» Topic:  Digital warfare

» Added by:  Roberto Preatoni

» Date:  3.8.2006

  On July 31st, Hezbollah's Al-Manar television suffered a digital attack that jeopardized the signal for some minutes, during the daily newscast edition.

The broadcast was suddenly disrupted and pictures of dead Hezbollah soldiers were displayed on the screen while a message written in Arabic, accusing the Shiite leader Hassan Nasrallah of being a liar, appeared under the images.

Then, caricatures of Nasrallah appeared, accompanied by captions reading: "Your days are numbered" and "Nasrallah, your time is up. Soon you won't be with us anymore."

According to the Israeli online magazine Ynetnews.com, the attack was carried out by the Israel Defence Force intelligence Unit that, in the past, repeatedly attempted to hack the Hezbollah's TV station.

The structure of Al-Manar broadcasting system is very complex, and an attack conveying the intrusion in all the transmission would be hard to carry out:

Al-Manar TV has three satellite signals, one on ArabSat 2B at 30.5 degrees east, one on Badr 3 at 26 degrees east and one on NileSat 102 at 7 degrees west.

The "defaced" sat-tv signalOn Badr 3 and NileSat, al-Manar is broadcast alongside other TV stations in a multiplexed or combined digital signal.

Even if replacing one station's output would be feasible, the stations belonging to the multiplex would be taken off the air too. This means that the interloper should duplicate perfectly the technical parameters of the original station to own the system and tampering it.

This hasn't been the first successfully attack to Al-Manar Tv, indeed the headquarter of the Tv Station was reduced to rubbles after an air strike on July 13th.

The central office was promptly moved to a new, secret location but this care didn't work too long and during last week end, transmissions were blocked again by another attack that this time didn’t come from air but from the cyber space.

Not only Tv stations were attacked by IDF intelligence unit : many Hizbullah and Al-Manar Internet sites were pointed at by Israeli technical specialists, and several web pages were erased.

According to a report run by the BBC, this massive and 'prismatic' attack was part of a structured plan that should act in synergy with military actions:

'Israel is deploying a range of old and new technologies in Lebanon as part of the psychological operations ('psyops') campaign supplementing its military attacks' the BBC report states.

The strategy concerns an extremely wide range of communication devices, that goes from mass targeting of mobile phones, to radio broadcasts warning of imminent attack.

One week before the attack to Al-manar, the Israeli newspaper Maariv reported that a web site called All 4 Lebanon available in Arabic, English and French, offered payment for tip-offs from Lebanese citizens that that could help Israel in the fight against Hezbollah".

According to the newspaper , the website had been set up by the IDF.

On the technical side, Zone-H doesn't have details yet on how the attacks were carried on but in general, a similar attack to a satellite transmission can be performed by three different means:

- by social engineering: being able to substitute the tapes before the airing

- by hacker means: hacking into the post-production/digital storage unit networks

- by hijacking the aired satellite signal. This can be performed at the signal originating point as well as at the uplink station

If you are interested to know more about sat-hijacking we welcome you to assist to Jim Geovedi's talk at the Hack in the Box conference in Malaysia, Sept. 18th to 21st.


Presentation Title: Hacking a Bird in The Sky: Hijacking VSAT Connections

Presentation Details:

Since the mid 1950s, satellite communication systems have made enormous advances in capability and performance. Internet access over satellite, digital content distribution, wide area network (WAN) connectivity, video teleconferencing, distance learning, and telephony services sent over satellites have become integral to our society. Unfortunately, security has not kept pace where the current systems are vulnerable to a variety of attacks.

This presentation will discuss about satellite technologies for providing broadband data communications using Very Small Aperture Terminal (VSAT) network system, how they work, and what is possible and not possible for determined opponents to achieve.

Was this the first case of "TV defacement"? Not at all: in the mid-'90s a group of Italian independentists managed to disrupt state TV communication being able to substitute the evening-news audio signal with a bunch of separatist and extremist messages.

They ended up in prison.

Source:
http://www.zone-h.org/