The Israeli SCADA’s That Weren’t and the Media Who Do NOT Fact Check
The ongoing war of who can be more annoying has been raging between the “Muslim Hackers” and the “Israeli Hackers” since about January 2nd.
0xOmar and his crew dumped thousands of credit cards (Isreali) and the Israeli’s threatened him/her/them with being whacked or detained.
After the threat by Israel, Omar and company (Nightmare and others) decided to DDoS the El-Al website and the Stock Exchange. Which really went nowhere…
Just as the tensions were getting to a heated level suddenly a Pastebin was dumped by a “guest” that claimed to have Israeli SCADA systems on them. Now the war was REALLY ON!
THEN on January 17th another Pastebin was put out and signed “Anonymous” which purported to be more SCADA systems and invoked the kiddies to go play. This time the dump had some emails and passwords (hashes as well).
OH MY. The media ate it up... The CYBERWAR between Israel and the Muslim’s was ON! And Israel is DOOMED!
What’s That? You Say Anonymous and Saudi Hackers Have... “PWNT” SCADA’s In Israel! OMG OMG OMG CYBERWARRR!
(click image to enlarge)
Fearlessly the media clamped onto the Pastebin’s and the hue and cry went out. The cyberwar was heating up and credit cards and SCADA systems hung in the balance!
What would happen next? What would be the escalation? Would there be war in the streets as Palestinians and Israelis hurled useless credit cards at each other like small, mostly harmless shuriken?
How could these SCADA systems be online like this anyway? What are the dangers here? FUD FUD FUD….
Enter The Captain BUZZKILL (REALITY)
This is where reason and sanity enter the picture… I was asked by someone in the media to look at this. No not someone in mainstream media, but more a researcher investigating something to do with all of this.
So I got hold of the IP addresses/Pastebins and began looking through each of their WHOIS records, Googling the pages and eventually just hitting them up directly to see just what was what.
Out of the 22 systems listed as SCADA by the skids, only 3 were really SCADA and 4 may have been... Maybe... Though not likely.
Those that were SCADA were not in default state for passwords and in general, did not seem to be important systems such as government or large power company hardware… Hell, for that matter none were water facilities, which I should think in a desert would be kinda important, no?
Anyway, the sites all were a bust really and it really kind of bothers me that none of the reporters out there actually took the time to ask someone like me, or anyone with a limbic system, to look them up and check if they were in fact SCADA AND EXTREMELY VULNERABLE
None. Niente. Not a one.
Never mind if they were important systems that could cause damage to Israel... But then again, the perception of some is that dumping credit cards numbers is really really gonna do some major damage to “the man”
I’m sorry all you reporters out there are unable to dial phones or actually know any security folks out in the real world... Oh... Wait, Maybe you called on Greg Evans to confirm this? CNN? FOX? MSNBC? I know, he is your “go to guy”… *Le Sigh*
Dear Mainstream Media.. The INFOSEC COMMUNITY (apart from Greg Evans and those on the Attrition charlatans page) Are Here To Help!
Dear media.. There are many among you in the world who know who to use WHOIS and other tools as well as “The Googles” to understand the things that you might not.
Those people are easy enough to find really. All you need to do is contact groups like ISC2 (shh all of you I know you are grumbling about that one) and other organizations that can easily provide you with some reputable people.
Call them, email them, TALK TO THEM! Stop just rapid fire reporting on stuff you don’t understand and are certainly not taking the time to, oh, research on, in order to fulfill your jobs as “Reporters”
I know... It’s a lot to ask... But please... For my sanity and others… Do it.
Cross-posted from Krypt3ia