http://www.informationweek.com/news/showArticle.jhtml?articleID=200001943 By Larry Greenemeier InformationWeek July 2, 2007 Although cyberterrorism has been around since the Internet reached the mainstream more than a decade ago, a relatively new Web-based application offers Islamic jihadis a way for even the relatively nontechnical to target and attack Web sites perceived to be anti-Islamic. The "Electronic Jihad Program" is part of the long-term vision jihadi Web site Al-jinan.org has to use the Internet as a weapon, something that affects any organization that relies on the Web. Electronic Jihad allows users to target specific IP addresses for attack in order to take any servers running at those IP addresses offline. The application even includes a Windows-like interface that lets users choose from a list of target Web sites provided via the Al-jinan site, select an attack speed (weak, medium, or strong), and the click on the "attack" button. The concept of "electronic jihad" is a relatively recent strain of cyberterrorism interested in very specific network and economic disruption, Dorothy Denning, a professor in the Department of Defense Analysis at the Naval Postgraduate School, told InformationWeek. Its audience consists of malicious Islamic hackers aligned with Osama bin Laden, al-Qaida, and the extremist Islamic movement. "The attacks from jihadists are interested in taking Web sites down and disrupting economies that they don't like," she added. "It's something to be taken seriously." U.S. businesses would be greatly impacted by any large-scale cyberattacks against either them or the country's critical infrastructure because most of that infrastructure is run by companies in the private sector. The government and the U.S. business community "are one-in-the-same target," Andrew Colarik, an information security consultant who holds a Ph.D. in information systems security from the University of Auckland, told InformationWeek. Even businesses that don't run critical infrastructure elements could be affected because "there's a cascading effect if you attack the infrastructure." The latest version of Electronic Jihad software, 2.0, is designed to quickly update its list of target sites and to work with different Internet connection speeds. The application is also described as being capable of using different proxies to override government Web site blocking technology, Abdul Hameed Bakier, an intelligence expert on counterterrorism, crisis management, and terrorist-hostage negotiations, wrote in a recent report for the Jamestown Foundation, a Washington, D.C., think tank established on Sept. 11, 2003, to study and analyze global terrorism. "In the past, different jihadi groups practiced cyberattacks on anti-Islamic websites, but they were never able to sustain a long, organized campaign," Bakier wrote in the June 26 edition of Jamestown's weekly Terrorism Focus publication. He noted that Al-jinan is not only operating continuously but is developing new techniques to enhance the technology and methods of promoting electronic jihad. "With the spreading use of the Internet in the Arab and Islamic world, the number of users engaged in some form of electronic jihad is likely to increase substantially," he added. In addition to supplying the online weapons for cyberattack, the Al-jinan site also serves as a forum for learning attack techniques as well as other information that can be used in electronic jihad efforts. One emphasis is on the need for jihadis to organize synchronized mass cyberattacks on Web sites that they believe are critical of Islam. Electronic Jihad users set up an account name and password, which lets the site register the number of hours the user spends attacking targets and post the names of those who scored the highest. One attacker spent the equivalent of 70 days attacking sites. Of course, the notion of "hactivism," which really lies at the heart of electronic jihad, has been around for years. In 1995, the Strange Communication Network, or Strano, launched what it called "the first global strike" on the Internet when it encouraged Web users to point their browsers at French government sites and repeatedly click on "reload" for an hour. "This was to disrupt French government sites, and it probably did back then," Denning said. Since then, cyberterrorism has been a persistent threat that draws attention to itself only in extreme instances. The Baltic nation of Estonia was hit for two weeks at the end of April and early May with 128 cyberattacks launched against that country's computer infrastructure. While the source of those attacks is still being investigated, the results could have been dire for the country, where 97% of bank transactions are done via the Internet. "When you are a highly Interneted country like we are, then these kinds of attacks can do very serious damage," Estonian President Toomas Hendrik Ilves said during a June 25 press conference with U.S. President Bush. "And I do think it's the wave of the future--not that it's a good wave, but it is something that we have to deal with more and more." Ilves added, "We know that the United States and Israel and Denmark have come under cyberattack before, and I think that it's an issue that will require much more attention in the future." Estonia has linked the cyberattacks to a dispute with Russia over the relocation of a Soviet war memorial from the World War II era in the Estonian capital, Tallinn, shortly before the attacks began. Russia, however, has denied any involvement in the incident. The country has been at odds with Russia since regaining its freedom from the former Soviet Union in 1991. The U.S. Defense Department is certainly not immune to cyberattacks. A cybersecurity breach on June 20 forced the Pentagon to take an estimated 1,500 computers offline. Secretary of Defense Robert Gates said at a press conference the following day that the e-mail system in the Office of the Secretary of Defense was penetrated by hackers, and "elements" of the unclassified e-mail system were shut down in response. It's hard to tell if the attack on the Defense Department came from a terrorist cell or a political group or if it was an attack sanctioned by a foreign government, Colarik said, adding, "Or it could be a combination of these, with someone seeing that an attack was happening [against Pentagon computers] and jumping on the bandwagon." However, security pros needn't get caught up in the distinctions between "cyberterrorism" and "electronic jihad" because they both rely heavily on a form of attack that IT security pros have been seeing for quite some time, Denning said, adding, "It's about DoS [denial-of-service] attacks, something that's been around for a while." While companies that operate critical infrastructure must be especially wary of Internet-based attacks, "everyone has to pay attention to security," Denning said. "There may be some businesses that say no one will target us. But electronic jihad will target anyone if it creates economic disruption. Whoever's vulnerable gets attacked." _____________________________________________________ Attend Black Hat USA, July 28-August 2 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 30 hands-on training courses and 90 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 70 nations. Visit product displays by 30 top sponsors in a relaxed setting. Rates increase on June 1 so register today. http://www.blackhat.com
This archive was generated by hypermail 2.1.3 : Mon Jul 02 2007 - 23:25:22 PDT