Electronic Jihad: Winds of Cyber War or False Alarm?
Nov 2, 2007 4:00 AM PT
A report that an "electronic jihad" will be launched next week against 15 anti-Muslim Web sites by al Qaeda has stirred up the network security community.
While some have viewed the warning with skepticism, others are reluctant to put such an idea past the capabilities or desires of the terrorist organization.
The source of the e-Jihad report is the Israeli Web site DEBKAfile. It reported Tuesday that its counter-terror sources intercepted an announcement in Arabic on Monday describing the attack.
Al Qaeda computer experts will begin on Nov. 11, unleashing attacks on Western, Jewish, Israeli, Muslim apostate and Shiite Web sites, according to the report. They will begin, the report asserts, by testing their skills on 15 targeted sites, then expand the operation to include hundreds of thousands of hackers attacking a multitude of sites.
Cyberterrorism announcements like this have a track record of fizzling, according to Kent E. Anderson, managing director of Network Risk Management in Portland, Ore.
"I find it a little difficult to believe that they're going to have hundreds of thousands of online Jihadists," he told TechNewsWorld. "There seems to be a little bit of hype put into this.
"I'm not dismissing it outright," he added, "but I am saying we should view it with caution."
Real World Kinds of Guys
Such events have been dismissed in the past because it was felt the terrorists lacked the know-how to do much damage in cyberspace.
"Terrorist organizations are certainly using information technology in a very sophisticated way," Anderson maintained.
"What we haven't seen to date," he added, "is any significant 'offensive' use of technology by terrorist organizations like al Qaeda."
One reason for that may be that they haven't developed the skills to do it, he hypothesized.
Another may be an inclination to do damage in the physical world, he added. "It's more direct," he said, "and much more harmful in the long run."
Terrorist Script Kiddies
There are signs, however, that the Nov. 11 attack could be different from similar events in the past, according to Paul Henry, vice president for technology evangelism for Secure Computing in San Jose, Calif.
The latest version of the terrorists' software, Electronic Jihad 2.0, makes it easier than ever to coordinate a denial of service attack on a Web site, he explained.
"You simply select the level of bandwidth you wish to use and hit 'attack,' and the attack is launched," he told TechNewsWorld. "It's really down to script kiddie level."
Martyrdom by Proxy
Version 2 automatically targets Web sites for attack. That enables terrorists to better coordinate assaults on their targets -- something that couldn't be done with the previous release of the program.
"They've been distributing this widely over the last year or so," he said, "so I imagine that they have considerably more people using the software today.
"By coordinating the attack and focusing everyone on specific URLs or specific networks, I think it will have more impact than it's had in the past," he added.
"Another twist is that they're tracking the number of hours that users are spending using the software to take out Web sites," he observed. "You can gain pseudo martyrdom by having enough hours logged in using the program to wreak havoc on the Internet."
Don't Loose Sleep Over It
Others are more reluctant to sound the alarm bells just yet.
"I think it's healthy to be skeptical about these sorts of things," Graham Cluley, a senior technology consultant with global network security firm Sophos, of Burlington, Mass., told TechNewsWorld.
"Have we ever known al Qaeda to announce in advance when they're planning to attack?" he asked.
"Surely," he reasoned, "the one thing which terrorists have reveled in in the past, is the element of surprise. That's one of the strongest things in their armory.
"The people who are tracking terrorists and hacker groups and things put too much weight on babble on the Internet," he asserted. "Everyone needs to take sensible precautions, but this isn't something which I think many people should lose too much sleep over at the moment."