 60 countries.

Only specialists with a proven track record can learn these potentially destructive skills, especially in organisations relating to national security, such as the UAE's Computer Emergency Response Team, set up more than two years ago by the Telecommunications Regulation Authority.

George Jason, from the EC Council, said: "This is an offensive defence. Even before things happen, we know what the 'bad guys' can do."

Subela Bhatia, also from the EC Council, said: "It's a very new certification for this region so awareness needs to be created, but there are very well paid jobs out there, even in the recession, especially for Emiratis."

Faisal al Shamari, the chief information security officer at Abu Dhabi Police, was among the first batch of 11 graduates, all from Abu Dhabi Police, to graduate in March from Zayed University with the Masters in Cyber Crime degree.

"All crimes are evolving into having a high tech facet," he said. "Criminals and law enforcers are in a race. We don't want to be left behind."

The work at the police falls into two categories, he says: information security, including for example, ethical hacking, and secondly, cyber crimes such as fraud.

He says the country needs many more experts, with the UAE among the biggest consumers of technological devices from iPhones to the BlackBerry. The few existing specialists are given constant training and access to conferences overseas to help widen their knowledge.

"We need to build up our capacity to keep up with the challenges that come with the advancement of our society.

"Part of that is manpower, part of it is expertise and experience," said Mr al Shamari.

"Obviously, we are bringing experts from other countries while we advance this area, but if we don't build up our own expertise it will be a challenge," he added.

Leon Jololian, the dean of the faculty of information technology at Zayed University, said: "We're 10 to 20 years behind in this field here, but as it's an emerging area, there are many opportunities for the students."

Young cyber-experts warn that UAE is too easy to hack - The National

 

[Al Bhatti]

Jan 20, 2012

Israeli hackers release Arab credit card details in cyber attacks

Tit-for-tat cyber attacks between Israeli and Arab hackers escalated yesterday, as a shadowy Israeli group released the details of 4,800 Arab credit-card holders and tried to launch attacks on the websites of the UAE Central Bank and the Arab Bank Palestine.

Early yesterday, hackers who said they were Israeli posted the credit card numbers, security codes and expiration dates of the cards, which they said they obtained from the website of a major Saudi bank.

"My name is Omer Cohen from Israel," a post together with the release announced. "I want you come to me house with all your friends and your country."

Hours later, an email sent to The National from a group calling itself IDF-Team said the group intended to shut down the websites of the UAE Central Bank and of the Arab Bank Palestine at noon.

The Central Bank said the website did become inaccessible for about 20 minutes but the problem had been quickly fixed.

The Arab Bank website remained inaccessible for most of the day when accessed in Abu Dhabi.

"They did target the website, but they didn't do any damage," said Bob Thomson, chief manager of information technology projects at the Central Bank, who described the incident as "a concentrated attack".

He said the site was up and running shortly after noon, when Etisalat blocked the hackers' access.

"Denial of service attacks are a fact of life, unfortunately," Mr Thomson said.

The hackers' email message to The National linked to an online warning calling on "terrorists to stop their terrorist acts against Israel and attempts to disrupt the normal course of life in Israel".

The name of the hackers' group, IDF-Team, mimics the acronym for Israel's defence forces, the IDF.

Yesterday's attacks came a day after a group identifying itself as "Gaza's hacking team" succeeded in breaking into the internet site of Israel's Anti-Drug Authority and planted images of armed Palestinian militants and threats including "Death to Israel".

It has not been possible to verify the identity or location of the hacking groups.

This week, hackers broke into the websites of the Tel Aviv Stock Exchange, the Israeli flagship El Al Airlines and at least three banks in attacks some officials said were aimed at hurting the country's economy and security.

The incidents drew national outrage especially because they came days after hackers proclaiming Palestinian sympathies posted on the internet the details of thousands of Israeli credit-card holders and other personal details.

On Wednesday, officials in the UAE had denied that disruptions to the websites of the Abu Dhabi and Saudi stock exchanges this week were linked to attacks planned by the same Israeli hacker group. Other proposed targets, including banks and government agencies, also denied being hacked.

This month a hacker in Saudi Arabia, named OxOmar, posted online thousands of active credit card numbers belonging to Israelis. In response, Israeli hackers posted the personal information, including email and Facebook passwords, of thousands of Saudi residents.

A cyber security expert from Good Harbor Consulting in Abu Dhabi said these kinds of attacks are common, yet can be "extremely destabilising for their targets".

"As the world increasingly takes notice of the UAE as a global marketplace and a player in international affairs, the threat from spoilers and politically driven hackers will naturally increase," the expert said, speaking on condition fo anonymity.

Israeli and Arab hackers are threatening to take further action and appear to be mainly posting their threats on a website called Pastebin, which allows users to store large amounts of data online.

The Israeli hackers who said they had disrupted the UAE Central Bank said in a statement on Pastebin that they plan to bring down the websites of Arab stock exchanges and governments, specifically naming the UAE as a target.

In interviews with the Israeli media, the Israeli hackers have outlined their motivation.

"You can call this a Zionist revenge," the mass-selling newspaper Yedioth Ahronoth on Wednesday quoted the hackers, who spoke on condition their real names not be used, as saying.

Referring to Israel's flourishing high-tech industry, they added: "They declared war on us first, but we are more talented. Israel's top export industry is full of hackers."

The paper also quoted a hacker who calls himself "Hannibal" as threatening to publicise 100,000 email details of citizens of Arab countries on Saturday and thousands more next week.

"That is how everyone will understand how dangerous and lethal the Jewish brain could be," he told the paper.

Israeli hackers release Arab credit card details in cyber attacks - The National

---------- Post added at 03:36 PM ---------- Previous post was at 03:35 PM ----------

Jan 19, 2012

A bogus threat still reflects on cyber-security

The facts are still not fully clear about reported cyber-attacks on Israeli and Gulf websites. At worst, however, what happened seems to have been little more than sophomoric online vandalism. But the story reminds us that the computer networks that undergird daily life are alarmingly vulnerable.

On Monday, the Tel Aviv Stock Exchange and other Israeli business sites suffered "denial of service" attacks. A Saudi hacker claimed credit, if that's the right word, without revealing his name. On Tuesday, news reports said, someone called "IDF-Team" retaliated against the Abu Dhabi Securities Exchange website and that of Tadawul, Saudi Arabia's stock exchange. Both Gulf exchanges have since denied that there were any attacks.

Against websites intended for the public, denial of service attacks - overloading a website until it crashes - are unfortunately within the arsenal of almost any clever, bored, malicious teen.

Real experts in this field do not boast. The Stuxnet "worm" which disabled many of Iran's uranium-enrichment centrifuges in 2010 reportedly took as much as 10 person-years of effort to develop, but nobody has claimed responsibility. That so much skilled labour went into such a challenging project should be a warning to us all.

How much of modern life depends on computer networks which we hope are secure: air traffic control, credit, banking, nuclear and other power stations, factories, hospitals, government records, emergency-response services, shipping, traffic lights - the list is endless, vulnerabilities are everywhere and a coordinated attack could be catastrophic.

It would be comforting to think that in the mysterious world of cyber-warfare, defensive skills are as well-developed as the arts of attack. But there is little reason to believe that.

US government networks, for example, are said to come under frequent and sophisticated probing attacks from abroad. China is often mentioned, as Israel is for Stuxnet, but the origin of cyber-attacks is rarely obvious.

Last summer, after systems were infiltrated at the US defence contractor Lockheed Martin, the Pentagon declared that cyber-attacks can constitute acts of war, which may bring military retaliation. But against whom?

There is a danger of overreaction as well. This recent threat, even if it was anything more than bluster by "IDF-Team", was minor but it does reminds us of the power that can be wielded by irresponsible parties. Governments must identify vital systems and do what they can to make them more secure - and do so urgently.

A bogus threat still reflects on cyber-security - The National