Israeli Computer Hackers Foiled, Exposed

Danielle Ni Dhighe danielle at
Fri Sep 6 16:43:07 MDT 2002

[Poster's note: The author of this article came to same conclusion I
reached several weeks ago, namely that these attacks were Israeli

Washington Report on Middle East Affairs
3 September 2002

Israeli Computer Hackers Foiled, Exposed
By Michael Gillespie

Israeli cyber warfare professionals targeted human rights and anti-war
activists across the USA in late July and August temporarily
disrupting communications, harassing hundreds of computer users, and
annoying thousands more.

The Israeli hackers targeted Stephen "Sami" Mashney, an Anaheim,
California, attorney active in the effort to raise awareness of the
plight of Palestinians.

"People have found an alternate way to communicate through the
Internet," Mashney, a Palestinian-American, told the Washington Report
on Middle East Affairs, "and this attack is backfiring on the hackers.
Many people are being educated."

Mashney, who co-manages a popular pro-Palestinian e-mail list hosted
by Yahoo! logged onto his Internet accounts on July 31 to find
hundreds of e-mail messages from angry Americans. He quickly realized
that hackers had appropriated or "spoofed" his e-mail addresses and
identity and sent out a message titled "Down With America" in his
name. The message named and included contact  information for 16 well-
known human rights activists and falsely claimed the activists wished
to be  contacted by anyone desiring advice or assistance in fomenting
and carrying out anti-American, anti-Christian, or anti-Jewish
activities. In an obvious attempt to damage Mashney's reputation, the
hackers appended his name, law office telephone number, and website
address to the spurious e-mail.

As Mashney was looking up the telephone number of the local FBI office
to report the hackers' crime, his phone rang. It was the FBI calling,
from Washington, with questions about the forged e-mail message.
Mashney later met with FBI agents in California.

"I answered all their relevant questions," said Mashney, who notes
that the hackers' attacks  continued unabated for weeks and expanded
to include other new and innovative methods of  harassment that were
used against many other activists associated with Free Palestine and
other public and private e-mail lists.

Dr. Francis A. Boyle, professor of International Law at the University
of Illinois College of Law, is a human rights activist who served on
the board of Amnesty International USA. A member of Free Palestine
and other activist lists, Dr. Boyle was also targeted by Israeli
hackers who sent counterfeit  e-mails in his name.  Again, the
hackers' intention was to sow confusion, provoke animosity, damage a
reputation, and restrict ability to communicate.  When Boyle returned
from a vacation in mid August, he found 55,000 e-mails waiting for
him. Like Mashney, Boyle spent days sorting through the  messages,
writing personal apologies to those offended by the bogus e-mails,
and deleting thousands of bounced messages. Unflappable, Boyle takes
it all in stride.

"You can't keep the Irish down," wrote Boyle in an e-mail message to
this reporter.

Israeli hackers also targeted Dr. Mazin Qumsiyeh, associate professor
at the Yale University  School of Medicine. The hackers forwarded to
some 1,500 members of the Yale community e-mails  that Qumsiyeh had
sent to a private list of activists. Many of his university
colleagues were annoyed, but Qumsiyeh, too, feels that the hackers
are doing the Zionist cause more harm than good.  Qumsiyeh said the
hackers' efforts have generated new networking opportunities among
activists  and groups who did not know of each other's existence
before the hackers targeted them.

Monica Terazi is director of the New York office of the American Arab
Anti-Discrimination  Committee (ADC). Terazi's e-mail privileges were
yanked by Yahoo! for a time after hackers "spoofed" her e-mail address
and identity to send a message to some 80 Yahoo! groups. Terazi, like
Mashney, spoke with the FBI about the new Israeli cyber warfare
tactics, which have piqued the interest of Internet communications

For a story published August 23, Terazi wrote to Wired News reporter
Noah Shachtman, "While these e-mails are a nuisance, offensive and
intimidating, the FBI didn't find anything illegal: There haven't been
threats that rise to the level of a hate crime, no money has been
stolen, public safety has not been endangered and, as far as we can
tell, our computers have not been hacked or 'technically intruded
into' as one agent put it."  The offensive messages are all protected
by the First Amendment, said Terazi.

By mid August, the Israeli hackers had begun to target activists in
Iowa, where it seems the Israeli  hackers have "technically intruded"
into computers. It is also likely their helpers here have forwarded
addresses from private lists to Israel. Iowa activists report that
people and organizations on their private e-mail lists: family
members, friends, acquaintances, media contacts, government
officials, interfaith relations organizations, activists, and
activist organizations suddenly found themselves receiving tens,
hundreds, or thousands of anti-Arab, anti-Muslim and anti-
Palestinian "spam" e-mails  per day. Many on private e-mail lists
reported receiving anti-Arafat cartoons and racist diatribes,  along
with e-mail that aggressively connected to a web site that took
control of their computers,  turned the screen white, and made
it necessary to shut down and re-start the computer.  Some also
reported that their e-mail addresses had been "spoofed" and their
on-line identities appropriated for the distribution of racist

Darrell Yeaney, a Presbyterian campus minister who retired after
serving at the University of Iowa,  is active in Friends of Sabeel, an
ecumenical Christian organization that supports the ministry of
Sabeel, the center for Palestinian Ecumenical Liberation Theology.
He and his wife, Sue, now serve as co-moderators for the Middle East
Peacemaking Group in Iowa. The Yeaneys report that the hackers
appropriated their address and sent out spurious e-mail in their

Ames-based activist, author, and editor Betsy Mayfield, whose work has
appeared in the  Washington Report on Middle East Affairs, was busy
with plans for a mid-September Des Moines film festival, "Boundaries:
The Holy Land," when the hackers turned their attentions to her

Several Ames women whose only association with the crisis in the Holy
Land is their commitment  to the Ames Interfaith Council (AIC)
reported being shocked by the sudden appearance of  pornographic e-
mail and racist diatribes on their computer screens.

Many Iowans were targeted for harassment by the hackers, and hundreds
of others suffered varying degrees of inconvenience because they were
somehow connected to the cause of peace and justice in the Middle
East.  Similar scenarios played out in other states across the USA.

The scale of the Israeli cyber warfare campaign, the number of
targets, and the variety of techniques used, coupled with
specifically targeted intrusions calculated to provide additional
target addresses for the application of the hackers' various forms of
harassment, suggest a sophisticated, coordinated, government-
sponsored program designed to impact directly upon the
communications  abilities of the human rights and pro-Palestinian
anti-war activism communities in the USA.

When the Israeli hackers "spoofed" the AIC's e-mail address, they
invited a response they did not  expect.  Because the AIC list was
hosted by Iowa State University (ISU), because the world's first
electronic digital computer was invented at ISU in a Physics
Department laboratory in the early  1940s, and because he has
represented the ISU Muslim Student's Association on the AIC cabinet,
ISU Physics Department computer administrator Dr. Bassam Shehadeh
decided to track the hackers down.

"The hackers access the internet via an ISP called on the
West Bank," said Shehadeh.

When did not respond to his repeated e-mail enquiries,
Shehadeh called the company, informed their representative that Palnet
facilities were being used to interfere with communications at a state
institution in the USA, and demanded an explanation.  He provided
information that enabled Palnet technicians to identify the phone
number of the customer harassing Iowans.

"Everyone here is a victim but the hackers," said Shehadeh. "The
hackers use stolen identification to get access to Palnet."

Shehadeh said the contact line the hackers used for at least one
message to the AIC list address  was an Israeli number in West
Jerusalem or one of the surrounding settlements. A Palnet
representative also told Shehadeh the hackers have used several lines
and methods to access Palnet's facilities.

"Afterwards, the hackers compromise another service system here in the
USA by passing the e-mail message with Simple Mail Transfer Protocol
(SMTP), using HELO verb.  The hackers don't  have a valid principal
host but overcome that by using a bracketed Internet Protocol number
(IP address) at a location anywhere on the web. Web hosting servers
tricked into transferring these e-mails include Digital Cube, Inc.,
Verizon DSL Network, and Iowa Online Web Access located in
Washington, Iowa," said Shehadeh.

Shehadeh and other computer professionals working in the USA report
that ISPs and companies with IP addresses are typically very
cooperative when notified that their equipment is being misused. Most
act promptly to end the hackers' access.

Given widespread and systematic destruction of electronic
communications facilities by the Israeli Defense Force (IDF) in the
West Bank in recent months, the continued existence of Palnet
facilities suggests that the Israeli government had reason to permit
Palnet's continued operation and raises questions about the ability
of Palnet's owners to refuse service to Israeli hackers or otherwise
interfere with their activities.

This particular campaign in Israel's cyber war seemed to have been
curtailed, at least temporarily,  on August 29, soon after Shehadeh
tracked the hackers to the West Bank ISP and, finally, to an  Israeli
phone number, while other computer professionals in the USA, along
with some of the  targeted activists themselves, quietly contacted
management representatives at various IP addresses  around the globe
and notified them that their facilities were being abused.

PLEASE clip all extraneous text before replying to a message.

More information about the Marxism mailing list