Take That Israel! All Your SCADA's Are Belong to Us!

Friday, January 20, 2012

Infosec Island Admin


The Israeli SCADA’s That Weren’t and the Media Who Do NOT Fact Check

The ongoing war of who can be more annoying has been raging between the “Muslim Hackers” and the “Israeli Hackers” since about January 2nd.

0xOmar and his crew dumped thousands of credit cards (Isreali) and the Israeli’s threatened him/her/them with being whacked or detained.

After the threat by Israel, Omar and company (Nightmare and others) decided to DDoS the El-Al website and the Stock Exchange. Which really went nowhere…

Just as the tensions were getting to a heated level suddenly a Pastebin was dumped by a “guest” that claimed to have Israeli SCADA systems on them. Now the war was REALLY ON!


THEN on January 17th another Pastebin was put out and signed “Anonymous” which purported to be more SCADA systems and invoked the kiddies to go play. This time the dump had some emails and passwords (hashes as well).

OH MY. The media ate it up... The CYBERWAR between Israel and the Muslim’s was ON! And Israel is DOOMED!

What’s That? You Say Anonymous and Saudi Hackers Have... “PWNT” SCADA’s In Israel! OMG OMG OMG CYBERWARRR!

(click image to enlarge)

Fearlessly the media clamped onto the Pastebin’s and the hue and cry went out. The cyberwar was heating up and credit cards and SCADA systems hung in the balance!

What would happen next? What would be the escalation? Would there be war in the streets as Palestinians and Israelis hurled useless credit cards at each other like small, mostly harmless shuriken?

How could these SCADA systems be online like this anyway? What are the dangers here? FUD FUD FUD….

Enter The Captain BUZZKILL (REALITY)

This is where reason and sanity enter the picture… I was asked by someone in the media to look at this. No not someone in mainstream media, but more a researcher investigating something to do with all of this.

So I got hold of the IP addresses/Pastebins and began looking through each of their WHOIS records, Googling the pages and eventually just hitting them up directly to see just what was what.

Out of the 22 systems listed as SCADA by the skids, only 3 were really SCADA and 4 may have been... Maybe... Though not likely.


Those that were SCADA were not in default state for passwords and in general, did not seem to be important systems such as government or large power company hardware… Hell, for that matter none were water facilities, which I should think in a desert would be kinda important, no?

Anyway, the sites all were a bust really and it really kind of bothers me that none of the reporters out there actually took the time to ask someone like me, or anyone with a limbic system, to look them up and check if they were in fact SCADA AND EXTREMELY VULNERABLE

None. Niente. Not a one.

Never mind if they were important systems that could cause damage to Israel... But then again, the perception of some is that dumping credit cards numbers is really really gonna do some major damage to “the man”


I’m sorry all you reporters out there are unable to dial phones or actually know any security folks out in the real world... Oh... Wait, Maybe you called on Greg Evans to confirm this? CNN? FOX? MSNBC? I know, he is your “go to guy”… *Le Sigh*

Dear Mainstream Media.. The INFOSEC COMMUNITY (apart from Greg Evans and those on the Attrition charlatans page) Are Here To Help!

Dear media.. There are many among you in the world who know who to use WHOIS and other tools as well as “The Googles” to understand the things that you might not.

Those people are easy enough to find really. All you need to do is contact groups like ISC2 (shh all of you I know you are grumbling about that one) and other organizations that can easily provide you with some reputable people.

Call them, email them, TALK TO THEM! Stop just rapid fire reporting on stuff you don’t understand and are certainly not taking the time to, oh, research on, in order to fulfill your jobs as “Reporters”

I know... It’s a lot to ask... But please... For my sanity and others… Do it.


Cross-posted from Krypt3ia

Possibly Related Articles:
Information Security
Denial of Service SCADA breaches Cyberwar Attacks DDoS Credit Cards hackers Israel FUD Scot Terban Data Dump Industrial Control Systems Media Saudi Arabia Krypt3ia Muslim 0xOmar
Post Rating I Like this!
Andrea Zapparoli Manzoni Well said Scot, but don't you think that mainstream media reporters, wannabe geopolitical gurus and lobby-sponsored fudders are, willing or not, piloted and fomented by those who can (and will) profit from the "cyber intifada" and "cyberwar in the middle east" (powerful) tales?
Krypt3ia Andrea,
Thanks.. What I "want" is the mainstream media to go back to the old tenets of journalism. This means actually doing the deep background and reporting on issues evenly and correctly. Instead, they have been made a profit center instead of a cost center as they were when real journalism was more prevalent.

At the very least have someone who is able to, look up the domains and look at the websites and comment. Instead they just ran with it..

"If it bleeds it leads"
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.