An Israeli Web site is warning that al Qaeda hackers will attack Western, Jewish, Israeli, Muslim apostate, and Shiite Web sites starting on Sunday, November 11th.
“…al Qaeda is retaliating against Western intelligence agencies’ tactics, which detect new terrorist sites and zap them as soon as they appear,” reports DEBKAfile, a news site based in Israel.
“Until now, the jihadists kept dodging the assault by throwing up dozens of new sites simultaneously,” the news report said. “This kept the trackers busy and ensured that some of the sites survived, while empty pages were promptly replaced. But as al Qaeda’s cyber wizards got better at keeping its presence on the Net for longer periods, so too did Western counter-attackers at knocking them down. Now Bin Laden’s cyber legions are fighting back. The electronic war they have declared could cause considerable trouble on the world’s Internet.”
How disruptive the attack will be has yet to be determined. It’s not clear where DEBKAfile is getting its information and those in the government who worry about such things don’t appear to be more worried than usual.
A U.S. Secret Service agent who forwarded the report to a security mailing list cautioned that the news did not constitute an official USSS advisory and a spokesperson for the USSS said, “We didn’t send out the bulletin.”
The Department of Homeland Security reiterated that message and declined to characterize how or whether the DEBKAfile report was being viewed by the US security community.
“We take all threats, credible or not, seriously,” said a spokesperson for the Department of Homeland Security. “…I’m not aware of any imminent threats against the homeland at this time, but we’re mindful that there are those in the world who’d wish to do us harm.”
DEBKAfile identifies itself as “a self-supporting Internet publication devoted to independent, investigative reporting and forward analysis in the fields of international terrorism, intelligence, international conflict, Islam, military affairs, security and politics.”
It claims, “Our articles are regularly quoted and credited by a host of international television, radio and print media.”
Indeed, DEBKA file has been recognized by Forbes and Wired News for its reporting.
Wikipedia, itself a suspect source, is less charitable, noting, “Some reports can be wildly inaccurate, such as claims of the exact point during the 2003 invasion of Iraq when Saddam Hussein would use nuclear and biological weapons, which never happened. This most likely stems from the unidentified sources’ possible political or military bias. As such, Debka can not be entirely relied upon for accurate reports.”
Bin Laden’s “cyber legions,” if they can be called that, may be armed with software called Electronic Jihad 2.0, which has been available online since the beginning of the year. Though one of the sites distributing the software has been taking down, it’s still accessible.
Secure Computing Corporation, a computer security company, “believes that the new Electronic Jihad Version 2.0 software has the potential to create havoc among sites that might be targeted,” as the company put it in a press release.
Paul Henry, VP of technology evangelism at Secure Computing, said that the first version of Electronic Jihad allowed the user to conduct a denial of service attack. The most recent iteration allows for a coordinated, or distributed, denial of service attack.
“As to how imminent the threat is, I have to rely on the posting on DEBKAfile,” said Henry. “People I’ve talked to say it’s a reliable source.”
Despite the fact that Electronic Jihad relies on “an old attack methodology,” Henry said that he believed people have grown too lax about the potential impact of distributed denial of service (DDOS) attacks because such attacks haven’t been common in the wild in recent years.
Marc Zwillinger, a former cybercrime prosecutor with the Department of Justice and a partner at Sonnenschein Nath & Rosenthal, said it’s hard to tell how to view such reports. “There have been on and off warnings of e-jihads for years, some of which have materialized and some of which haven’t,” he said.
While the involvement of Al Qaeda may sound ominous, Zwillinger noted that terrorists menacing people with zombies — subverted PCs — are no more dangerous than the security risks faced by Internet users every day. And, he added, networks today, tend to perform better against denial of service attacks than they did several years ago.
In a February, 2007 article, “Cyberspace as a Combat Zone: The Phenomenon of Electronic Jihad,” Eli Alshech, Director of the Jihad and Terrorism Studies Project at the Middle East Media Research Institute, characterized e-jihadists as more of a nuisance than a threat.
“[E]lectronic jihad, in its current state of development, is capable of causing some moderate damage to Western economy, but there is no indication that it constitutes an immediate threat to more sensitive interests such as defense systems and other crucial infrastructure,” the article says. “Nevertheless, in light of the rapid evolvement (sic) of this phenomenon, especially during the recent months, the Western countries should monitor it closely in order to track the changes in its modes of operation and the steady increase in its sophistication.”