[ISN] Hacker's war on terrorism draws tepid response from experts

From: InfoSec News (isnat_private)
Date: Thu Oct 11 2001 - 04:12:43 PDT

  • Next message: InfoSec News: "[ISN] Microsoft closes window to customer data"

    [Back on September 28th, I said that I wasn't going to post anymore
    crap from Kim Schmitz to InfoSec News, but it appears that his public
    relations machine is in full swing and unsubstantiated news stories
    are still being written.
    
    I think this hack into the AlShamal Islamic Bank is a complete crock
    of sh*t, and I am calling on Kim Schmitz on this one, Show us the
    proof on this!
    
    Here's why I think this is a crock...
    
    Its all too easy to say that you and your merry band of hackers
    compromised the security of a Checkpoint FireWall-1, Checkpoint
    doesn't belive the hack happened in the first place and probably 
    would love to hear how it was done, if it was done.
    
    YIHAT hackers have allegedly given information only to the FBI, The
    FBI will not comment on an ongoing investigation, and the NIPC also
    points out that this kind of activity "is illegal and punishable as a
    felony, with penalties extending to five years in prison."
    
    When an agency can't comment on an investigation, one can say just
    about anything they want, (Kimble might as well say that he knows
    where D.B. Cooper is and that he's a silent investor in one of his
    many venture capital projects.) as it stands now, the FBI is
    investigating over 50,000 seperate tips, not to mention chem/bio
    scares and people somehow still busting into jet cockpits.
    
    Kim Schmitz says this has nothing to do with PR. Yet the YIHAT webpage
    has the press registration link just above the signup for new YIHAT
    membership.
    
    Schmitz whose personal net worth is allegedly more than $100 million,
    and is offering a reward of $10 million is also actively solicting the
    funding of YIHAT off the kill.net website. This has me wondering if
    Mr. Schmitz is either unwilling or unable to front his own projects or
    pay for any future rewards on information.
    
    Not knowing what information YIHAT hackers have gained from the Al
    Shamal Islamic Bank and then given to the FBI, I have to wonder if its
    the same information now posted at: http://www.shamalbank.com/Statment.htm
    
    
    (Fwd)
    
    It is obvious from above statement that Osama Bin Laden was never a
    founder or a shareholder of Al Shamal Islamic Bank. His only relation
    with the bank was through Al Higra Construction & Development Co. Ltd.
    ( a local company incorporated in Sudan on 24.3.1992 ) and Wadi El
    Agig Co. ( A Saudi co. Registered in Saudi Arabia ) Wadi El Ageg is
    holding minority share in Al Higra was represented by Bin Laden .
    
    Al Higra Construction & Development Co.Ltd opened two accounts on
    30.03.1992 and since 1997 both accounts were inoperative and closed.
    
    Wadi Al Ageg opened a US Dollar Account in 1993 and since 1995 the
    account is inactive and closed. 
    
    (End)  
    
      
    So what?
    
    I want to see some proof of these hacks! With some of the best IT and
    print journalists subscribed to ISN, not to mention top information
    security professionals along with Local, State and Federal law
    enforcement officers, I'm sure that someone here can verify that this
    these hacks and information are true and not a figment of a healthy
    imagination and a well paid public relations company.
    
    While operational information wouldn't have to be printed, just a
    consentaneous that this is real and that you haven't been pulling
    everyones leg on this.
    
    Say within the next 24 hours?   -=-   William Knowles - 10.11.2001]
    
    
    -=-
    
    
    http://www.nandotimes.com/technology/story/128776p-1350605c.html
    
    By ROB LEVER, Agence France-Presse 
    
    WASHINGTON (October 10, 2001 3:02 p.m. EDT) - Hackers are waging a
    cyberwar against Osama bin Laden and his allies, despite warnings from
    government and security experts that this activity could be
    counterproductive.
    
    The latest effort came this week when Kim Schmitz, a German
    hacker-turned security consultant, launched a website to recruit
    hackers to track down funds and other evidence linking bin Laden to
    the September 11 terrorist attacks.
    
    Since launching his group -- Young Intelligent Hackers Against Terror
    (YIHAT) -- Schmitz says 34 people from 10 countries, as well as three
    Arabic language translators, have joined the effort. He claims these
    hackers have tracked down bin Laden's bank accounts at a bank in
    Sudan.
    
    Schmitz, who was convicted of hacking into NASA and Pentagon computers
    in the 1990s, has offered a 10 million dollar reward for information
    leading to the arrest and conviction of the exiled Saudi who is the
    prime suspect of US officials.
    
    "I am offering my creativity, name and money to fight terror," Schmitz
    says on his website.
    
    "I think the free world must unite NOW. We can only beat terrorism if
    everybody, everywhere is fighting against it ... In a few years
    terrorists will have nuclear and biological weapons and they won't
    kill 5,000 but 5 million people with one strike."
    
    Schmitz's efforts come in the wake of an organized effort by a
    US-based hacker group known as "the Dispatchers," which launched a
    campaign against sites deemed to be linked to bin Laden and the
    Taliban regime in Afghanistan.
    
    The Dispatchers claim to have shut down the website of the
    presidential palace of Afghanistan, as well as some Iranian and
    Palestinian sites.
    
    "We are a group of computer security enthusiasts, who are outraged at
    the acts of terrorism and such which are taking place in this day in
    age," the group said in a message replacing the official websites.
    
    "It is our cause to fight back in every way which we can ... Our
    current targets are those of nations who support terrorism and groups
    of terrorism."
    
    But the group also hit -- possibly by mistake -- a site operated by
    the financial services group Aon, which had the word "terrorism" in
    its Internet address. Aon was among the firms located in the World
    Trade Center.
    
    US officials and security experts frown on what they describe as
    "vigilante hackers," saying it will do little to help and may harm the
    cause.
    
    "Their motives may be possibly just, but their actions may be causing
    damage and it may have other implications for people's privacy," said
    David Endler, an analyst at the Virginia security firm iDefense.
    
    Endler said it is impossible to control the activities of a broad
    array of hackers -- ranging from adventurous to malicious -- and that
    some may violate laws or ethics and obtain or modify confidential
    data.
    
    He noted that YIHAT hackers "did break into a Sudanese bank and get
    some account information on bin Laden and supposedly gave that
    information to the FBI, but it's not clear what kind damage was done
    to that bank."
    
    The FBI's National Infrastructure Protection Center echoed that
    sentiment with a statement pointing out that such conduct "is illegal
    and punishable as a felony, with penalties extending to five years in
    prison."
    
    "Those individuals who believe they are doing a service to this nation
    by engaging in acts of vigilantism should know that they are actually
    doing a disservice to the country," the agency said.
    
    Indeed, some hacker groups, notably the German-based Chaos Computer
    Club, is eschewing the effort to hack the sites of enemies, saying,
    "Given the tense situation, we should not cut off means of
    communication and open up an even bigger gulf in understanding between
    peoples."
    
    But Schmitz said his goal is to assist law enforcement and urges YIHAT
    members to follow ethical guidelines.
    
    "We are generating leads for the FBI," he told AFP by e-mail. "Our
    goal is to work with the authorities and not against them. Our mission
    is to find terror money. Those who join YIHAT respect our rules,
    cracking (damaging data) is strictly prohibited just like defacing
    websites."
    
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Oct 11 2001 - 06:48:38 PDT