The Israeli government is inviting hackers to break in
The government must recognize that in a technological era every protective system also constitutes a potential for penetration making a biometric database an invitation to hackers to break in.
Credit card details belonging to thousands of Israelis were posted online Monday by a hacker who claimed to be part of the Saudi Arabian collective, group-xp. The hacker, known as 0xOmar, hacked into ONE, a popular Israeli sports website, where he posted the details of thousands of Israelis on the homepage. In addition to the Israelis' credit card numbers, addresses, names, telephone numbers and identity card numbers were also revealed.
The disclosure of the details was carried out by relatively simple means. The hacker group penetrated a large number of Israeli sites where credit cards are regularly used for purchasing various products, and they then published the details of the clients. In response to the attack, the credit card companies announced: "The clients are not expected to be harmed. All the credit cards have been blocked for purchases on the Internet or by telephone, and all the compromised credit cards will be replaced within a few days. Even if there are cases in which purchases were successfully made, we shall return the money."
However, while it is possible to block the credit cards and in that way to obviate the possibility of financial loss, the personal details of those affected - their names and addresses, telephone numbers and ID card numbers - cannot be deleted. The moment they have appeared on the Internet, the details of thousands of Israelis have been expropriated and become public property.
The action by the Saudi hackers should serve as a warning sign regarding the continued application of the biometric database law. The law, which was proposed by Knesset member Meir Sheetrit and whose regulations were approved in May 2011 by the ministerial committee for biometric applications, is likely to expose Israeli citizens to severe invasion of their privacy. Criminal organizations or foreign organizations interested in causing damage to the state and its citizens might penetrate the future biometric database and do whatever they want there.
The head of the National Cyber Committee, Yitzhak Ben-Yisrael, said Tuesday: "The situation in which any group of hackers can penetrate databases can be stopped only if a suitable protective system is built - and that is what the Israeli government has decided to do."
However, the government, too, must recognize the fact that, in a technological era when every protective system also constitutes a potential for penetration, a biometric database is an invitation to hackers to break in.