Re: [iwar] Arab/Israeli "CyberWar" of our own making

From: B.K. DeLong (
Date: 2001-06-10 20:46:28

Return-Path: <>
Received: from by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Sun, 10 Jun 2001 20:48:06 -0700 (PDT)
Received: (qmail 21451 invoked by uid 510); 11 Jun 2001 02:48:22 -0000
Received: from ( by with SMTP; 11 Jun 2001 02:48:22 -0000
Received: from [] by with NNFMP; 11 Jun 2001 03:47:19 -0000
Received: (EGP: mail-7_1_3); 11 Jun 2001 03:47:19 -0000
Received: (qmail 59106 invoked from network); 11 Jun 2001 03:47:18 -0000
Received: from unknown ( by with QMQP; 11 Jun 2001 03:47:18 -0000
Received: from unknown (HELO ( by mta2 with SMTP; 11 Jun 2001 03:47:13 -0000
Received: from ( []) by (EL-8_9_3_3/8.9.3) with ESMTP id UAA21060; Sun, 10 Jun 2001 20:47:05 -0700 (PDT)
Message-Id: <>
X-Mailer: QUALCOMM Windows Eudora Version 5.0.2
In-Reply-To: <>
References: <>
From: "B.K. DeLong" <>
Mailing-List: list; contact
Delivered-To: mailing list
Precedence: bulk
List-Unsubscribe: <>
Date: Sun, 10 Jun 2001 23:46:28 -0400
Subject: Re: [iwar] Arab/Israeli "CyberWar" of our own making
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

At 07:40 PM 06/10/2001 -0700, you wrote:
>         The PLO did denial of service attacks against israeli military
>         and governmental systems.

Does this include their classified networks where the real work happens? Or 
just the unclassified network where their brochureware Web sites revised? 
The US government and military is subjected to DDoS and DoS attacks all the 
time...I hear they pretty much move on with their lives as classified 
networks are relatively isolated from such attack.

And how do we know the PLO did these DoSes? We all know that all it takes 
is one person with control over hundreds of zombie machines to take down a 
small network. A good example of this is detailed by Steve Gibson:

>         They also stole credit card information and names and contact
>         information for supporters of Israel and caused them grief.

You must be talking about the American Israel Public Affairs Committee :

I'll agree - that's probably the closest we've come to "cyberwar" in my 
opinion. (and they POSTED credit card and contact information on the 
defaced site  - there was never any evidence that they were stolen and 
used). But then again, would GForce Pakistan really got involved in this 
action had the media not blown it out of proportion? If you look at their 
previous defacements you'll see hundreds of sites defaced in the name of 
Pakistan regarding the Kashmir conflict. 

>         They also used the Internet to lure, kidnap, and kill an Israeli
>         teen.

Who's "they" ? From what I've read, this was certainly not PLO sanctioned. 
In the US, sick adults lure kids to their houses to kidnap and/or kill them 
every so often as well. I don't see how the above incident was part of an 
organized, state-sanctioned "cyberwar".

>Israel also participated...
>         They killed a PLO leader by blowing up their cell phone (before
>         the latest round).

Hmmm. Are you talking about the death of Islamic Jihad leader Iyad Hardan 
in April? He wasn't killed with his cell phone but a booby-trapped public 
telephone. Which in my mind has nothing to do with "cyber" anything. 

>I want to agree with your assessment but it is not that clear cut.

What activity at this point in time has lead you to say that the 
Israel/Arab "cyberwar" is building back up again? While my assessment is 
not "clear cut" I think we need to present all the evidence before 
declaring a "cyberwar" is going on. It doesn't take much for the media to 
drool and let the FUD fly nowadays.

You made several valid points but I poked holes in them because there's no 
clear-cut definition between a "cyberwar", a security incident, and a 
trend. I think use of the word "cyberwar" has serious connotations that the 
American public in general cannot distinguish between an actual declaration 
of war and a really annoying security incident like we can. Therefore I 
think it's important to keep talk away from comparing these incidents to 
wartime activity and continue to describe them as the computer security 
problems that they are. Otherwise that will not only confuse and scare the 
American public but also feed the media into making this incident 
longer-lasting then it should be.


B.K. DeLong
617.877.3271               Play.        Potter.                       Security.     Herb.


Your use of Yahoo! Groups is subject to 

This archive was generated by hypermail 2.1.2 : 2001-06-30 21:44:16 PDT