Malware Spiked in Days Before Israel-Hamas Hostilities Began

Findings of cybersecurity study show spread of malware might be able to predict upcoming world conflicts.

new-hdc-logo
Haaretz
Send in e-mailSend in e-mail
A cybersecurity expert monitoring telecommunications traffic in Virginia on July 15, 2014. Credit: Reuters
new-hdc-logo
Haaretz

The amount of malware attacking Israel rose dramatically in the days before the fighting with Hamas and in the lead-up to the conflict over Crimea earlier this year, researchers from cybersecurity firm FireEye found in a recent study.

The findings indicated that the spread of malware might be able to predict upcoming world conflicts, U.K. technology website ITProPortal reported Wednesday.

"We can see the digital equivalent of troops on the border," Kevin Thompson, a threat analyst for FireEye, told the press. He said the next step is to compare a year's worth of malware with international events during that period.

In addition to tracking malware attacking Israel, FireEye also found Israeli malware installed on computers in the United States and Canada, the technology site reported.

"You have an indication that maybe Israeli national security organizations are leveraging infrastructure in Canada and the U.S.," said Kenneth Geers, who worked on the project. "If the U.S., or Korea, or Japan was about to go to war, you would see a bump in callbacks—it's just part and parcel of today's national security undertakings."

Many countries are now using malware to both gather intelligence and actively attack targets in hostile countries, ITProPortal reported.

The FireEye study is based on millions of malware messages sent over the past 18 months that are among the data collected from more than 5,000 corporate and government clients around the world, the technology site said.

The security firm tracked down the location of the computer controlling the malware by finding what are known as callback messages, which malware sends to its controllers to report its status or pick up new commands once it has penetrated a network, the article said.

The technology site said accurate patterns can emerge over large data sets even though malware writers often attempt to disguise their location.

Comments