Saturday, August 25, 2007

Web Terrorists

Yeah, these guys have no electricity in the caves or in Iraq, and yet they are all over the web.

Then why do they trace back to did that chatter come out of
Texas or Maryland?

'Cause the media office is in Virginia?

"The cyberwar against the United States" by Jim Melnick/Boston Globe August 19, 2007

RECENT AL QAEDA recruitment videos and foiled terrorist plots in the United Kingdom remind us that the effectiveness of terrorism is an issue of winning the hearts and minds of those with the proper skills to do serious harm. It would logically follow that it is reckless to allow terrorists to combine the critical elements of ideology, skills, and the technical means of destruction.

Yet, there is a less discussed conflict -- a "cyberwar" -- where these dangerous elements are coming together. Regardless of one's position on the war in Iraq or the definition of the "global war on terrorism," the threat is real.

This cyberwar is embodied by scores of extremist Islamist and pro-terrorist websites that spew hatred for America, Israel, and others. Some sites train Islamists in Internet hacking skills, while others are more slanted toward military weapons training for jihadists. Nearly all are involved in recruitment, information exchange, and extremist propaganda of one kind or another. What is alarming is the sites demonstrate a steady progression of skill levels among many of the cyber jihadist groups, making their brand of cyber-warfare a greater threat than in recent years.

Earlier this year, cyber-attacks against Estonia demonstrated what a cyberwar could resemble when expertise is motivated en masse. Pro-Russian hackers attacked numerous Estonian sites in the wake of major protests over the bitterly disputed removal of a World War II-era statue and graveyard. The attacks brought down numerous government websites and one major banking site. NATO even rushed a cyber-warfare team to the country to assist the Estonian government, and the nation's justice minister requested that the European Union classify the attacks as acts of terrorism.

One positive result of the attacks against Estonia has been greater global attention to the cyber-warfare threat. Dr. Linton Wells II, a former principal deputy to the assistant secretary of defense for networks and information integration, has suggested that the Estonia attacks "may well turn out to be a watershed in terms of widespread awareness of the vulnerability of modern society." As one who worked for Wells when I served in the military, I find his warning a chilling harbinger of an age when like-minded hackers possess potent cyber-warfare skill sets and tools.

While the skill levels of most jihadists are not up to the levels of many Eastern European cyber criminals or noteworthy Chinese hacker groups, they are improving. Furthermore, the Internet enables a confluence through which many politically indifferent cyber criminals could, for a price, be marshaled to attack the United States and its allies. Malefactors could launch attacks through huge freelance armies of "botnets" -- legions of software robots installed on computers around the world for nefarious purposes.

Millions of computers around the world have already been infected with this malicious software. Cyber criminals and other hackers go after sensitive financial and identity information on personal computers. But, like parasites taking over a host organism, these software "bots" can also commandeer computers to send out everything from e-mail spam to coordinated attacks against other individual computers or larger systems.

These botnet assaults could include "denial of service" attacks, which force targeted computers to crash or consume their resources in such a way that they can no longer provide communications or other services. The results are realized when hundreds of thousands of computer users notice their PCs are running unusually slow while, perhaps on the other side of the world, an e-mail service shuts down or a financial institution becomes unable to provide online banking services.

Though many US websites are well-protected, a massive denial of service attack could leave many commercial and other sites reeling along the lines of what occurred in Estonia, but on a larger scale. Given that more of our daily lives today depends on the Internet, financial losses could be huge and would be accompanied by a corresponding loss of consumer confidence.

The threat looms larger when one considers the cyber vulnerabilities of critical infrastructures -- particularly as more of them connect to the Internet to achieve cost and management efficiencies. For 10 years, the federal government's information systems and critical infrastructures have remained a "high-risk" category as assessed by the Government Accountability Office.

Most Americans would be surprised to learn that many Islamist hacker sites are hosted in the United States. Consider it an unmistakable and intended irony that these cyber jihadists are using our own domestic Internet resources against us.

Under Executive Order 13224, companies are forbidden to provide services to organizations known to support terrorism. Technology industry leaders have also been doing their part to raise threat awareness, but greater cooperation between government and industry would go far in closing these sites down.

In some cases, sites have been shut down in the United States only to reappear in highly Internet-savvy countries such as Malaysia. As one of the terrorist planning locations for the Sept. 11, 2001, attacks, Malaysia has hosted a number of jihadist sites after authorities acted to terminate them in the United States.

To its credit, that nation has not ignored the problem. In May 2006, Malaysia's prime minister, Abdullah Badawi, announced the creation of a program called International Multilateral Partnership Against Cyber-Terrorism to help countries work globally to fight cyber terrorists.

In one case, an especially worrisome jihadist hacker site first registered in Florida was shut down, but the organization behind it reconstituted operations in Badawi's country. The Malaysian authorities took action to shut the site down. Unfortunately, it has appeared again where it originated: Tampa.

The site has grown from a membership list of only about 300 to more than 122,000 over the past few years. Skill levels are improving and technical information-sharing is taking place.

Some in the intelligence field -- and many on its fringes -- have argued that the United States needs to keep these jihadist sites up in order to monitor and understand their activities. True, some of this surveillance is necessary, but this is a misguided attitude.

Compare the response to proliferating Islamist hacker sites to law enforcement efforts to fight urban gangs. In combating gangs, law enforcement might seek to infiltrate a few particular gangs, allow them to be active for a time, and collect intelligence on their plans, capabilities, and connections. This activity makes perfect sense and it has its counterpart in cyber-warfare.

But neither law enforcement nor the public would accept the unchecked exponential growth of infiltrated gangs based on the argument that the public needs to know what they are up to. In the cyber realm, we have passed the point where the benefits of surveillance justifies letting these sites multiply and grow with impunity.

From Estonia to Tampa, recent events teach us that cyber-warfare is indeed a war. It must be fought harder and smarter and within the context of the broader struggle against Islamist extremism.

On the upside, the experience in Malaysia demonstrates that governments and private organizations -- new allies as well as old -- can effectively work together to confront the convergence of talent, knowledge, and the malicious intent to harm us.

Congress has been paying greater attention to cyber-warfare threats and vulnerabilities through hearings by the Committee on Homeland Security, but more needs to be done in terms of action. Such an effort warrants serious resources, global coordination, and the collaborative work of people with the best insights possible.

Jim Melnick is senior threat analyst at VeriSign Inc. He formerly worked as an analyst for the Defense Intelligence Agency and is also a retired Colonel in the US Army Reserves in Military Intelligence.

This is how they want to kill the web!

All this FASCIST SHIT!