Call me paranoid but I see a more troubling cyber-battle brewing in the Middle East than in Washington, DC where pending anti-piracy legislation caused Wikipedia to take a day off. Israeli and Arab hackers have been attacking the websites and systems of stock exchanges, among other targets, and I worry it’s a harbinger of things to come.
To recap, on Jan. 16 pro-Palestinian cyber-attackers who call themselves “Nightmare” and apparently are affiliated with “oxOmar,” a self-described Saudi Arabian hacker, targeted the websites of the Tel Aviv Stock Exchange in Israel and El Al, the Israeli airline. Their websites were bombarded by denial of service attacks that thankfully did not have a chance to stop trading or air travel. Both the exchange and the airline bounced back from the attacks after a few hours. (However, when I tried to pop onto the Tel Aviv exchange website yesterday and this morning, I got a screen blank except for “Please try again later. The site is too busy right now.” The El Al website seemed fine.)
The exchange and El Al were able to brace for the attack because oxOmar sent an email message about the pending attack to the Ynet news service for Israel the night before the onslaught.
Subsequently, there were media reports that Israeli hackers, known as “IDF-Team,” were retaliating and targeting the websites of the Saudi Stock Exchange and the Abu Dhabi Securities Exchange (ADX), which the exchanges denied. (Adding fuel to the fire afterwards, the Islamic terrorist group Hamas, which controls the Gaza region of Israel, voiced its support for the hackers and their attacks upon Israel.)
The Saudi Stock Exchange (Tadawul) issued a statement that “confirms that all systems and operations have and continue to perform normally. Media reports about any hacking of [the] Tadawul website and/or any associated degradation of website performance are incorrect. The exchange website remains accessible and fully operational to users. Tadawul deploys advanced systems and processes to protect the integrity and continuity of its infrastructure.”
ADX officials said that maintenance on its website caused a slowdown in performance and that all technical difficulties have been resolved. (However, this morning I was unable to get onto the ADX website: www.adx.ae; this could be due to my problematic laptop.)
Predictably, the IDF-Team cyber-attackers announced that they are intent upon keeping the war going and have threatened more disruptions.
These attacks make the cyber ambush on Nasdaq OMX Group’s networks last year pale in comparison. The hackers in that case infected the Directors Desk service, which facilitates the storage and exchange of documents among 300 or so company boards. The hackers did not get as far as Nasdaq OMX’s transaction platforms and did not reach customer information. Shortly thereafter, The Wall Street Journal reported in May on how the Pentagon reclassified another country’s cyber attacks upon key US systems such as power grids, subways, nuclear reactors and financial markets as acts of war, requiring a traditional military response. As I said then, it’s encouraging that the Pentagon is taking the cyber-warriors seriously.
Yet more work has to be done to secure the IT systems of the world’s global financial centers, which even after 9/11 are still such easy targets.
A recent cover story in The Economist (Jan. 7-13) focuses on just how vulnerable bankers and financial centers are to attacks, particularly the physical kind. In fact, in London, a British High Court judge just ordered Occupy London protesters to evacuate from an encampment outside St. Paul’s Cathedral, which was the closest the Occupiers could get to the London Stock Exchange (LSE). Since this past October, protestors have been kept from the LSE because the potential encampment site is private property. Ultimately, for churchgoers and financial types, the protests were too close for comfort.
The piece in The Economist reminds us of how frequently throughout history bankers and financial centers have been under an attack fueled by some justification and a lot of prejudice and blind rage. “Today, the combination of hard times and harsh rhetoric could also produce something nasty,” according to the piece.
The millions of people across the globe who have been profoundly affected by the Great Recession (including myself) or any victims of other injustices have every right to protest and should demand justice. They do not have the right to counter a wrong with even greater destruction. However, we have to acknowledge that the temptation to do so is very strong.
Essentially, we know that cyber-attacks upon global financial markets will continue to emanate from multiple pools of extremism. We have to urge the exchanges, the regulators and other authorities to take responsible, preventative actions. But they and we have to also be prepared for the worst.
Need a Reprint?
Leave a Reply