Captured Taliban computer
Posted on 04/05/2006 8:28:16 PM PDT by FairOpinion
Al-Qaeda is using hacking techniques as part of its war against the US, the head of a security company which works for the US military has claimed.
Paul Innella, chief executive of Tetrad Digital Integrity, told last week's WebSec Conference that a laptop recovered from a terrorist training camp in Afghanistan revealed that the group has been researching hacking techniques.
Innella claimed that the laptop contained information on how to map computer networks and exploit software vulnerabilities.
He also said the laptop had software capable of modelling the impact of an attack on a US dam and calculating the damage caused by a breach.
However, Innella said it was unlikely that Al-Qaeda had the capability to conduct a large-scale cyber attack.
The organisation is, however, using the internet to research potential targets and to communicate with members of the group, he said.
"Terrorists are using the internet for viruses, Trojans and research. A good deal of research allowed the 9/11 attacks to succeed," he said.
Cyber-Attacks by Al Qaeda Feared
Late last fall, Detective Chris Hsiung of the Mountain View, Calif., police department began investigating a suspicious pattern of surveillance against Silicon Valley computers. From the Middle East and South Asia, unknown browsers were exploring the digital systems used to manage Bay Area utilities and government offices. Hsiung, a specialist in high-technology crime, alerted the FBI's San Francisco computer intrusion squad.
Working with experts at the Lawrence Livermore National Laboratory, the FBI traced trails of a broader reconnaissance. A forensic summary of the investigation, prepared in the Defense Department, said the bureau found "multiple casings of sites" nationwide. Routed through telecommunications switches in Saudi Arabia, Indonesia and Pakistan, the visitors studied emergency telephone systems, electrical generation and transmission, water storage and distribution, nuclear power plants and gas facilities.
Some of the probes suggested planning for a conventional attack, U.S. officials said. But others homed in on a class of digital devices that allow remote control of services such as fire dispatch and of equipment such as pipelines. More information about those devices -- and how to program them -- turned up on al Qaeda computers seized this year, according to law enforcement and national security officials.
"Al-Qaeda", "hacking", "head", "war" and "security" all in the same headline.
Captured Taliban computer
Paging the InfoSec pinglist... Let me know if you want to be 1 or 0. (That's ON or OFF, for those who are not binary-compliant)
I wouldn't lose any sleep over this one, gents.
From the old article:
"Some of the probes suggested planning for a conventional attack, U.S. officials said. But others homed in on a class of digital devices that allow remote control of services such as fire dispatch and of equipment such as pipelines. More information about those devices -- and how to program them -- turned up on al Qaeda computers seized this year, according to law enforcement and national security officials."
This stuff is never hooked directly to an internet connection! I know first hand - I've personally done penetration tests against this type of infrastructure. A more common architecture is for EMS and SCADA systems to be way way back, not directly internet accessible. The one I tested most recently required a 2 factor VPN authentication to access the protected areas, and had other protections for the deepest layers containing database systems and data acquisition and automation hardware like PLC's. This isn't the 90s anymore.
"Innella claimed that the laptop contained information on how to map computer networks and exploit software vulnerabilities."
That could mean a copy of the "nmap" port scanning software which is free and legal. you could download it yourself right now.
"He also said the laptop had software capable of modelling the impact of an attack on a US dam and calculating the damage caused by a breach."
The idiot author in cahoots with a gullible author made a huge misstatement. The software isn't to attack a dam - it's software to model explosives. in other words, it's commercial off the shelf engineering software.
I'm in this business. "Paul Innella, chief executive of Tetrad Digital Integrity" is seeking headlines by scaring the crap out of people.He should be ashamed. I looked at their website too, and their service offerings frankly suck the big wong. Vulnerability assessment is so 90s. It's all about compliance issues these days.
Please toss me on the InfoSec ping list.
Thanks!
Thanks for your reassuring post.
I am glad we are securing our infrastructure against hacking attacks.
"Most significantly, perhaps, U.S. investigators have found evidence in the logs that mark a browser's path through the Internet that al Qaeda operators spent time on sites that offer software and programming instructions for the digital switches that run power, water, transport and communications grids."
Every word you write may be true.
It is not good that they are doing this type of research. If they infiltrate an organization and gain access what harm could they then do? What if they infiltrate and get a job as an IT weenie in a state or federal bureaucracy?
Yes it is so unlikely. So was the COLE. So was hijacking several planes all at once and sending them to different targets. The only real solution is to treat them even more ruthlessly than they treat their enemies.
Anyone have a list of family members of all suicide bombers since 1980? Names, addresses, next of kin? This is just a rhetorical question, I am not advocating that this actually be done.
"Most significantly, perhaps, U.S. investigators have found evidence in the logs that mark a browser's path through the Internet that al Qaeda operators spent time on sites that offer software and programming instructions for the digital switches that run power, water, transport and communications grids."
This is so nonspecific as to be ridiculous.
What do they mean by the "digital switches that run power, water, transport and communications grids?"
PDF files of cisco manuals? Also freely downloadable. Not a big deal at all. It's all commodity hardware.
The truth is, if you want to knock out power to a metropolis, it's much easier to do it by physically blowing up some transformers than it is tocause a "digital pearl harbor."
The fears of cyberterrorism are overblown.
The most likely result isnt death - its inconvenience.
Even if the entire net were to go down for a couple days, really, big deal. It will cost money, but no one will die. The internet just isn't used for life critical things. It isn't reliable enough.
"It is not good that they are doing this type of research. If they infiltrate an organization and gain access what harm could they then do? What if they infiltrate and get a job as an IT weenie in a state or federal bureaucracy?"
im not trying to minimize the threats that exist to information systems. I'm very well aware of them, I get paid to break stuff, and I break a lot of stuff.
There's a lot of bad security out there, but I can report it's improving in the US. The main drivers are compliance issues like SOX, HIPAA, NERC, FERC, GLBA, COBIT, SAS 70, PCI, and others.
Yes they could get a job as an it weenie, but even then the damage they could do is limited. All "boomable processes" as they're called are highly redundant and include multiple levels of physical failsafes. At least the ones I've assessed do - and I've done penetration tests for power utilities, water utilities, and manufacturers of industrial control equiment used for large scale industrial chemical processes.
I'll be honest w you - i've also seen some scary stuff. I talked my way into the data centers of 3 customers last year where I had full access to everything. The weakest link in my observation isn't electronic. It's human.
I know, you're shocked.
I'd like to discuss it more but I need to get ready to catch a flight in the morning.
please send me a freepmail and ill add you over the weekend
And to think, American teenagers attend public universities to pretty much the same end...
As a friend of mine (who is a junior-level exec for IBM these days) said: Arabs hack like old people f*ck.
Hell, Knoppix-STD would be considered a terrorist tool as well if they thought this way.
Terrorists using the internet to attack infrastructure? Not likely at all, but they could use it for scams and financing.
" Terrorists using the internet to attack infrastructure? Not likely at all, but they could use it for scams and financing."
That's what I'm hearing from FBI Cybercrime folks. A large % of the CC fraud is traditional organized crime, particularly Eastern Bloc, and associated individuals.
"As a friend of mine (who is a junior-level exec for IBM these days) said: Arabs hack like old people f*ck."
I wouldn't generalize that way because MOST people who claim to be hackers lack real skillz and intuition about it. They're script kiddies - like trained monkeys.
That said there are a few groups of ME and Pakistan based islamo-hackers that are pretty good for bad guys.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.