"China has also been attacked by hackers of some countries, so the Chinese government attaches great importance to and participates in the international law enforcement cooperation in this area," Foreign Ministry spokesman Liu Jianchao said at a briefing Thursday."China disputes cyber crime report
Friday, November 30, 2007
The Electronic Intifada website describes itself as:
"The Electronic Intifada (EI) is a not-for-profit, independent publication committed to comprehensive public education on the question of Palestine, the Israeli-Palestinian conflict, and the economic, political, legal, and human dimensions of Israel's 40-year occupation of Palestinian territories."
The Israeli website's organizers describe their website as:
"Giyus.org is a coalition of Jewish and pro-Israeli organizations working together to help the Jewish community voice its opinion in an effective, active manner. It has put on its flag a goal to improve the channels of communications between the different organizations, their members, the state of Israel and the outside world.
Giyus.org was first founded by WUJS and is now supported and operated by our partners. It is a non-for-profit organization that is supported by donations. If you wish to donate please contact us here. We appreciate all help offered. Thank you.
Megaphone, Giyus.org’s software, is delivering real time alerts about key articles, videos, blogs, surveys and update messages from the coalition to community members. Members can easily voice their opinions and work together to support Israel on the public opinion front."
These are just two of many such websites but provide good examples of legal and legitimate political use of technology.
"The attacks appear to have been carried out by as many as 1 million computers in 50 countries worldwide, apparently from rented botnets, networks of compromised computers coordinated for criminal purposes. Targets were government Web sites and portals, financial institutions, and news outlets.Cyberattacks in the present tense, Estonian says
The aim of the attacks seemed to be psychological impact rather than damage to physical infrastructure, and Aaviksoo characterized them as cyberterrorism rather than cyberwarfare. But the possibility of full-fledged cyberwar must be faced, he said.
“It is imminent that future development will see warfare in this newly born cyberspace,” he said. “The probability of that is rising over time.”
"The Chinese were first to use cyberattacks for political and military goals," James Mulvenon, an expert on China's military and director of the Center for Intelligence and Research in Washington, said in the McAfee report.In fact, several governments have used cyberattacks for intelligence gathering dating back to the late 1980s when the Soviet Union used a group of German nationals to penetrate U.S. and European computer systems.
"Whether it is a battlefield preparation or hacking networks connected to the German chancellor they are the first state actor to jump feet first into the 21st century cyber warfare technology. This is becoming a more serious and open problem," he continued."
Germany was alleged to have used a separate group of 'hackers' to test the effectiveness of computer intrusions for economic espionage against the U.S. in an operation called 'Rehab' in 1989.
With this said, reports do indicate a large amount of illicit network activity originating from China. However, since the details of these intrusions are classified, it is impossible to fully analyze motives or the true origins of the attacks.
Cyber 'Cold War' Exists With China
Monday, November 19, 2007
Many countries are currently debating legislation to combat terrorist websites (for example the UAE, the U.K., the U.S., and the E.U.) yet most proposals offered to-date would have little real impact. Most websites would simply move to more friendly or less regulated countries. As the press release for the OSCE meeting stated:
"...the Internet - unlike any other medium - is not linked to any physical location. People intent on abusing cyberspace for terrorist purposes can do so from virtually anywhere in the world with just a laptop and an Internet connection."The OSCE meeting agenda included:
- Strengthening of and complying with the international legal framework
- Enhancing national legislation and regulations
- Improving relevant national counter-terrorism measures
- Promoting and adapting bilateral and multilateral co-operation
- Strengthening co-operation with the private and academic sectors
- Freedom of expression and other relevant human rights considerations
"Unfortunately, there is not a coherent strategy in Europe, especially among the 27 European Union member nations, as to what to do," said Sajjan Gohel, director for international security at the London-based Asia-Pacific Foundation.
"There's a lot of good talking, a lot of fine words, but those need to backed up with fine deeds," he said.
Combating terrorist use of the Internet
Experts urge cooperation to target terrorist misuse of Web
Saturday, November 17, 2007
It is common for some types of politically motivated computer crimes to involve forms of extortion. Examples include activity by cyber activists, or hacktivists, that threaten denial-of-service or other attacks if the target organization does not change their behavior, business or activity.
Specifically, the bill modifies section 1030 of title 18, United States Code as follows:
SEC. 6. CYBER-EXTORTION.
Section 1030(a)(7) of title 18, United States Code, is amended to read as follows:
`(7) with intent to extort from any person any money or other thing of value, transmits in interstate or foreign commerce any communication containing any--
`(A) threat to cause damage to a protected computer;
`(B) threat to obtain information from a protected computer without authorization or in excess of authorization or to impair the confidentiality of information obtained from a protected computer without authorization or by exceeding authorized access; or
`(C) demand or request for money or other thing of value in relation to damage to a protected computer, where such damage was caused to facilitate the extortion;'.
"Damage" is defined as "any impairment to the integrity or availability of data, a program, a system, or information".
The U.S. House of Representatives must also pass the legislation before it becomes law.
The full bill can be read at:
Identity Theft Enforcement and Restitution Act of 2007
Friday, November 16, 2007
The summary covers a wide range of U. S. Chinese issues such as trade, manufacturing, jobs, China's military buildup and cyber warfare capabilities.
Concerning China's offensive computer capabilities the summary states:
"Chinese military strategists have embraced disruptive warfare techniques, including the use of cyber attacks, and incorporated them in China’s military doctrine. Such attacks, if carried out strategically on a large scale, could have catastrophic effects on the target country’s critical infrastructure."And recommends:
"...adequate support for protecting critical American computer networks and data: The Commission recommends that Congress assess the adequacy of and, if needed, provide additional funding for military, intelligence, and homeland security programs that monitor and protect critical American computer networks and sensitive information, specifically those tasked with protecting networks from damage caused by cyber attacks."The report also discusses China's control over internal Internet activity:
"Over the decades China has built one of the world’s most effective information control systems. The Chinese government controls the content of newspapers, magazines, television, radio, and the Internet. Chinese journalists have been demoted, fired, imprisoned and beaten for violating restrictions on media content. Internet users face similar restrictions and violators may be imprisoned."
The discussions concerned the difficulty in controlling this type of website (see United Arab Emirates Police Call for Tougher Cyber Terrorism Laws for a discussion of similar problems with terrorist websites).
"The problem is that each country has its own standard of what constitutes hate," said Marcus, who recounted that during a recent conference in Europe, Russian representatives believed that Seventh-Day Adventists should be qualified as a hate group because of their views on the army and nationalism. "We clearly cannot adopt a universal standard that everyone agrees on."ADL conference explores 'cyberhate
During a recent information security conference in the UAE, police representatives discussed the need for stronger penalties for those who set up websites supporting terrorism.
"Major Khalid Al Hamadi of the Sharjah Police Department called for the strengthening of penalties for those who build terror-related Web sites during a presentation of a study on cyberterrorism in the UAE at the fifth annual Middle East Information Technology Security Conference, the Khaleej Times reported.
Current UAE federal law stipulates a five-year jail term for anyone found guilty of launching a terror-related Web site or of publishing information favoring a terrorist organization."
This call for criminalizing websites supporting terrorism follows a trend in several countries including several in the EU. However, in all of these cases, there is little discussion of the difficulty in enforcement. Some of the issues that will need to be addressed include:
- Defining terrorism - Different countries have widely varying definitions of terrorism
- Delineating free speech from material terrorist support
- Investigating and intelligence tools to properly identify website authors
- Culpability of third-parties such as ISPs
- International jurisdictional issues
Tougher penalties for cyberterrorists
Thursday, November 15, 2007
Discussions included the focus on terrorist activity to the exclusion of other online problems such as the cyber attacks against Estonia and child pornography.
Brazil Web forum takes on cybercrime
"Brown said Internet and technology companies will be asked to help stop online terrorist propaganda, and he announced that a meeting would be convened with leading British Internet service providers to find ways of doing that.
Along with possibly removing customers' sites, service providers also might be pressured to block ones hosted abroad. The government also could create a list of banned sites or try to persuade search engines like Google Inc. or Yahoo Inc. to filter out prohibited content from their search results."
PM: British Sites Need More Security
"The U.S. government has not devoted the leadership and energy that this issue needs," said Paul Kurtz, a former administration homeland and cybersecurity adviser. "It's been neglected."and;
"They're still not taking cybercrime seriously enough," said former administration cybersecurity adviser Marcus Sachs, now at Verizon Communications, reflecting the views of several former White House officials."The artilce lists several causes:
- Limited resources. Current and former agents contend there are too few federal cyberinvestigators, and that too little is done to retain detectives with advanced technical training. Budget numbers appear to support the critics' complaints.
- Fractured responsibility. A half-dozen federal agencies fight organized Internet crime with overlapping programs, and at times are barred from sharing information. One private security consultant described having to act as a go-between, linking information between two agencies unable to talk directly.
- An unfamiliar threat. Traditional crime-fighting techniques are often useless. And there are indications that top government officials still do not appreciate the scope or danger of the Internet fraud menace.
"Since a 2003 presidential commission issued the National Strategy to Secure Cyberspace, the White House has suffered from a leadership vacuum on cybersecurity.
Richard Clarke, the former counterterrorism coordinator, retired as cybersecurity czar just as the strategy was published. His deputy took over, only to leave government two months later.
The administration then eliminated the post entirely and shifted responsibility from the White House to the Department of Homeland Security - which treated the issue largely as a terrorism and military risk, to the exclusion of the online criminal underground that began to flourish during the next few years."
Part III: U.S. targets terrorists as online thieves run amok (requires registration)
Wednesday, November 14, 2007
- Cyber terrorism - Director Mueller acknowledged that terror groups have not performed cyber attacks but heavily rely on the Internet for communication, planning and recruiting.
- The Estonia cyber attacks
- Botnets and their potential for offensive attacks
- Economic and counterintelligence intrusions
"But we cannot limit our operations to the United States. Increasingly, cyber threats originate outside of our borders. And as more people around the world gain access to computer technology, new dangers will surface. For this reason, global cooperation is vital."A full transcript of the speech is available at:
Tuesday, November 13, 2007
Experts urge assault against terrorists' Web efforts
"Rita Katz, director of the Search For International Terrorist Entities Institute, told lawmakers that the "jihadist movement" will continue to grow if the Internet remains a "safe haven" for terrorists. She said the challenge will not just be to monitor the online activities of terrorist suspects, but also to identify and exploit the online weaknesses of terrorist groups and mine for information that can help to defuse offline terrorist efforts.
"For as long as jihadists on the Internet can engage in terrorist activities unfettered and unmonitored," Katz said, "the U.S. will not be able to cause significant, lasting damage to the global jihadist movement."
Monday, November 12, 2007
"The use of the Internet as part of the terrorism tools is actually the big story, much more than the new horizontal structure adopted by terror organizations. It has a much stronger impact on the war on terror than previously believed, because the West was not prepared to deal with neither the new flat structure of the reorganized terror groups, nor with the creative way of using the WWW as a tool that compensates for the lose of central command. Terrorists groups and especially Jihadists, discovered that the Internet is an excellent stealth attack weapon because:
In other words, what terrorists need is a few IT professionals and a hosting server. The results of cyber war may not be as spectacular as detonating an IED in a busy underground parking, but the actual damage has the potential of being more disastrous and create more chaos, by far."
- It doesn’t require field training (actually the training is already built-in the website itself)
- There are no special preparations after the site is up and running
- Changing the content and updating is secure and done remotely
- The technical support in minimal
- It provides an excellent scouting, recruiting and real time Intel tool
The Dark Web Of Cyber Terror – An Inescapable Reality
Analysis of the warning showed discrepancies, probable exaggerations and did not include the source material for complete analysis, leading most security professionals to treat the threat with some skepticism.
Sunday, November 11, 2007
"The Dark Web project aims to scour Web sites, forums and chat rooms to find the Internet's most prolific and influential jihadists and learn how they reel in adherents."
The article discusses the mission of the project and also some skepticism by tradition terrorism researchers in attempting to automate analysis.
Project seeks to track terror Web posts
Dark Web Terrorism Research web site is located at:
The resolution was inspired, in part, by the cyber attacks on Estonia originating from Russia.
One suggestion is to create a international legal framework to combat malicious or illegal use of information technology.
UN Approves Resolution Related to Cyber Attacks
Wednesday, November 07, 2007
The study identified four stages of radicalization:
- Stage 1: Pre-Radicalization
- Stage 2: Self-Identification
- Stage 3: Indoctrination
- Stage 4: Jihadization
"The Internet is a driver and enabler for the process of radicalizationThe full report can be read at:
- In the Self-Identification phase, the Internet provides the wandering mind of the conflicted young Muslim or potential convert with direct access to unfiltered radical and extremist ideology.
- It also serves as an anonymous virtual meeting place—a place where virtual groups of like-minded and conflicted individuals can meet, form virtual relationships and discuss and share the jihadi-Salafi message they have encountered.
- During the Indoctrination phase, when individuals adopt this virulent ideology, they begin interpreting the world from this newly-formed context. Cloaked with a veil of objectivity, the Internet allows the aspiring jihadist to view the world and global conflicts through this extremist lens, further reinforcing the objectives and political arguments of the jihadi-Salafi agenda.
- In the Jihadization phase, when an individual commits to jihad, the Internet serves as an enabler—providing broad access to an array of information on targets, their vulnerabilities and the design of weapons."
Radicalization in the West: The Homegrown Threat
Tuesday, November 06, 2007
"EU Justice Commissioner Franco Frattini wants a new EU offence of“public provocation to commit a terrorist offence”, which would include “the distribution, or otherwise making available, of a message to the public, with the intent to incite” acts of terrorism.As with any legislation limiting speech and communication the issue will be the definition of "terrorist". Critics have voiced their concern that such broad legislation could criminalize any speech unpopular to a government.
The offence would carry an agreed minimum jail term in all EU countries, and charges under the new law could be brought even if no act of terrorism resulted from the “public provocation”.The proposal states: “For an act to be punishable, it shall not be necessary that a terrorist offence be actually committed”.
Although the internet is the prime target, the new law would apply to all communication deemed to provoke terrorism.
Commission officials insisted the law would not curb the use of the internet to express political, academic or analytical views on terrorism."
Internet next target in "anti-terror battle"
The planned implementation shows the level of concern the U.S. military has for potential cyber attacks:
Its headquarters will likely consist of several hundred staff overseeing perhaps 20,000 Air Force personnel. They will include software experts, lawyers, electronic-warfare and satellite specialists, and behavioral scientists..."The cause of concern is partially centered around attacks against U.S. and other western systems.
"In recent months, U.S. officials said they have seen a sharp increase in efforts by hackers, backed by foreign governments, to infiltrate or damage U.S. and other allied information networks."The full story with more details of the Command and its planned structure and operation are available at GovermentExecutive.com:
Friday, November 02, 2007
As stated in the article, terrorist organizations are sophisticated in their use of technology but, so far, have not resorted to offensive use. This may indicate an inclination to do damage in the physical world where the impact is more severe and receives more attention.
Having said this, we should not dismiss outright the possibility of future attacks. There are numerous cases of individuals who ideologically support terrorist causes and act independently with web defacements and other attacks. We should expect these types of attacks to increase in both number and sophistication.
Therefore, while skepticism is warranted with this particular announcement organizations should continue to secure and monitor their networks against this type of activity (see Network Risk Management, LLC Recommends Caution in Evaluating Website Claims of "Al Qaeda Cyber Jihad" on November 11th)
Electronic Jihad: Winds of Cyber War or False Alarm?
The Register ran a similar story:
Scepticism over cyber-jihad rumours
The report is somewhat contradictory saying:
"The report said that during the first six months of 2007, Japan's National Police Agency detected as many as 2,112 hacker attacks from China on a single day."and then says:
"Japanese agencies have not detected attacks by Chinese on their networks but some experts say the Chinese conducted clandestine break-ins that left no traces."The report also discusses Japanese concerns that a large number on Chinese IT technicians working in Japan increase the risk of cyber attacks both by the Chinese government and individuals.
China Military Hackers Strike Again, This Time in Japan (requires sign-in)
"Air Force Gen. Paul Hester, commander of U.S. air forces in the Pacific, said in a separate interview that China's anti-satellite weapons and computer hacking are being watched closely.
"Cyber is a place where we are growing to learn where the dangers are," he said in his office at Hickam Air Force Base in Hawaii."
Thursday, November 01, 2007
"In a memorandum on his proposals [EU Commissioner for Freedom, Security and Justice Franco] Frattini said the Internet served as one of the principal boosters of the process of radicalization and recruitment of militants, as well as "a source of information on terrorist means and methods, thus functioning as a 'virtual training camp'."EU Commissioner Frattini wants to make online terrorism incitement a crime
Yesterday, Network Risk Management, LLC issued a notice to treat the claim with caution. Further analysis indicates that government and international businesses should use normal security procedures and monitoring.
Report: Cyber Jihad Set for Nov. 11