Wednesday, October 31, 2007

Encurve, LLC Recommends Caution in Evaluating Website Claims of "Al Qaeda Cyber Jihad" on November 11th

An Israeli website is reporting that Al Qaeda supporters are planning an electronic Jihad against "Western, Jewish, Israeli, Muslim apostate and Shiite Web sites" beginning November 11, 2007.

The website did not disclosure the actual source of this threat and, as there have been numerous previous claims of similar attacks, Encurve, LLC recommends this report should be analyzed with skepticism.

This need for suspicion is further bolstered by rather broad claims such as:
"...counter-terror sources report that, shortly after the first announcement, some of al Qaeda’s own Web sites went blank, apparently crashed by the American intelligence computer experts tracking them."
and (emphasis added);
"On Day One, they will test their skills against 15 targeted sites expand the operation from day to day thereafter until hundreds of thousands of Islamist hackers are in action against untold numbers of anti-Muslim sites."
The report did give a motive for the cyber attacks:
"They offer would-be martyrs, who for one reason or another are unable to fight in the field, to fulfill their jihad obligations on the Net. These virtual martyrs are assured of the same thrill and sense of elation as a jihadi on the “battlefield.”
The full text can be read at:

DEBKAfile Exclusive: Al Qaeda declares Cyber Jihad on the West

Friday, October 26, 2007

Debate Continues in Germany around Governement Searches of Systems

Heise Online reports on the continuing debate in Germany concerning legislation to make online searches of computers by the government legal.

Currently, the German state of North-Rhine-Westphalia (NRW) has passed legislation to allow state investigators to perform online searches of suspected terrorist systems. The issue is being debated at both state and federal levels of the German government.
"We are pioneers", said leader of the CDU parliamentary group in the NRW government, Peter Biesenbach. "It isn't disgraceful to have the Act investigated by the Constitutional Court". The intelligence agency's means should match those of criminals on the internet. Online searches are also considered indispensable by the Federal German Ministry of the Interior. "
NRW Minister of the Interior: State intelligence agents did not spy on private computers

US Congress Investigates DHS Cyberattacks

The U.S. Congress continues to investigate cyberattacks against DHS and other government systems in which information was transfered to websites in China. As with most government related incidents, there is insufficient unclassified information to properly analyze the attack or its impact.

Much of the Congressional hearings is focused on Unisys Corp. as DHS outsourced much of its security management to Unisys.

"The results of our [committee] investigation suggest that the department is the victim not only of cyber attacks initiated by foreign entities, but of incompetent and possibly illegal activity by the contractor charged with maintaining security on its networks," Democratic Reps. Bennie Thompson of Mississippi and James Langevin of Rhode Island said in a written statement."
Investigators: Homeland Security computers hacked

Thursday, October 25, 2007

Cyberattacks against U.S. Systems Not Just from China

The U.S. national counterintelligence executive, Joel Brenner, recently said in a CNN interview that the foreign intelligence organizations from 140 countries are actively attempting to penetrate U.S. government and corporate computer systems.

"Joel Brenner, the national counterintelligence executive, told CNN it is not accurate to blame only the Chinese government for recent penetrations of government computer systems.

"We get intrusions from all point of the compass. It is really misleading to focus on one country," he said. "They are coming from everywhere now. It is a pervasive problem."


Official: International hackers going after U.S. networks

Wednesday, October 24, 2007

Internet Islamist Group Arrested in Spain

The Spanish Civil Guard has arrested 6 suspected Islamists for use of the Internet to promote terrorist activities based in a rural area of Northwest Spain. This appears to be part of a much larger investigation involving Swiss, Danish and US authorities as well.
"The Civil Guard said the arrests marked the first time Spanish authorities have broken up a network principally dedicated to promoting jihad on the internet. The group was using private chat rooms and forums, disseminating Islamist propaganda on the Web and collecting money for imprisoned Islamists, officials said."
Spain arrests 6 suspected Islamists

Tuesday, October 23, 2007

Germany and Austria Move Forward to Legalize Government Searches of Online Systems

Heisse Online is reporting on both German and Austrian plans to legalize the use of Trojan horses to search the computers of suspected terrorists.

Schäuble renews calls for surreptitious online searches of PCs

Austria plans to start conducting secret online searches in 2008

New Allegations of Chinese Attacks on German Systems

Hans Elmar Remberg, vice president of the German Office for the Protection of the Constitution, the country's domestic intelligence agency, recently reiterated Germany's concerns that Chinese "hackers" backed by the Chinese government were attacking German computers according to Deutsche Welle.
"Remberg told a conference on industrial espionage in Berlin on Monday that the nature and frequency of the attacks on German companies pointed to a concerted targeting by Chinese hackers backed by the state.

"In our view, state Chinese interests stand behind these digital attacks," said Remberg. "Supporting this view is the intensity, structure and scope of the attacks, and above all the targets, which include [German] authorities and companies."

China Rejects Renewed Accusations of Cyber Spying on Germany

Monday, October 22, 2007

Internet and Other Technologies Make Surveillance of Radical French Mosques Difficult

The Jamestown Foundation recently released a report on French intelligence agencies efforts to monitor the activity of radical mosques in France. While most of the article concerns the relative success of physical surveillance, an interesting note is made that technology, specifically Internet and satellite communications, are being used by radicals to bypass the physical surveillance and controls placed on French mosques:

"Mosques do not constitute the only channel of religious radicalization in France. Radical discourses are now conveyed through satellite televisions, which are increasingly available to French Muslims. The internet, with numerous jihadi-friendly websites available in both Arabic and French, allows the dissemination of a radical Salafi discourse that preaches hatred of the West, rabid anti-Semitism and anti-French racism. Finally, libraries and publishing companies specializing in Islamic studies also participate in the dissemination of radical Salafi material. On these three fronts, French law enforcement authorities are ill-equipped to monitor and curb the expansion of radical Salafi ideology disseminated via these channels. Actions against satellite channels or websites located outside of France are difficult or impossible."


An Inside Look at France's Mosque Surveillance Program

Improved Control of Chinese Internet Content

An anonymous Internet blogger purported to be a technician in a Chinese ISP details the growing success of Chinese Government censorship on the Internet by implementing a layered approach to control content.

"The government monitors the internet by means of a skillful mix of filtering technologies, cyber-police surveillance and propaganda, in all of which China invests massively," writes the technician, referred to only as "Mr Tao". "Draconian censorship hunts down anything to do with human rights, democracy and freedom of belief. It nips free expression in the bud."

According to the report, censorship of the web has grown along with the increasing power of the Beijing Internet Information Administrative Bureau, the organisation that monitors internet content in China. Its hold over is particularly strong for companies based in or near the Chinese capital, warns the study"
The original article appeared in The Guardian: China Tightens Control of Net

Thursday, October 11, 2007

Online Anit-Jihadist Activity

The Washington Post ran an article concerning what they call "counter-cyberjihadist". These individuals monitor websites for Jihadist activity and then bring pressure on the ISPs to remove the site. The article discusses the motives as well as some of the potential implications of this activity.

Blogs target jihadis online

Monday, October 08, 2007

Swedish Websites Attacked

AP is reporting that Swedish ISPs estimate at least 5,000 websites have been attacked in the last week, apparently from Turkey. The motive is believed to be anger over the recent publication of caricatures of the Prophet Muhammad in Swedish newspapers.

The attacks reported so far seem to be limited to web page defacements.

Turkish Hackers Target Swedish Sites

Israeli Concerns about Google Earth

Israel, like many countries, worries about the availability of satellite information via Google Earth. The ease with which military, terrorist or other radical groups could use such information for targeting and intelligence is real.

The opinion piece from ynetnews.com does conclude with the only viable solution: Adapt.
"All that is left for us to do is internalize the fact that we are transparent and take it into consideration when we undertake any kind of military activity. Just like we got used to the fact that cellular phones are one of the major means for leaking information, we must get used to the notion that the most secret facilities are no longer that secret – and conduct ourselves accordingly."
Like many disruptive technologies, adaptation is the only effective answer.

The Secret Is Out

Sunday, October 07, 2007

Cyber War Issues

Bob Brewin at Government Executive reports on Pentagon attempts to deal with recent intrusions into DoD systems allegedly originating from China.

The debate centers around the development of U.S. offensive capabilities on the Internet:
"The Defense Department has redundant systems in place to defend its network against cyberattacks, but in the past year it has started to push development of offensive information warfare capabilities. If "we apply the principle of warfare to the cyber domain, as we do to sea, air and land, we realize the defense of the nation is better served by capabilities enabling us to take the fight to our adversaries, when necessary, to deter actions detrimental to our interests," Marine Gen. James Cartwright, commander of the Strategic Command, told the House Armed Services Committee in March."
While the potential disruption from online attacks requires both defensive and offensive capabilities, there is a critical component missing in the debate - intelligence capabilities. It will be vital to build better intelligence and investigative capabilities in order to properly identify intrusion sources and motives. It is too easy to mask the source of an attack and any mis-directed counter-attack could have significant political and technical repercussions.

Government Executive News and Analysis: Cyber Wars

Friday, October 05, 2007

Western Goverments Look to Counter Online Terrorist Activities

It should come as no surprise that Western governments are looking for ways to counter the use of technologies by terrorist and other politically motivated groups. The International Herald Tribune has a report on these efforts and the potential impacts.

It is clear that governments must take action to counter online threats but the fear is that these actions are not always well thought out or the unintended consequences of countermeasures are understood. The article states this very clearly:

"One way of viewing these trends is that the terrorists have won," said Richard Clayton, a computer security researcher at the University of Cambridge who is part of the OpenNet Initiative, which tracks Internet surveillance and filtering practices. "They're making us change our society to counteract, not what terrorists are doing, but what they're threatening to do," he said.

"And what's being proposed doesn't really make any difference for a terrorist, who will find a way around it."

It is critical that the effect of countermeasures, whether defensive or offensive, must be understood. This is just as applicable in cyberspace as in the physical world.

West Is Taking Fight Against Terrorism Online

Thursday, October 04, 2007

Paper on Cyber PSYOPS Published

The Foreign Military Studies Office in Ft. Leavenworth has published a paper by Retired LTC Tim Thomas on the use of psychological operations employing online technologies to influence the attitudes and behaviors of both solders and civilian populations - referred to as CYOP (Cyber Psychological Operations).

These technologies include the use of mobile phones for "citizen journalism", the Internet (webpages, text messaging, digital newspapers, email, blogs, etc.) and other more esoteric ideas such as technologies that would affect the thoughts/brains of targets.

Another interesting component of CYOP is the use of deception. While it has always been used in traditional psychological operations, the immediacy of digital communication adds a new dimension. LTC Thomas states:
"Gray or fake news can be inserted quite easily in the cyber age. For example, mobile phones can be the medium through which to send regular messages—in the form of news updates— to discredit leaders or offer a different point of view on the fighting. Some mobile phone messages in Lebanon were headlined with the title “news.” But recipients did not find customary news: instead they found news from the Israeli viewpoint. In addition, the Israelis resurrected a Voice of Lebanon radio station on frequency 103.7 Mhz. While not mentioned in the article, Voice of Lebanon’s reporting could easily be inserted into mobile phone messages, if the former is ever blocked."
The author uses the recent Hezballah/Israeli conflict as a case study of these techniques and their effectiveness.

The full paper can be downloaded:

Hezballah, Israel, and Cyber PSYOP

Syrian Radar "Hacked"?

Speculation grows over how Israeli bombers were able to evade Syrian air defenses in a recent attack on an unknown target in Syria.

The Register is quoting an Aviation Week report that the Israelis may have used a technology called "Suter" to "hack" a radar installation.

"Aviation Week reckons the success of the attack might be down to use of the "Suter" airborne network attack system. The technology, was developed by BAE Systems and integrated into US unmanned aircraft by L-3 Communications, according to unnamed US aerospace industry and retired military officials questioned by Aviation Week.

Instead of jamming radar signals, Suter uses a more sophisticated approach of "hacking" into enemy defences.

"The technology allows users to invade communications networks, see what enemy sensors see, and even take over as systems administrator so sensors can be manipulated into positions so that approaching aircraft can't be seen," Aviation Week explains. "The process involves locating enemy emitters with great precision and then directing data streams into them that can include false targets and misleading message algorithms.""


Israel suspected of 'hacking' Syrian air defences

Wednesday, October 03, 2007

Zone-H.org to Hold "Hacking" Forum in Arabic

Zone-H.org has announced the creation of an Arabic language seminar on network intrusion techniques. This follows a speech in Syria by Zone-H founder Roberto Preatoni on future IT security threats.

The organization's website described the perceived need for an Arabic "hacking" course:
"We understand the importance of the Arabic community in IT security area and know that more and more countries are rushing to establish strong and secure infrastructures and legal ground. Also our participation on HITB conference in Kuala Lumpur showed us how is [sic] important to share the knowledge without any restriction. Therefore Zone -H is proud to announce Hands-on Hacking seminars in the Middle East area."
The first 6-day seminar will be held in Dubai in December and present topics on:
  1. "Attaching [sic] techniques at the infrastructure level";
  2. "Hacking Web Applications targeted on nowadays most used techniquest [sic] of web application hacking"; and,
  3. "Wireless hacking which is bringing in-depth knowledge of wireless security topics and attacking techniques."
The full announcement is available at the Zone-H.org website.
Hands-on Hacking Seminars in Arabic Countries

A brochure with a detailed seminar agenda is available at: Hands on Hacking.

Tuesday, October 02, 2007

Israeli Traffic Webcams May Be Used by Terrorist Groups

UPI reported on potential terrorist use of Israeli traffic webcams to plan attacks.

Jihadis using Web-based traffic cameras

Monday, October 01, 2007

Fake Dalai Lama Email on Burma Protests Contains Malicious Code

A fake email stating the Dalai Lama's support for protests in Burma actually carries an attachment which can infect systems with a copy of the Agent-CGU trojan horse.

As always, care should be used in opening email attachments from untrusted sources.

Hackers Exploit Crisis in Burma

South Korean Government Cracks Down on Anti-Draft Websites

AFP reports on efforts by the South Korean Government to block websites that advise citizens how to avoid the draft in the ROK.

Letters were sent to major Internet providers requesting the sites be taken down.

SKorea cracks down on Internet draft-dodgers

Internet Access to Burma/Myanmar Remain Down

The government in Burma/Myanmar continue to block Internet access to prevent coverage of the supression of anti-government protests.

Internet link remains shut amid Myanmar crackdown

EU Ministers Consider Anti-Terrorism Internet Controls

EU Ministers meet in Lisbon today to discuss increased Internet surveillance and controls to combat the use of websites in planning terrorist activity. This is partially in response to independent efforts on the part of individual EU countries:

"In response to a recent series of arrests and the unfolding of terror plots and planned strikes in Sweden, Germany and Austria, individual countries in Europe are already moving ahead to step up surveillance of the Internet.

In Germany, Interior Minister Wolfgang Schäuble is seeking powers allowing investigators to send software that secretly installs itself on specific computers, relaying data to police computers as users operate online."

While increased intelligence and surveillance may be effective, attempts to regulate Internet content are generally ineffective and are mostly cosmetic. Suppression of publicly available information will only drive it underground where it is more difficult to monitor. It will have little or no impact on the ability of terrorists or criminals to communicate as they will just find other, more covert, methods.

EU Takes Battle against Terrorism Online