Israel fires opening salvoes of cyberwar against BDS

At a cyberwar forum in Tel Aviv in January, Israeli officials threatened to use the country’s spy agencies to attack the BDS movement, the Palestinian-led global campaign to boycott, divestment from and sanction Israel for its mistreatment of the Palestinians.

The Associated Press (eventually) published a report on these threats, and independent journalists like myself have been trying to raise the alarm. Israeli ministers also, at an anti-BDS conference in March, made veiled threats of violence against BDS leaders – Omar Barghouti especially.

But these open declarations of aggression and criminality targeting a purely non-violent Palestinian political movement garnered little attention in the mainstream media. The silence of western politicians on this must be seen as acquiescence.

Considering that the United States has formal policy that that defines “hostile acts in cyberspace” as acts of war that can legitimately be replied to using “all necessary means … [including] military”, this open aggression by the US and UK’s main regional ally would be punished if western leaders were anything other than total hypocrites.

And now a new report by an internet security organisation has provided convincing proof that this was no idle threat the Israelis made.

The opening volley of the Israeli cyberwar against BDS has been fired, it seems.

Israel has a history of aggressive computer crime targeting its regional enemies. It is by now well documented that Israel was part of a US-led plot to create the Stuxnet malware which targeted Iran’s nuclear energy programme for destruction. The virus instructed the centrifuges to spin too fast, so that the machinery would shake itself to pieces.

But now, the new report, by Deflect Labs (a project of eQualit.ie, a Canadian not-for-profit organization which defines itself as “working to promote and defend human rights in the digital age”) seems to point to the finger at the state of Israel.

The report documents several recent attacks against bdsmovent.net, the website of the BDS National Committee (BNC — the Palestinian civil society coalition set up to lead the BDS movement). The principle behind the attacks, known as distributed denial of service (or DDoS) attacks, is fairly simple to understand.

In essence, the attacker swamps the targeted website with millions of requests all at once so that the site is overwhelmed and becomes unavailable in practice. One of the attacks, which took place on 1 and 2 March consisted of “over 13.5 million total hits in six hours”, the report details.

“This is an excellent example of how DDoS attacks can also be used to silence activists and organizations,” Jillian C. York, director for international freedom of expression at the Electronic Frontier Foundation, a group that works to defend civil liberties in the digital world, told The Electronic Intifada.

Deflect, which already protected the BNC site in advance of the attacks, says it had some success in diverting the bogus traffic away from the BNC site.

The attacks documented in the  report took place between 1 February and 31 March.  The threats at the Mossad-attended forum reported by AP took place in January. On 31 May, at another anti-BDS conference in New York city, a top leader in the Israel lobby said of Israeli cyber warfare ideas (what he termed “the war on social networks”) “we are already beginning to implement them.”

The Deflect report does not explicitly point the finger at Israel, as it says it will present its findings in that regard in a second, upcoming, report. But, in the context of these recent threats to launch just such attacks, Israel seems the most likely culprit.

One of the hijacked networks of computers (known as “botnets”) used by the attackers against the BNC website on 3 March “also hit the website of an Israeli Human Rights organisation under our protection” on 5 April and 11 April”, Deflect reports. “Organisations targeted by this botnet do not share a common editorial or are in any way associated with each other. Their primary similarities can be found in their emphasis on issues relevant to the protection of human rights in the Occupied Territories and exposing violations in the ongoing conflict. Our analysis shows that these websites may have a common adversary … that their individual work has aggrieved.”

DDoS attacks are not particularly sophisticated, and do not require the resources of a state to execute.

However, the report details how, in response to Deflect’s attempts to foil the attacker’s malicious traffic, the attacker began to vary the pattern of the attack. “The similarities between bot IP addresses and the attempts to vary the attack pattern from very similar botnets indicates human lead efforts to adapt their botnet to get past Deflect defences,” the report says.

Israeli spy agencies do seem the most likely culprit then.

Although this is the best evidence yet of such Israeli attacks, this is likely not the first time Israel has engaged in such cyber criminality against peaceful activists and journalists who write critical things.

“The Electronic Intifada and other Palestine-focused news sites have also previously been targeted by DDoS attacks,” the site reports.
Asa Winstanley is an investigative journalist who lives in London and an associate editor with The Electronic Intifada.

Read:

Technical report suggests Israeli involvement in cyber-attacks on BDS website.

Israeli forces assaults demonstrators calling for boycott.

The price of principles and Palestine.

Anti-BDS tactics are doomed to fail.

The views expressed in this article belong to the author and do not necessarily reflect the editorial policy of Middle East Monitor.