The Israeli banking system was attacked this weekend by hundreds of Malaysian hackers in an attempt to damage the state’s financial apparatus.
The anti-Israel group of hackers called “DragonForce” who carried out the attack claimed they had damaged the entire system; the hackers posted screenshots that appeared to show the collapse of the computers on Israeli banking sites. However, it is estimated that in many cases, these were fake shots.
The attack, carried out in three waves, was aimed at harming the services from the banks’ websites, and “even to try and film them through a distributed denial of service (DDOS) attack.”
The final wave of attacks, launched in the late hours of Friday night, was the most intense and difficult of them all, according to the Hebrew-language Ynet site.
“This is an urgent call for all hackers around the world to unite again and start a campaign against Israel,” the group’s Telegram group said. Hundreds of thousands of members joined via Twitter, Telegram, Facebook and a forum.
Against the background of Israel’s activities in Gaza, the group launched the current attack a few days before its planned date, distributing the Internet addresses of Israeli banks and inviting hackers who hated Israel from all over the world to participate in the attack.
In Israel, cyber defense personnel prepared for the attack and reportedly prevented most of the attempts.
A source at one of the banks told Ynet that when the bank’s cyber defense personnel managed to block the Internet addresses of the attackers, they saw a message on the screen as if the bank’s website had crashed.
“Some of the time they posted all kinds of ‘successes’ [but] it was ‘Photoshop'” the source said.
During a DDOS attack, the attackers launch thousands of calls simultaneously with the aim of causing the targeted site to crash.
According to estimates by experts who participated in the defense of the banks, the scope of the attack reached approximately 200 megabytes per second — a considerable volume.
An Israeli cyber expert told Ynet the purpose of this type of attack is to exploit the high number of attackers to collapse the computer systems, rather than to infiltrate to obtain information.
A source in the Israeli banking system quoted by Ynet said the targeted load of inquiries led to a brief slowdown and denial of service at all banks’ sites.
One of the attacks was aimed at the Bank of Israel.
“From time to time attempts are made to carry out DDOS attacks on the Bank of Israel’s external website and on websites of government ministries,” the Bank of Israel said in a statement. “Such attempts are routinely blocked without damage to the website; thus in any case such attempts do not affect the bank’s systems.”
According to Bank Leumi, browsing was “available as usual” for its customers nationwide.
Other banks issued similar statements, saying the attempted attack was “unsuccessful and no damage to any service or process was identified.”
DragonForce recently published one file that allegedly contained the names and addresses of hundreds of thousands of Israeli students and another that contained a list of Israelis’ passports as well as other personal data.
In this case, however, experts in Israel’s cyber defense system said such attempts as those on the banks’ websites are “routinely recognized and stopped. In this case too, the banks were prepared and all attempts were stopped without harming the service or any process.”