DEBKAfile Exclusive: Al Qaeda declares Cyber Jihad on the West

October 30, 2007, 5:36 PM (GMT+02:00)
Symbol of al Qaeda's new Cyper Jihad

Symbol of al Qaeda's new Cyper Jihad

In a special Internet announcement in Arabic, picked up DEBKAfile’s counter-terror sources, Osama bin Laden’s followers announced Monday, Oct. 29, the launching of Electronic Jihad. On Sunday, Nov. 11, al Qaeda’s electronic experts will start attacking Western, Jewish, Israeli, Muslim apostate and Shiite Web sites. On Day One, they will test their skills against 15 targeted sites expand the operation from day to day thereafter until hundreds of thousands of Islamist hackers are in action against untold numbers of anti-Muslim sites.

DEBKAfile’s counter-terror sources report that, shortly after the first announcement, some of al Qaeda’s own Web sites went blank, apparently crashed by the American intelligence computer experts tracking them.

The next day, Oct. 30, they were up again, claiming their Islamic fire walls were proof against infidel assault.

They also boasted an impenetrable e-mail network for volunteers wishing to join up with the cyber jihad to contact and receive instructions undetected by the security agencies in their respective countries.

Our sources say the instructions come in simple language and are organized in sections according to target. They offer would-be martyrs, who for one reason or another are unable to fight in the field, to fulfill their jihad obligations on the Net. These armchair martyrs are assured of the same thrill and sense of elation as a jihadi on the “battlefield.”

In effect, say DEBKAfile’s counter-terror experts, al Qaeda is retaliating against Western intelligence agencies’ tactics, which detect new terrorist sites and zap them as soon as they appear. Until now, the jihadists kept dodging the assault by throwing up dozens of new sites simultaneously. This kept the trackers busy and ensured that some of the sites survived, while empty pages were promptly replaced. But as al Qaeda’s cyber wizards got better at keeping its presence on the Net for longer periods, so too did Western counter-attackers at knocking them down. Now Bin Laden’s cyber legions are fighting back. The electronic war they have declared could cause considerable trouble on the world’s Internet.

I have always believed that a cyber war was bound to happen, and there is no reason, given the capabilities of Western computer analysts and code writers, that the West should not be victorious in this, regardless of how long it takes. I would like to know more about this, but I suspect it is all highly classified.

However, just a word about DEBKAfile. I would not trust this source. I would only be mildly surprised for them to announce that little green men had landed from space and allied themselves with Hezbollah, making them technologically superior now to Israel and the U.S.

Literally. Their predictions and "scoops" have proven to be wrong and exaggerated too many times for me to take them seriously any more.

HPS

Estonia's geeks pointed me to this article (http://www.pcworld.com/article/id,139151-c,hackers/article.html) among others.

Security experts are saying that a reported al-Qaeda cyber jihad attack planned against Western institutions should be treated with skepticism.

Such an attack could be launched with a known software kit, called Electronic Jihad Version 2.0, said Paul Henry, vice president of technology evangelism with Secure Computing. This software, which has been in circulation for about three years, has recently become more easily configurable so that it could be more effective in a distributed denial of service attack, such as the one suggested by the DEBKAfile report.

Attackers would download Jihad 2.0 to their own desktops and specify the amount of bandwidth they would like to consume, not unlike the SETI@home software package used to scan for signs of extraterrestrial intelligence.

However, Henry said that his law enforcement contacts are treating the report with some skepticism. "I talked to a few people today who know of DEBKAfile, who feel they are dubious, but they can be credible," he said. "I'm not looking at Nov. 11 as being the day that the Internet goes down."

Estonia's geeks pointed me to this article (http://www.pcworld.com/article/id,139151-c,hackers/article.html) among others.

Regardless of DebkaFile's dubious reputation, the fact remains that cyberwarfare is not only a reality, but that it's been a warfighting domain for DOD for at least a year; that the USAF is actively engaged in R&D related to it; and that we (meaning the U.S.) are quite vulnerable to such an attack, and even worse, have no recovery plan in place in the event of wide-spread Internet failure.

I've written on this subject at the following links:

http://idolator.typepad.com/intelfusion/2007/10/dhs-like-fema-i.html
http://idolator.typepad.com/intelfusion/2007/10/the-wild-west-o.html
http://analysis.threatswatch.org/2007/06/terror-web-20/
http://www.esecurityplanet.com/prevention/article.php/3694711

This has been a realm of concern since the 1970's. The first computer warfare activities were in the 1980's. In the mid 1990's substantial cyber attacks occurred. The question is of scope and what you consider to be "cyber" and to be an "attack".

If you want to have this discussion about real capability this is likely not the forum for it.

I actually hope that this report is completely true. Our geeks are nerdier, better funded, more organized, better equipped, and far more experienced than theirs. Not to be too overconfident, but this fight, if it occurs, will be about as lopsided as the Titanic versus the iceburg.

And this just released.

Interesting article on trojan horses being installed on drives being targeted to government agencies. This is going to fuel the no foreign equipment purchased for government like the IBM debacle.

Bureau warns on tainted discs
FOCUSED ATTACK: Large-capacity hard disks often used by government agencies were found to contain Trojan horse viruses, Investigation Bureau officials warned
By Yang Kuo-wen, Lin Ching-chuan and Rich Chang
STAFF REPORTERS
Sunday, Nov 11, 2007, Page 2

Portable hard discs sold locally and produced by US disk-drive manufacturer Seagate Technology have been found to carry Trojan horse viruses that automatically upload to Beijing Web sites anything the computer user saves on the hard disc, the Investigation Bureau said.

Around 1,800 of the portable Maxtor hard discs, produced in Thailand, carried two Trojan horse viruses: autorun.inf and ghost.pif, the bureau under the Ministry of Justice said.

The tainted portable hard disc uploads any information saved on the computer automatically and without the owner's knowledge to www.nice8.OBSCURED (.org) and www.we168.OBSCURED (.org), the bureau said.

The affected hard discs are Maxtor Basics 500G discs.

The bureau said that hard discs with such a large capacity are usually used by government agencies to store databases and other information.

Sensitive information may have already been intercepted by Beijing through the two Web sites, the bureau said.

The bureau said that the method of attack was unusual, adding that it suspected Chinese authorities were involved.

In recent years, the Chinese government has run an aggressive spying program relying on information technology and the Internet, the bureau said.

The bureau said this was the first time it had found that Trojan horse viruses had been placed on hard discs before they even reach the market.

The bureau said that it had instructed the product's Taiwanese distributor, Xander International, to remove the products from shelves immediately.

The bureau said that it first received complaints from consumers last month, saying they had detected Trojan horse viruses on brand new hard discs purchased in Taiwan.

Agents began examining hard discs on the market and found the viruses linked to the two Web sites.

Anyone who has purchased this kind of hard disc should return it to the place of purchase, the bureau said.

The distributor told the Chinese-language Liberty Times (the Taipei Times' sister newspaper) that the company had sold 1,800 tainted discs to stores last month.

It said it had pulled 1,500 discs from shelves, while the remaining 300 had been sold by the stores to consumers.

Seagate's Asian Pacific branch said it was looking into the matter.

This has been a realm of concern since the 1970's. The first computer warfare activities were in the 1980's. In the mid 1990's substantial cyber attacks occurred. The question is of scope and what you consider to be "cyber" and to be an "attack".

If you want to have this discussion about real capability this is likely not the forum for it.

What forum do you recommend?

What forum do you recommend?

My concern is the management might get offended. I got warned about going off on a tangent once before.

My concern is the management might get offended. I got warned about going off on a tangent once before.

Well, that's fair, but surely there must be a forum here where a discussion of Cyberwarfare is on-topic.

Well, that's fair, but surely there must be a forum here where a discussion of Cyberwarfare is on-topic.

There really isn't a sub-forum to discuss it.

Futurists & Theorists (http://council.smallwarsjournal.com/forumdisplay.php?f=16) "Future Competition & Conflict, Theory & Nature of Conflict, 4GW through 9?GW, Transformation, RMA, etc." is where most people might want to put it but it is a real and now threat.

Catch-All, Military Art & Science (http://council.smallwarsjournal.com/forumdisplay.php?f=83) is the open category but really it's been more about non-standard equipment.

The Information War (http://council.smallwarsjournal.com/forumdisplay.php?f=67) forum might seem like a good place for discussion of cyber warfare but they are NOT the same thing. Cyber warfare is about the manipuation of the computing asset not the communication channel.

Cyber-warfare is attacks against the infrastructures of command, control, coordination and communication. In general (staying high level) cyber warfare are attacks against the security services of confidentiality, integrity, availability, non-repudiation, and authentication (McCumber model as adapted by Schou, Maconahay, Ragsdale). Cyber-warfare can be smart bombs into the telephone company, trojan horses hidden on hard drives, laptops stolen from desks, and social engineering users. I've got a pretty extensive high level slide presentation I can put up on my blog if interested.

There really isn't a sub-forum to discuss it.

Futurists & Theorists (http://council.smallwarsjournal.com/forumdisplay.php?f=16) "Future Competition & Conflict, Theory & Nature of Conflict, 4GW through 9?GW, Transformation, RMA, etc." is where most people might want to put it but it is a real and now threat.

Catch-All, Military Art & Science (http://council.smallwarsjournal.com/forumdisplay.php?f=83) is the open category but really it's been more about non-standard equipment.

The Information War (http://council.smallwarsjournal.com/forumdisplay.php?f=67) forum might seem like a good place for discussion of cyber warfare but they are NOT the same thing. Cyber warfare is about the manipuation of the computing asset not the communication channel.

Cyber-warfare is attacks against the infrastructures of command, control, coordination and communication. In general (staying high level) cyber warfare are attacks against the security services of confidentiality, integrity, availability, non-repudiation, and authentication (McCumber model as adapted by Schou, Maconahay, Ragsdale). Cyber-warfare can be smart bombs into the telephone company, trojan horses hidden on hard drives, laptops stolen from desks, and social engineering users. I've got a pretty extensive high level slide presentation I can put up on my blog if interested.

Sure. Post the slide show, and I'll link to it from my blog as well. I also put up a request for the SWC forum mods to consider opening an official Cyberwarfare sub-forum.

Jeff,
One of our members, MarcT was working on a Cyberwar paper (http://council.smallwarsjournal.com/showpost.php?p=22531&postcount=179) just a while back, he might be able to help get this idea started.

Regards, Stan

I did a fair bit of research on the topic of "cyber-jihad" during my grad work for HLS; both the technical & the I-war perspectives. I'd be happy to contribute a fair number of high quality sources to such a thread.

selil, Stan, ilots, and other interested posters - Per SWCAdmin (http://council.smallwarsjournal.com/showthread.php?t=4298), we can use the Media and Information War (http://council.smallwarsjournal.com/forumdisplay.php?f=80) forum for the discussion of cyberwarfare. If it proves popular enough, the Powers That Be will carve out a dedicated forum for the topic.