Jewish organizations may have gotten only a temporary reprieve from attacks on their IT systems, an international human rights organization said Tuesday.
The Simon Wiesenthal Center (SWC) issued a warning late last week that the militant Islamic group Hamas was urging followers to conduct
a three-day “”electronic jihad”” on Jewish Websites, starting Nov. 29. According to the Center’s Canadian arm, however, none of the 27 organizations its researchers had identified as potential targets in the rumoured online holy war have encountered a security violation so far.
“”It was supposed to take place within the first three days, but in fact nothing’s happened,”” said Leo Adler, director of national affairs at Toronto-based Friends of Simon Wiesenthal Center for Holocaust Studies, adding that the first attack was scheduled to hit the Israeli embassy in Washington.
The SWC issued its warning after researchers discovered two Web sites that offered “”how-to”” tips to hack into Jewish-related portals. Adler said attacks could include everything from disabling sites and launching viruses to causing URL changes that direct Web surfers to sites with fraudulent information.
“”One of the things we’ve learned is that unfortunately they do make good with their threats, or they try to one way or the other, sooner or later,”” Adler said. “”The fact that nothing happened as yet simply means that we have to be even more vigilant. It may be that they simply postponed it.””
The Web sites, which were written in Arabic, had indicated the attacks would begin at the same time as the Jewish Hanukkah Festival of Lights, Adler said.
Ron Singer, a spokesman for the Canadian Jewish Congress, said the CJC was aware of the threat but hadn’t experienced any major problems.
“”I’ve heard from our Internet hoster who has our server that there’s been a few attempts to hack in, but I don’t know if it’s been any organized kind of thing,”” he said, adding the attempts happened weeks ago. “”It could have just been people fooling around.””
Jack Sebbag, general manager of Network Associates International’s Canadian operation, said Jewish community organizations should be doing the same thing that commercial organizations and federal government agencies have been doing for years: complete perimeter blocking of all IT access points. This includes installing anti-virus tools for servers, Web servers and desktops.
“”You don’t buy fire insurance only once your house has burnt down,”” he said. “”Now people are scrambling and trying to understand whether they need protection.””
Carey Nachenberg, chief researcher with Symantec Corp.’s AntiVirus Research Center, agreed, but added organizations shouldn’t merely rely on just any tools. A Layer 7 or application-level firewall, for example, will examine the contents of a message as well as its address. “”Many hacking attacks leverage completely legitimate channels,”” he said.
Alder said the SWC has the same vulnerabilities as any global organization.
“”Our Canadian computer operation is hooked into the main operation in Los Angeles,”” he said. “”We have security that we’re always building into the systems that we’re always updating. I think most Jewish organizations and certainly the Israeli government sites do the same.””
Singer agreed. “”I hope our level of security and firewalls is adequate,”” he said. “”It seems to be.””
The SWC monitors approximately 25,000 Web sites every month for anti-Semitic material it compiles in a CD-ROM called “”Digital Hate”” which is distributed to law enforcement agencies.