BDS new evidence suggests Israel’s responsibility in cyber-attacks on our website
Bethlehem - PNN
A technical report issued today by eQualit.ie, a non-profit online security service, uncovers important evidence that the Distributed Denial of Service (DDoS) attacks carried out on the main website of the BDS movement and websites of other groups critical of Israel’s occupation and violations of human rights are complex and highly coordinated the BDS movement said in press reels that PNN received bu email.
The advanced technology used in the attacks and the size of the botnets involved may show that Israel was directly involved. Israel has previously stated that it plans to use cyber warfare to undermine the BDS movement.
The websites of around BDS organizations in North America and Europe also faced denial of service attacks during February and March, at the same time as the BDSmovement.net website was attacked.
Mahmoud Nawajaa, general coordinator of the Palestinian BDS National Committee, the broadest coalition in Palestinian society that leads the global BDS movement, reacted to the report saying:
“These latest cyber-attacks against BDS seem to be part of a full-fledged Israeli war on the movement that includes McCarthyite legal repression, use of intelligence services and yet more funding for ‘brand Israel’ propaganda.
These attacks smack of Israel’s despair at its growing isolation around the world, after failing for years to stem the growing support for the nonviolent BDS movement as a strategic and effective means to achieve Palestinian rights under international law.”
“We’re very grateful to the support provided by our technology partners Deflect and MayFirst whose tireless work has ensured that we continue to stay online and communicate about the Palestinian struggle for freedom, justice and equality.”
A recent Associated Press report shows to what extremes the Israeli government has gone in its desperate attempts to fight BDS in cyberspace in light of its dismal record in undermining the movement’s growth in academic, cultural and increasingly economic spaces.
The director general of Israel’s Ministry for Strategic Affairs, which is in charge of coordinating government efforts in fighting BDS, is quoted by AP addressing Israeli tech developers at a forum held in January 2016: “I want to create a community of fighters.”
Leading figures in Israel’s intelligence community, including the Mossad, and its hi-tech industries are teaming up in this effort, which aims to, among other tactics, “flood the Internet” with Israeli propaganda and “dismantle the infrastructure” of human rights groups that campaign for Palestinian rights through applying pressure on Israel, admitted a founder of an Israeli intelligence analysis company. He added, “It’s the kind of thing that, if you want to do it in the future … you can’t work in the open.”
A spokesperson for eQualit.ie said:
“Since joining the Deflect service, the bdsmovement.net website has been one of the most frequently targeted domains in our portfolio. Now that we have developed infrastructure and tooling to capture and analyze cyber-attacks targeting our clients, we hope to reduce the impunity currently enjoyed by those aiming to silence online voices.”
Mahmoud Nawajaa added:
“For all its financial clout, Israel may have shot itself in the foot by launching this all-out war of smearing, demonization and criminalization against BDS. In the last few months, three European governments and an array of the world’s largest human rights organizations — including Amnesty International, Human Rights Watch, American Civil Liberties Union (ACLU) and the International Federation for Human Rights (FIDH) — have defended the right to advocate and campaign for Palestinian rights through BDS.”
Further exacerbating Israel’s frustration is the fact that indicators of the growing impact of BDS have piled up at a higher rate in 2016 than at any comparable period since the movement was launched in 2005 by the absolute majority in Palestinian civil society.
In the first week of January 2016, the $20-billion Pension and Health Benefits Fund of the United Methodist Church declared the five largest Israeli banks off limits for investment and divested from the two that it held in its portfolios.
Also in 2016, Irish building materials corporation CRH and French telecoms giant Orange announced their withdrawal from Israel following effective BDS campaigns against them. Coming on the heels of the decision by Veolia, another large French company that ended its involvement in Israeli projects that violate international law, these exits have been hailed by BDS activists as a start of a “domino effect.”
The Brazilian state of Bahia decided on April 2 to end its cooperation agreement with Israeli water company Mekorot, and more than 27 local councils in Spain have declared themselves “Israeli Apartheid Free Zones” over the last few months.
Support for Palestinian rights has grown impressively in the US. A recent Pew poll reveals that the number of liberal Democrats who say they sympathize more with Palestinians is now higher than it has been at any point in the last 15 years (40%), and support for Palestinian rights among millennials has tripled over the last 10 years (to 27%).
A 2014 poll of conducted by an Israel lobby group shows that 46% of non-Orthodox Jewish American men under 40 support a full boycott of Israel in pursuit of Palestinian rights.
Mahmoud Nawajaa explains:
“Israel today admits that it has failed to stop the impressive growth of BDS in mainstream circles, mainly due to the inspiring collective action of thousands of dedicated, conscientious activists and organizations around the world. But Israel’s shift to the racist far-right, dropping its mask and revealing its true face as a regime of occupation, colonization and apartheid like never before, has certainly accelerated BDS support worldwide.”
A staunch anti-Palestinian director of a New York-based multinational advertising agency recently admitted, “BDS is driving the conversation, and the anti-BDS side is reactionary. Ours is a negative message, just not that inviting. We look like a corporate brochure. So we have a problem, my friends.”
Nawajaa concludes, “Israel seems to be losing its plot and resorting to extreme measures in fighting BDS not just because the movement is effective and strategic. Trying to sell its system of occupation, settler-colonialism and institutionalized racism is not easy at all, as the former apartheid regime in South Africa had found out.”
Technical Conclusions of eQualit.ie report on Cyber-Attacks on BDSmovement.net
Conclusions of incident #29 and #30 attacks
These attacks were distinguished by the relatively large number of participating bots, but were smaller in intensity (number of hits on target) compared to incidents #31-34. Three attacks were launched during the period of these incidents, requesting the same url ( /- ), as well as using the same “device” in the user agent of the request. There were two and possibly three botnets in these incidents. They can be differentiated by the geographic location of their bots and hit rates during attack. What is interesting is that the attack method between the different botnets and attack times is the same. Also the two botnets share a high percentage of intersecting bot IPs (76.8%). This may be an indication that they are subnets of a larger malicious network and are being controlled by the same entity.
Conclusions of incident #31 and #32 attacks
These incidents stand out for their common attack and attacker characteristics, with an intersection of 91% of bots used in both instances (of the smaller incident). Botnet #4 and #5 behaviour differs only in their hit rate. Botnet #5 and #6 have a similar number of bots and an almost identical hit rate. Interestingly, they differ greatly in the number of hits each one of them launched at the target site. It seems that all three botnets had strong presence on computers in the United States. All botnets used the same attack method – WordPress pingback – in both incidents. The similarities between bot IP addresses and the attempts to vary the attack pattern from very similar botnets indicates human lead efforts to adapt their botnet to get past Deflect defences. It appears that the botnets used in these two incidents have the same controller behind them.
Conclusions of incident #33 and #34 attacks
Incident #33 comes across as a probe (or a first attempt) before a much stronger attack, of similar characteristics is launched in incident #34. This is backed up by the use of a single botnet in both incidents. Botnet #7 appears in other attacks against Israeli websites, on our network and on the network of one of our peers. The attack pattern used in these incidents is similar to the previous two incidents, and we have found a 17.9% intersection between bots used in incident #32 and #33, possibly linking 31-34 together. Along with the prevalence of bots originating from the United States, there is some justification that botnets 4-7 originate from a similar larger network.