by Avivah Litan | November 21, 2012 | Comments Off on Middle East Ceasefire welcome but does it apply to cyber-attacks?
Everyone is relieved about the temporary ceasefire between Israel and Hamas and hoping it will hold. Pale as it may sound when physical safety is compromised, there’s been a continuous flow of DDoS attacks against Israeli government and business websites during the Gaza crisis.
The latest one I heard about was today’s attack against the major Israel ISP and email provider, Netvision.
News about recent DDoS attacks against major U.S. banks has faded in the background since Hurricane Sandy (although there was one against a major U.S. bank during the hurricane itself). But enterprises need to remember that according to academic researchers and active industry participants, those attacks were sponsored by Middle Eastern criminal organizations that reportedly have the backing of Hamas.
My colleagues Lawrence Orans, John Pescatore, and Anthony Chuvakin have written research on how best to defend against DDoS attacks that I encourage everyone to read. Enterprises and financial institutions also need to stepw up fraud prevention efforts and intelligent security monitoring. Mark Nicolett and I have a research note on this latter subject coming out shortly titled “Mitigating Breaches with Real-Time Discovery.”
At some point, it may take an all out offensive to take down the cyber-attackers. Some of them may be more dangerous than others. But just as relative amateurs wreaked havoc on a region by launching inaccurate missiles out of the Gaza Strip, even amateur cyberattackers create enough noise to be at best troublesome and at worst dangerous. I don’t think it’s wise to dismiss any of them. For now, they are still out there and operating, and haven’t signed any ceasefire agreement.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.