New Leader of Gaza?

 

Photo of Hamas leader Ismail Haniyeh and discharged Fatah leader Muhammad Dahlan (File)

GAZA CITY (Ma’an) — Amid an escalating conflict between Hamas and the Fatah-ruled Palestinian Authority (PA), a leaked and unconfirmed document obtained by Ma’an has noted that discharged Fatah leader and President Mahmoud Abbas’ political rival Muhammad Dahlan could be appointed head of Gaza’s government as a result of talks between Hamas officials and Dahlan in Cairo.

MaanNews: The document, titled “A National Consensus Document for Trust-Building” details an agreement allegedly made between the Hamas movement, led by Hamas leader Yahya Sinwar, and Dahlan during Egyptian-sponsored talks when Palestinian officials established a political front to challenge the PA in coordination with Dahlan.
Dahlan, being a fierce former opponent of Hamas’ rule in Gaza following its success in the 2006 elections that threw Fatah and Hamas in a protracted internal conflict, seemed like an unlikely political ally for Hamas. Nevertheless, analysts have pointed out that the new relationship between the former enemies represents Dahlan and Hamas’ mutual rejection of the PA, led by Abbas in the occupied West Bank.
The document contains 15 articles focused on ending the issues of Palestinian reconciliation, including articles aiming to resolve issues of revenge or compensation that have arisen during Hamas and Fatah’s more than a decade-long feud.
According to the document, the talks agreed that Dahlan would be head of the government in the Gaza Strip, while Hamas would control Gaza’s Ministry of Interior.
The reports have not been confirmed by Hamas or Dahlan.
Hamas’ newfound relationship with Dahlan also received attention following Egypt’s decision to send millions of liters of fuel to the besieged Gaza Strip, after Israel, which has kept the territory under a crippling blockade for a decade, dramatically cut its power supply to Gaza, at the request of the PA which had decided to cut its funding of Israeli fuel to the coastal enclave.
Despite the PA denying the allegations, it is widely believed among Palestinians and international critics that the PA’s recent policies in Gaza are aimed at putting pressure on Hamas to relinquish control of the besieged coastal enclave and hand over the territory to the PA.
Dahlan, who while residing in exile in Abu Dhabi continues to hold political clout in the region, had reportedly persuaded the Egyptian government to send the fuel to the besieged territory in order to avert a full humanitarian collapse.
However, other reports stated that the fuel was provided to Gaza under an agreement that Hamas would work with the Egyptian government to deter militant activities in the Sinai, which Hamas has been accused of exacerbating by harboring militants in its territory. Hamas has consistently denied such allegations.
In the 1990s, Dahlan led a merciless crackdown on Hamas, rounding up thousands of Islamists who refused to recognize the legitimacy of the newly-created PA following the Oslo Accords.
But he fell from grace in June 2007 after the humiliating rout of his forces by Hamas fighters during days of fierce street battles in Gaza, when Hamas expelled Fatah forces from the territory.
Two years later, he returned to the political stage when he was elected to the Fatah central committee in August 2009.
But in December 2010, he was suspended from the committee which said it had set up a commission of inquiry to examine his finances and claimed he tried to set up a personal militia.
In 2015, Dahlan made headlines once again when he called for integrating all Palestinian factions, including Hamas and Islamic Jihad, into the Palestinian Liberation Organization (PLO).
Dahlan has also called to end the PA’s widely criticized security coordination with Israel, and has said he now considers the Oslo Accords to be invalid.
International media has also reported plans by several Middle Eastern countries to buttress Dahlan as the next Palestinian president to replace his rival Abbas

Investigation Pointing to USS Fitzgerald Crew Failure

Exclusive: U.S. warship stayed on deadly collision course despite warning – container ship captain

 Toru Hanai/Reuters

USS Fitzgerald Home Port Yokosuka Naval Base, south of Tokyo

Reuters: A U.S. warship struck by a container vessel in Japanese waters failed to respond to warning signals or take evasive action before a collision that killed seven of its crew, according to a report of the incident by the Philippine cargo ship’s captain.

Multiple U.S. and Japanese investigations are under way into how the guided missile destroyer USS Fitzgerald and the much larger ACX Crystal container ship collided in clear weather south of Tokyo Bay in the early hours of June 17.

In the first detailed account from one of those directly involved, the cargo ship’s captain said the ACX Crystal had signaled with flashing lights after the Fitzgerald “suddenly” steamed on to a course to cross its path.

The container ship steered hard to starboard (right) to avoid the warship, but hit the Fitzgerald 10 minutes later at 1:30 a.m., according to a copy of Captain Ronald Advincula’s report to Japanese ship owner Dainichi Investment Corporation that was seen by Reuters.

The U.S. Navy declined to comment and Reuters was not able to independently verify the account.

The collision tore a gash below the Fitzgerald’s waterline, killing seven sailors in what was the greatest loss of life on a U.S. Navy vessel since the USS Cole was bombed in Yemen’s Aden harbor in 2000.

Those who died were in their berthing compartments, while the Fitzgerald’s commander was injured in his cabin, suggesting that no alarm warning of an imminent collision was sounded.

A spokesman for the U.S. Navy’s Seventh Fleet in Yokosuka, the Fitzgerald’s home port, said he was unable to comment on an ongoing investigation.

The incident has spurred six investigations, including two internal hearings by the U.S. Navy and a probe by the United States Coast Guard (USCG) on behalf of the National Transportation Safety Board. The Japan Transport Safety Board, the JCG and the Philippines government are also conducting separate investigations.

Spokesmen from the Japan Coast Guard (JCG), U.S. Coast Guard and ship owner, Dainichi Invest, also declined to comment. Reuters was not able to contact Advincula, who was no longer in Japan.

The investigations will examine witness testimony and electronic data to determine how a naval destroyer fitted with sophisticated radar could be struck by a vessel more than three times its size.

Another focus of the probes has been the length of time it took the ACX Crystal to report the collision. The JCG says it was first notified at 2:25 a.m., nearly an hour after the accident.

In his report, the ACX Crystal’s captain said there was “confusion” on his ship’s bridge, and that it turned around and returned to the collision site after continuing for 6 nautical miles (11 km).

Shipping data in Thomson Reuters Eikon shows that the ACX Crystal, chartered by Japan’s Nippon Yusen KK (9101.T), made a complete U-turn between 12:58 a.m. and 2:46 a.m.

SASEBO - Cmdr. Bryce Benson and Cmdr. Robert Shu cut a cake after a change of command ceremony. Cmdr. Bryce Benson relieved Cmdr. Robert Shu during the change of command ceremony. Change of command ceremony

 

Iran and N. Korea’s Joint Missile and Nuclear Programs

Iranian opposition group says North Korea helps Iran grow ballistic missile program.

Iran hosts long term living quarters for North Korean missile engineers and likewise, North Korea does the same with Iranian nuclear scientists.

There are 42 above and below ground locations in Iran.

Drawing a “Broader Conclusion” on Iran’s Nuclear Program 

Download the full memo here.

Under the terms of the nuclear deal with Iran, formally known as the Joint Comprehensive Plan of Action (JCPOA), key restrictions would expire if  the IAEA formally reaches a “broader conclusion” that Tehran’s nuclear program is entirely peaceful. Such a conclusion would result in the lifting of the UN’s remaining non-nuclear sanctions, including the ban on ballistic missile testing and the conventional arms embargo.  Furthermore, the U.S. and EU would delist additional entities from their sanctions lists.  Notably, the EU would delist all entities affiliated with Iran’s Islamic Revolutionary Guard Corps, the organization responsible for both terrorist activities abroad as well as key aspects of the nuclear program.

Spurring the IAEA to reach a broader conclusion as quickly as possible appears to be Iran’s goal. In a televised speech in the middle of May, Iran’s President Hassan Rouhani expressed his intention to engage in “lifting all the non-nuclear sanctions during the coming four years” – at least two years earlier than the JCPOA would otherwise allow.  Unless additional steps are taken to redress the International Atomic Energy Agency’s (IAEA) closing of Iran’s possible military dimension (PMD) file in December 2015,  it is technically possible for the IAEA to reach a broader conclusion within four years.

What is Required for the IAEA to Reach a Broader Conclusion?

To reach a broader conclusion, the IAEA needs to be able to conclude – based on extensive verification and analysis of all information available to it – that all nuclear material has remained in peaceful activities, which means that there are no indications of diversion of nuclear material from peaceful activities and no indications of undeclared nuclear material or activities in Iran as a whole.

Despite the IAEA’s previous conclusion that Iran had, in fact, carried out a wide range of activities ‘relevant to the development of a nuclear explosive device,’ the IAEA Board of Governors reached a political decision in December 2015 to “close” the investigation into the possible military dimensions (PMD) of Iran’s nuclear program, a decision necessary to ensure the implementation of the Joint Comprehensive Plan of Action (JCPOA). This decision has amplified the IAEA’s shortcoming in its ability to form a composite picture of, and thereby fully monitor, proscribed nuclear weapons development activities in Iran.  Such monitoring and verification is essential to determine the nature of Iran’s nuclear program.

Image result for iran above and below missile sites More from thewire.com

*** Further, is Saudi Arabia, Israel, the United States or other countries prepared? Was this a threat?

NCRI – Cleric Alamal-Hoda, Khamenei’s representative and Friday prayer leader in Northeastern city of Mashhad, while confessing to low participation of people in Qods Day march, threatened to launch rocket attack into Riyadh, Saudi Arabia. He said: “Those who did not really participate in the ceremony without excuse, they are those, who were not present at the battlefield against infidels”.

This Mullah added: “Today, after 38 years, our ballistic missile are shaking the world and makes the world upside down.” We have reached to such power. This precise pointing of missile deployment to Deiralzor is not much more difficult, than, the pointing of the Saudi Arabian palace in Riyadh, that is, if the missile flowing from the Gulf to the heart of Al-Saud’s palace, it will have the same targeting spot, and will remove this unclean descent spot,  Al-Ain from the page of Islam”.

Khamenei’s representative in Mashhad called on rival factions in the government and parliament to stop compromising with the enemy and accept the failure of JCPOA. At the same time, he argued that JCPOA pursuit was under Khamenei’s control. Almal-Hoda stated: Our policy makers in the executive branch, in the legislature and the parliament are not so eager to compromise with the enemy. You wanted it, your policy was implemented, you saw it failed. We brought the core of nuclear activities to brink of none, as sanctions were not lifted (Astan Qods Razavi TV, March 24, 2017).

 

Brute Force Attack on UK Parliament User Emails

Inside and outside cyber experts are making attributions to Russia.

The Russian government is suspected of being behind a cyber-attack on parliament that breached dozens of email accounts belonging to MPs and peers.

Although the investigation is at an early stage and the identity of those responsible may prove impossible to establish with absolute certainty, Moscow is deemed the most likely culprit.

The British security services believe that responsibility for the attack is more likely to lie with another state rather than a small group of individual hackers.

The number of states who might mount such an attack on the UK is limited, and, in addition to Russia, includes North Korea, China and Iran.

A security source said: “It was a brute force attack. It appears to have been state-sponsored.”

“The nature of cyber-attacks means it is notoriously difficult to attribute an incident to a specific actor.”

MPs contacted by the Guardian said the immediate suspicion had fallen upon foreign governments such as Russia and North Korea, both of which have been accused of being behind hacking attempts in the UK before. More from the Guardian.

BBC: Up to 90 email accounts were compromised during the cyber-attack on Parliament on Friday.

Fewer than 1% of the 9,000 users of the IT system were impacted by the hacking, said a parliamentary spokesman.

The hack prompted officials to disable remote access to the emails of MPs, peers and their staff as a safeguard.

The spokesman said the attack was a result of “weak passwords” and an investigation is under way to determine whether any data has been lost.

Both Houses of Parliament will meet as planned on Monday and plans are being put in place to allow it to resume its wider IT services, said officials.

A number of MPs confirmed to the BBC they were unable to access their parliamentary email accounts outside of the Westminster estate following the hacking.

‘Passwords for sale’

The spokesman said the parliamentary network was compromised due to “weak passwords” which did not conform to guidance from the Parliamentary Digital Service.

They added: “As they are identified, the individuals whose accounts have been compromised have been contacted and investigations to determine whether any data has been lost are under way.”

The incident comes just over a month after 48 of England’s NHS trusts were hit by a cyber-attack.

International Trade Secretary Liam Fox said: “We have seen reports in the last few days of even cabinet ministers’ passwords being for sale online.

“We know that our public services are attacked so it is not at all surprising that there should be an attempt to hack into parliamentary emails.

“And it’s a warning to everybody, whether they are in Parliament or elsewhere, that they need to do everything possible to maintain their own cyber-security.”

The latest attack was publicly revealed by Liberal Democrat peer Lord Rennard on Twitter as he asked his followers to send any “urgent messages” to him by text.

The National Cyber Security Centre and National Crime Agency are investigating the incident.

WannaCry Hacking Bad, but This is Terrifying

WASHINGTON — CIA Director Mike Pompeo says he thinks disclosure of America’s secret intelligence is on the rise, fueled partly by the “worship” of leakers like Edward Snowden.

“In some ways, I do think it’s accelerated,” Pompeo told MSNBC in an interview that aired Saturday. “I think there is a phenomenon, the worship of Edward Snowden, and those who steal American secrets for the purpose of self-aggrandizement or money or for whatever their motivation may be, does seem to be on the increase.”

Pompeo said the United States needs to redouble its efforts to stem leaks of classified information. More here.

***

A Cyberattack ‘the World Isn’t Ready For’

Golan Ben-Oni, of the IDT Corporation, which was attacked in April with two cyberweapons stolen from the National Security Agency.  Justin T. Gellerson for The New York Times

NEWARK — There have been times over the last two months when Golan Ben-Oni has felt like a voice in the wilderness.

On April 29, someone hit his employer, IDT Corporation, with two cyberweapons that had been stolen from the National Security Agency. Mr. Ben-Oni, the global chief information officer at IDT, was able to fend them off, but the attack left him distraught.

In 22 years of dealing with hackers of every sort, he had never seen anything like it. Who was behind it? How did they evade all of his defenses? How many others had been attacked but did not know it?

Since then, Mr. Ben-Oni has been sounding alarm bells, calling anyone who will listen at the White House, the Federal Bureau of Investigation, the New Jersey attorney general’s office and the top cybersecurity companies in the country to warn them about an attack that may still be invisibly striking victims undetected around the world.

And he is determined to track down whoever did it.

“I don’t pursue every attacker, just the ones that piss me off,” Mr. Ben-Oni told me recently over lentils in his office, which was strewn with empty Red Bull cans. “This pissed me off and, more importantly, it pissed my wife off, which is the real litmus test.”

Two weeks after IDT was hit, the cyberattack known as WannaCry ravaged computers at hospitals in England, universities in China, rail systems in Germany, even auto plants in Japan. No doubt it was destructive. But what Mr. Ben-Oni had witnessed was much worse, and with all eyes on the WannaCry destruction, few seemed to be paying attention to the attack on IDT’s systems — and most likely others around the world.

The strike on IDT, a conglomerate with headquarters in a nondescript gray building here with views of the Manhattan skyline 15 miles away, was similar to WannaCry in one way: Hackers locked up IDT data and demanded a ransom to unlock it.

But the ransom demand was just a smoke screen for a far more invasive attack that stole employee credentials. With those credentials in hand, hackers could have run free through the company’s computer network, taking confidential information or destroying machines.

Worse, the assault, which has never been reported before, was not spotted by some of the nation’s leading cybersecurity products, the top security engineers at its biggest tech companies, government intelligence analysts or the F.B.I., which remains consumed with the WannaCry attack.

Were it not for a digital black box that recorded everything on IDT’s network, along with Mr. Ben-Oni’s tenacity, the attack might have gone unnoticed.

Scans for the two hacking tools used against IDT indicate that the company is not alone. In fact, tens of thousands of computer systems all over the world have been “backdoored” by the same N.S.A. weapons. Mr. Ben-Oni and other security researchers worry that many of those other infected computers are connected to transportation networks, hospitals, water treatment plants and other utilities.

An attack on those systems, they warn, could put lives at risk. And Mr. Ben-Oni, fortified with adrenaline, Red Bull and the house beats of Deadmau5, the Canadian record producer, said he would not stop until the attacks had been shut down and those responsible were behind bars.

“The world is burning about WannaCry, but this is a nuclear bomb compared to WannaCry,” Mr. Ben-Oni said. “This is different. It’s a lot worse. It steals credentials. You can’t catch it, and it’s happening right under our noses.”

And, he added, “The world isn’t ready for this.”

Targeting the Nerve Center

Mr. Ben-Oni, 43, a Hasidic Jew, is a slight man with smiling eyes, a thick beard and a hacker’s penchant for mischief. He grew up in the hills of Berkeley, Calif., the son of Israeli immigrants.

Even as a toddler, Mr. Ben-Oni’s mother said, he was not interested in toys. She had to take him to the local junkyard to scour for typewriters that he would eventually dismantle on the living room floor. As a teenager, he aspired to become a rabbi but spent most of his free time hacking computers at the University of California, Berkeley, where his exploits once accidentally took down Belgium’s entire phone system for 15 minutes.

To his parents’ horror, he dropped out of college to pursue his love of hacking full time, starting a security company to help the city of Berkeley and two nearby communities, Alameda and Novato, set up secure computer networks.

He had a knack for the technical work, but not the marketing, and found it difficult to get new clients. So at age 19, he crossed the country and took a job at IDT, back when the company was a low-profile long-distance service provider.

As IDT started acquiring and spinning off an eclectic list of ventures, Mr. Ben-Oni found himself responsible for securing shale oil projects in Mongolia and the Golan Heights, a “Star Trek” comic books company, a project to cure cancer, a yeshiva university that trains underprivileged students in cybersecurity, and a small mobile company that Verizon recently acquired for $3.1 billion.

Which is to say he has encountered hundreds of thousands of hackers of every stripe, motivation and skill level. He eventually started a security business, IOSecurity, under IDT, to share some of the technical tools he had developed to keep IDT’s many businesses secure. By Mr. Ben-Oni’s estimate, IDT experiences hundreds of attacks a day on its businesses, but perhaps only four each year give him pause.

Nothing compared to the attack that struck in April. Like the WannaCry attack in May, the assault on IDT relied on cyberweapons developed by the N.S.A. that were leaked online in April by a mysterious group of hackers calling themselves the Shadow Brokers — alternately believed to be Russia-backed cybercriminals, an N.S.A. mole, or both.

The WannaCry attack — which the N.S.A. and security researchers have tied to North Korea — employed one N.S.A. cyberweapon; the IDT assault used two.

Both WannaCry and the IDT attack used a hacking tool the agency had code-named EternalBlue. The tool took advantage of unpatched Microsoft servers to automatically spread malware from one server to another, so that within 24 hours North Korea’s hackers had spread their ransomware to more than 200,000 servers around the globe.

The attack on IDT went a step further with another stolen N.S.A. cyberweapon, called DoublePulsar. The N.S.A. used DoublePulsar to penetrate computer systems without tripping security alarms. It allowed N.S.A. spies to inject their tools into the nerve center of a target’s computer system, called the kernel, which manages communications between a computer’s hardware and its software.

In the pecking order of a computer system, the kernel is at the very top, allowing anyone with secret access to it to take full control of a machine. It is also a dangerous blind spot for most security software, allowing attackers to do what they want and go unnoticed. In IDT’s case, attackers used DoublePulsar to steal an IDT contractor’s credentials. Then they deployed ransomware in what appears to be a cover for their real motive: broader access to IDT’s businesses.

Mr. Ben-Oni learned of the attack only when a contractor, working from home, switched on her computer to find that all her data had been encrypted and that attackers were demanding a ransom to unlock it. He might have assumed that this was a simple case of ransomware.

But the attack struck Mr. Ben-Oni as unique. For one thing, it was timed perfectly to the Sabbath. Attackers entered IDT’s network at 6 p.m. on Saturday on the dot, two and a half hours before the Sabbath would end and when most of IDT’s employees — 40 percent of whom identify as Orthodox Jews — would be off the clock. For another, the attackers compromised the contractor’s computer through her home modem — strange.

The black box of sorts, a network recording device made by the Israeli security company Secdo, shows that the ransomware was installed after the attackers had made off with the contractor’s credentials. And they managed to bypass every major security detection mechanism along the way. Finally, before they left, they encrypted her computer with ransomware, demanding $130 to unlock it, to cover up the more invasive attack on her computer.

Mr. Ben-Oni estimates that he has spoken to 107 security experts and researchers about the attack, including the chief executives of nearly every major security company and the heads of threat intelligence at Google, Microsoft and Amazon.

With the exception of Amazon, which found that some of its customers’ computers had been scanned by the same computer that hit IDT, no one had seen any trace of the attack before Mr. Ben-Oni notified them. The New York Times confirmed Mr. Ben-Oni’s account via written summaries provided by Palo Alto Networks, Intel’s McAfee and other security firms he used and asked to investigate the attack.

“I started to get the sense that we were the canary,” he said. “But we recorded it.”

Since IDT was hit, Mr. Ben-Oni has contacted everyone in his Rolodex to warn them of an attack that could still be worming its way, undetected, through victims’ systems.

“Time is burning,” Mr. Ben-Oni said. “Understand, this is really a war — with offense on one side, and institutions, organizations and schools on the other, defending against an unknown adversary.”

‘No One Is Running Point’

Since the Shadow Brokers leaked dozens of coveted attack tools in April, hospitals, schools, cities, police departments and companies around the world have largely been left to fend for themselves against weapons developed by the world’s most sophisticated attacker: the N.S.A.

A month earlier, Microsoft had issued a software patch to defend against the N.S.A. hacking tools — suggesting that the agency tipped the company off to what was coming. Microsoft regularly credits those who point out vulnerabilities in its products, but in this case the company made no mention of the tipster. Later, when the WannaCry attack hit hundreds of thousands of Microsoft customers, Microsoft’s president, Brad Smith, slammed the government in a blog post for hoarding and stockpiling security vulnerabilities.

For his part, Mr. Ben-Oni said he had rolled out Microsoft’s patches as soon as they became available, but attackers still managed to get in through the IDT contractor’s home modem.

Six years ago, Mr. Ben-Oni had a chance meeting with an N.S.A. employee at a conference and asked him how to defend against modern-day cyberthreats. The N.S.A. employee advised him to “run three of everything”: three firewalls, three antivirus solutions, three intrusion detection systems. And so he did.

But in this case, modern-day detection systems created by Cylance, McAfee and Microsoft and patching systems by Tanium did not catch the attack on IDT. Nor did any of the 128 publicly available threat intelligence feeds that IDT subscribes to. Even the 10 threat intelligence feeds that his organization spends a half-million dollars on annually for urgent information failed to report it. He has since threatened to return their products.

“Our industry likes to work on known problems,” Mr. Ben-Oni said. “This is an unknown problem. We’re not ready for this.”

No one he has spoken to knows whether they have been hit, but just this month, restaurants across the United States reported being hit with similar attacks that were undetected by antivirus systems. There are now YouTube videos showing criminals how to attack systems using the very same N.S.A. tools used against IDT, and Metasploit, an automated hacking tool, now allows anyone to carry out these attacks with the click of a button.

Worse still, Mr. Ben-Oni said, “No one is running point on this.”

Last month, he personally briefed the F.B.I. analyst in charge of investigating the WannaCry attack. He was told that the agency had been specifically tasked with WannaCry, and that even though the attack on his company was more invasive and sophisticated, it was still technically something else, and therefore the F.B.I. could not take on his case.

The F.B.I. did not respond to requests for comment.

So Mr. Ben-Oni has largely pursued the case himself. His team at IDT was able to trace part of the attack to a personal Android phone in Russia and has been feeding its findings to Europol, the European law enforcement agency based in The Hague.

The chances that IDT was the only victim of this attack are slim. Sean Dillon, a senior analyst at RiskSense, a New Mexico security company, was among the first security researchers to scan the internet for the N.S.A.’s DoublePulsar tool. He found tens of thousands of host computers are infected with the tool, which attackers can use at will.

“Once DoublePulsar is on the machine, there’s nothing stopping anyone else from coming along and using the back door,” Mr. Dillon said.

More distressing, Mr. Dillon tested all the major antivirus products against the DoublePulsar infection and a demoralizing 99 percent failed to detect it.

“We’ve seen the same computers infected with DoublePulsar for two months and there is no telling how much malware is on those systems,” Mr. Dillon said. “Right now we have no idea what’s gotten into these organizations.”

In the worst case, Mr. Dillon said, attackers could use those back doors to unleash destructive malware into critical infrastructure, tying up rail systems, shutting down hospitals or even paralyzing electrical utilities.

Could that attack be coming? The Shadow Brokers resurfaced last month, promising a fresh load of N.S.A. attack tools, even offering to supply them for monthly paying subscribers — like a wine-of-the-month club for cyberweapon enthusiasts.

In a hint that the industry is taking the group’s threats seriously, Microsoft issued a new set of patches to defend against such attacks. The company noted in an ominously worded message that the patches were critical, citing an “elevated risk for destructive cyberattacks.”

Mr. Ben-Oni is convinced that IDT is not the only victim, and that these tools can and will be used to do far worse.

“I look at this as a life-or-death situation,” he said. “Today it’s us, but tomorrow it might be someone else.”