The Online Hate Prevention Institute (OHPI) has responded to a number of hacking incidents targeting the Jewish community in 2015. The most recent involved the takeover of a Jewish youth group’s Facebook page during this past weekend.
This attack was part of the 6th annual anti-Israel hacking event. The hackers managed to make one post as the page, in Arabic and English, before OHPI’s intervention with Facebook saw their access terminated and control swiftly returned to the youth group.
In past years the hackers have targeted Israeli Government sites and major organisations, however, these have largely been hardened against such attacks. Instead, small businesses in Israel, and Jewish community organisations around the world, who lack the resources to properly secure their sites, have become the new “soft” target.
This year, like last year, the hackers have also compromised e-mail accounts, and then used those accounts to take control of personal Facebook accounts, and then the pages those accounts manage. Such activity is highly illegal, but the hackers use proxies to make it more difficult to trace them, and once they are traced, there is little recourse when they come from countries like Morocco, or Libya.
OHPI recommends that everyone responsible for administering Facebook pages, whether for a community group, or a company, enable two step authentication on their accounts. Once enabled, this means that the first time you access Facebook from an unknown computer, you will receive an SMS with a code you need to enter in addition to your password. This means that even if an e-mail account is compromised, and a password reset, that won’t be enough to compromise an account. OHPI has instructions for enabling two step authentication for both Facebook and Google at: https://ohpi.org.au/online-safety/
Dr Andre Oboler, OHPI’s CEO, praised the response of both the youth group and Facebook. He said that, “Facebook should be commended, their cooperation with OHPI in resolving this was swift and thorough, including a post incident check to ensure everything had returned to normal. Beyond a small scare, no damage was done, but this is a reminder to us all to protect our accounts, and that those of us managing online assets for the community need to take extra care.” He also praised the response of CSG, the Jewish community’s volunteer security organisation, who liaised with OHPI through the incident.
Also Read: The Australian Jewish News reports on the incident.