Individual Facebook users have become targets of political hacking. Last weekend presumed Turkish hackers defaced several Facebook accounts owned by Israelis in retaliation for the recent Gaza blockade incident.
Two different attackers seem to be responsible, as there are two different forms of defacement. “One’s displaying an ASCII character-based [text] graphic of a male urinating on the Israeli flag, and the other one is just saying rude words,” Roger Thompson, chief research officer for security software company AVG, told Crikey.
Those rude words are the rather subtle “f-ck Israel”. Some profiles also had their status message changed to “You can’t underestimate [sic] Turkey’s POWER !!! The account has been HACKED !!!”
Hacktivism — attacking computer systems to make a political point, often using techniques that are illegal or of dubious legal status — is nothing new. It’s an Australian invention, in fact. The first recorded instance of hacktivism is the WANK worm of 1989, when the “Worms Against Nuclear Killers” infected NASA and US Department of Energy computers quoting Midnight Oil lyrics to protest the launch of the nuclear-powered Galileo spacecraft.
Nor is hacktivism new to the Palestine conflict. In 2006, when Israel launched Operation Summer Rain into Gaza, more than 750 Israeli websites were hacked and defaced by Team Evil, whose spokesperson said all its members were Moroccan youths under the age of 20.
Further hacking incidents took place during the three-week Gaza War of 2008-2009, with pro-Palestinian and pro-Israeli groups defacing websites and even each other’s Facebook groups.
What’s new here is that individual Facebook accounts are being defaced — not those taking part in the propaganda war but random citizens of the target country. Innocent bystanders, as it were.
“The hacktivism really is fairly low key,” said Thompson. “It’s not an end-of-the world event or anything like that.” He considers the development interesting rather than revolutionary. Numbers are small, about half a dozen a day peaking at about 50 on the weekend. This suggests the attacks are being done manually, one at a time.
“Probably passwords are being phished somewhere else … There’s a lot of activity with folks trying to phish people’s Facebook login because people publish so much information about themselves on Facebook that it’s a rich ground for other sorts of criminal activity.”
However, Turkish hackers have a history of conducting competent, large-scale website defacements. “They’re not fools, they’re really good at automated hacking,” Thompson told Crikey.
In 2006, for example, the Turkish hacker Iskorpitx claimed what was then the world record for defacing some 38,000 websites in a single day. That figure is easily dwarfed by 2010 techniques. “You can easily get a couple hundred thousand hits in a day,” says Thompson.
So is this the precursor of things to come, when those with a political inclination align themselves with those who know how to automate the attacks?
“Exactly. That’s exactly right.”
Crikey is committed to hosting lively discussions. Help us keep the conversation useful, interesting and welcoming. We aim to publish comments quickly in the interest of promoting robust conversation, but we’re a small team and we deploy filters to protect against legal risk. Occasionally your comment may be held up while we review, but we’re working as fast as we can to keep the conversation rolling.
The Crikey comment section is members-only content. Please subscribe to leave a comment.
The Crikey comment section is members-only content. Please login to leave a comment.