.

Friday, December 01, 2006

Cyber-jihad?

Today's newspapers are talking about a threat by Islamic hackers to attack US financial institutions, the stock market and so on, during December ("until the infidel New Year.")

I saw the original notice from the US Computer Emergency Readiness Team (interestingly, usually the R in CERT stands for "Response") and it seemed somewhat nebulous then. Last night I went to the website where the threat originated (again, thanks to Google auto-translate) and it was a normal pseudo-hacking site where Muslim kids trade serial number cracking software and other utilties, much like many of the similar English-language sites I've seen.

With the exception of the occasional spontaneous "Allahu akbar" thread.

The specific thread that contained the threat was not credible - one person said that he would like to see everyone attack the US financial markets during this month, a couple of others responded "yep, we should" and then the conversation died. Something like a real attack, especially against multiple targets, would require a lot more coordination and focus (he was talking about using viruses as well as denial-of-service attacks.)

Nevertheless, the idea of cyber-jihad is an important one. The jihadist site, while not breaking any new hacking ground, was not a backwards site where they were learning the basics either. It shows that the expertise in hacking among Islamists is growing, and given that the Internet is a complicated machine, there are untold numbers of vulnerabilities out there waiting to be discovered that can cause problems.

More troubling than that specific site is this Jihadist hacking magazine that was just published:

The first issue of what is indicated to be a periodic magazine, “Technical Mujahid” [Al-Mujahid al-Teqany], published by al-Fajr Information Center, was electronically distributed to password-protected jihadist forums today, Tuesday, November 28, 2006. This edition, 64-pages in length, contains articles that primarily deal with computer and Internet security, in addition to other pieces explaining Global Positioning System (GPS) satellites and video types, editing, and encoding into different formats. The editors of the publication state that it was written to heed the directives of the Emir of al-Qaeda in Iraq, Abu Hamza al-Muhajir, and his call for technical support. Material such as this, regarding anonymity on the Internet, concealing of personal files locally on a computer, and utilizing all schemes of encryption, is to serve as electronic jihad, and a virtual means of supporting the Mujahideen.

Like individual postings made by jihadist forum members concerning Internet security and protection of incriminating files, or manuals that were provided by the Global Islamic Media Front for the same, the “Technical Mujahid” demonstrates the technical acumen of the jihadists. Articles like, “The Technique of Concealing Files from View” and “How to Protect Your Files, Even if Your Device was Penetrated,” were written for the intermediate to advanced user, and describe a variety of methods and software that provide security. Links to download referenced software, such as the VMware virtual machine, and key generators to unlock features are also given by the editors. Another writer discusses PGP (Pretty Good Privacy) software and determines that its encryption is not adequate for the needs of the Mujahideen.

Another article, The Last Card: We Need it in their Homeland, written by a member of the information office of the Islamic Army in Iraq, like the editorial contained in the magazine and an introductory message, emphasizes the great purpose of jihad in the information sector. This front is determined by the author to be “a main pillar in the battle of Islam against the Crusaders and the polytheist belief”. To this end, advertisements for the most recent Juba sniper video from the Islamic Army in Iraq and a news caption about its release on DVDs in Iraq, is used as an example.

For future issues, the editors urge members of the jihadist Internet community to submit articles in the field of technology for publishing. They write: “My kind, technical Mujahid brother, the magnitude of responsibility which is placed upon you is equal to what you know in the regard of information. Do not underestimate anything that you know; perhaps a small article that you write and publish can benefit one Mujahid in the Cause of Allah or can protect a brother of yours in Allah. This way you will gain the great reward with the permission of Allah”.
Based on its format and content, this looks like a Jihadist version of the famous hacking e-zine, Phrack. The technical expertise doesn't approach the Phrack authors' but the desire is plainly there.

Whoever leaked this US-CERT doc to the media behaved somewhat irresponsibly, because the jihadists can just put up threats with impunity knowing that they will be taken seriously and they are getting their jollies from seeing how a teenage Mujahid can get worldwide headlines with a single message in an obscure bulletin board. Nevertheless, it is likely that we will be seeing real cyber-attacks that parallel real world terror attacks, as well as those that may be coordinated with major attacks (to interfere with police or medical response.)