[ISN] One Man's Info War on al-Qaida

From: InfoSec News (isnat_private)
Date: Thu Dec 19 2002 - 00:59:18 PST

  • Next message: InfoSec News: "[ISN] IBM, Microsoft Deliver New Security Specs"

    Forwarded from: William Knowles <wkat_private>
    By Brian McWilliams
    Dec. 18, 2002 
    In a case that shows both the risks and rewards of vigilante tactics, 
    an American man has hijacked two Web addresses apparently used by 
    al-Qaida to laud terrorist attacks. 
    The domains, jehad.net and jehadonline.org, are now in the control of 
    a manager for a large Minnesota financial services firm. The man said 
    he wrested control of the domains from their owners after reading on 
    Dec. 8 that al-Qaida used jehad.net to claim responsibility for recent 
    attacks on an Israeli airliner and a hotel in Kenya. 
    "I believe in free speech, but it upsets me to see people using this 
    great medium for such evil purposes," said the man, who asked not to 
    be identified but said he was willing to cooperate with U.S. 
    But some said the Minnesota man's actions, like those of other 
    patriotic hackers, could hinder rather than help the U.S. government's 
    war on terrorism. 
    "This guy might think he's being a hero, but in fact he's an idiot," 
    said an official with DV2, the Atlanta ISP that hosts the sites. "The 
    FBI has been closely watching these sites, and by taking the law into 
    his own hands he may have screwed that up." 
    A spokesman for the FBI's terrorism task force in Atlanta said he 
    could not comment on the incident. 
    The owners of both jehad.net and jehadonline.org configured the 
    domains to point to the same site at DV2. In an October message on the 
    site, al-Qaida praised an attack in Yemen on a French oil tanker. Last 
    July, the site posted an audio message attributed to an al-Qaida 
    leader who threatened new attacks on the United States. 
    The Minnesota man said he was able to gain control of the two domains 
    last week after breaking into the MSN Hotmail account of someone using 
    the name Julliou Armani, a resident of Saudi Arabia listed as the 
    contact for jehadonline.org. 
    The handful of saved messages in Armani's account included some with 
    user names and passwords for managing the domains, the Minnesota man 
    said. Armed with that information, the hacker vigilante could have 
    modified the domains' records so that they no longer pointed to the 
    al-Qaida messages. But he has so far resisted the urge to sabotage the 
    "If I see a crime taking place, I'm the sort of person who would jump 
    in to try to stop it," he said. "I don't like that kind of thing 
    happening in my world." 
    Eugene Schultz, a security expert with the Lawrence Berkeley National 
    Laboratory, said law enforcement has "been burned" in the past by 
    trying to collaborate with online vigilantes. 
    While Schultz said the government is unlikely to "deal effectively" 
    with al-Qaida sites, he added that patriotic hackers might 
    unintentionally tip off terrorists or even goad them into retaliatory 
    "When faced with the opportunity to drive the bad guys off the Net, 
    the only ethical and legal solution is to contact law enforcement and 
    hope for the best," Schultz said. 
    To gain access to Armani's e-mail account, the Minnesota man said he 
    used a Hotmail feature that provides hints for users who forget their 
    passwords. He said he correctly guessed the answer to Armani's 
    self-chosen Hotmail "secret question," then he reset Armani's 
    Microsoft representatives were not immediately able to comment on 
    whether MSN would officially report the Hotmail account hijacking to 
    law enforcement. 
    The hacker said he is willing to provide officials with the 
    information he got from the account, which included credit card data 
    used by the original owners to register one of the domains with 
    VeriSign, as well as aliases and addresses used by the site operators. 
    But even the organizer of an online effort to shut down terrorist 
    sites frowned on hacking al-Qaida. 
    "I think information warfare is best left to governments and should 
    not be waged by civilians," said Aaron Weisburd of the Internet 
    Haganah, which relies exclusively on notifying ISPs and law 
    "Communications without intelligence is noise;  Intelligence
    without communications is irrelevant." Gen Alfred. M. Gray, USMC
    C4I.org - Computer Security, & Intelligence - http://www.c4i.org
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Dec 19 2002 - 19:34:48 PST