U.S. Fears Al Qaeda Cyber Attacks (A MUST-READ)

The Washington Post ^ | June 26, 2002 | Barton Gellman

[Timesink]

Unsettling signs of al Qaeda's aims and skills in cyberspace have led some government experts to conclude that terrorists are at the threshhold of using the Internet as a direct instrument of bloodshed. The new threat bears little resemblance to familiar financial disruptions by hackers responsible for viruses and worms. It comes instead at the meeting points between computers and the physical structures they control.

[Mitchell]

Al-Qaeda isn't doing anything as intricate and roundabout as Thompson's C compiler exploit. And physical control systems generally aren't on the Internet.

But source-code auditing isn't a panacea. For one thing, an insider can change the code after it's been audited. For another, the backdoor could be inserted in an obscure way that might survive an audit. Also, the audit process could itself have been compromised, although that's less likely.

I think there are risks from worms which can systematically look for the unusual vulnerabilities [for instance, an infrastructure-support computer that a careless person has left attached to the Internet, or a computer that somebody with security clearances uses at home and which might have revealing, even if non-classified, information on it]. Such worms can install backdoors and keystroke loggers. A worm could also simply be used to take over large numbers of ordinary machines on the Internet, causing economic disruption if done on a large enough scale.

Moreover, password security is often quite poor, and keystroke loggers make the password situation worse. People often use the same passwords on multiple machines, for convenience; what can ensure that they don't use the same password on a critical or classified machine that they use on a regular (easily-compromised) machine on the Intenet? Of course, the terrorists would still have to get access to the critical machine being attacked, but still....

We know that the various secret U.S. government services have been infiltrated by moles over the years. Nuclear secrets have been stolen. People find it believable that anthrax may have been stolen from the U.S. biowarfare facility at Ft. Detrick. With this kind of track record, I would assume that a determined enemy could gain access to machines with classified information or to machines controlling various devices, in an inside job.

Finally, the effect of a denial-of-service attack in conjunction with a physical attack, disrupting emergency responses, shouldn't be underestimated.

[mikeIII]

China has been pursuing a strategy of setting up proxy, rogue nations to advance its agenda of destabilizing our allies and other nations in the region and to keep us off guard. Pakistan and N. Korea are the main culprits and together these three are the real axis of evil. China has made sure Pakistan and N. Korea have the necessary technology. China may well facilitate them to go the next step and have some crude nuclear devices aimed at our cities. That would be the ultimate proxy setup.

[mikeIII]

Good points, all, PS. In the old days, technology with the potential to cause devastation, terror and panic were in the hands of nation-states, and, of course, we had James Bond. Today's world of reality makes even more powerful technology available to the barely organized terrorist groups, which makes it difficult for us to find a target to go after. Having nurtured the Taliban and Al Qaida for years, Pakistan is now selling the idea that it is itself a victim of terrorism, but wont let us in to wipe them out. Saudis are playing a similar game. Who do you go after, then?

[dr_who]

Do you actually have a legitimate argument to make as to what's wrong with the article, or are you merely interested in tossing around empty insults?

Sure, but the point is, do they? Does the FBI actually think it can protect any company computer from breakins without controlling the network those computers run on? There are websites chock full of examples of computer systems that have been broken into with impunity, mainly because of an incompetent sysadmin. I you look back far enough, the FBI's website is probably on one of those lists. Large portions of the internet have been shut down by distributed DOS attacks and by hobos lighting fires underneath fiber optic cables for that matter. Regardless of what the FBI does, the organizations that depend on computer networks in order to do what they do are going to have to keep their own systems secure so that they can continue to operate, regardless of whether we're talking about an oil crisis, hurricane, terrorist attack, or some bored 13 year old kid. Credit card fraud is routine. Right now out west, countless acres of land are going up in smoke. Hurricanes, flooding, and severe blizzards have hit some part of the country within the last two years. I also recall that a big percentage of New York's business district and communications infrastructure crumbled to dust last year, half of California was subject to rolling blackouts (never mind the huge ones that occured before we had the technology we have now. btw, remember three mile island?), one, maybe more to come, of the world's corporations have been tempting fate (not to mention all of the air carriers in the US), and yet here we are. Now you won't find me arguing with you that if a super-secret conspiracy of muslim radicals were to set off 45 megaton suitcase nukes in all of the nation's major cities and thoroughfares simultaneously, we would be screwed. I'm not denying that. Don't think that I'm not grateful that folks in the press and our government have been thinking of all the sophisticated nasty things evildoers everywhere could do to us, but I just have to wonder if these were the same people who were arguing over the best way to stop 5 men armed with box cutters from successfully hijacking a jet plane.

[dr_who]

I don't know about you, but I'm deathly afraid of being demoralized.

[honway]

OKCSub, the article linked in the title of this thread is a must read. It is lengthy,at least four pages you have to scroll through, but it is worth the time. There is an interesting China connection to the al Qaeda cyber attack information.

http://www.freerepublic.com/focus/news/692331/posts

The Chinese military is preparing to launch new "exploratory" cyber-attacks against U.S. defense and civilian computer networks and systems

The Chinese military is preparing to launch new "exploratory" cyber-attacks against U.S. defense and civilian computer networks and systems as part of Beijing's continuing efforts to level the playing field against the American military, according to a noted intelligence bulletin.

Quoting Asian sources, the China Reform Monitor, or CRM – a publication of the American Foreign Policy Council reported Wednesday that the attacks are scheduled to take place in early summer.

[honway]

Please see reply #86. Thanks for the thread. In my opinion,
this is very important information.

[honway]

I think this may be where the next attack comes from. In my opinion, China should be added to the membership list of the "Axis of Evil."

I do not believe al Qaeda could have advanced their cyber offensive capability this far so quickly without the aid of China.

[honway]

Here is a small portion of this must read article. It is being taken very seriously by the intelligence/security community

U.S. intelligence agencies have upgraded their warnings about al Qaeda's use of cyberspace. Just over a year ago, a National Intelligence Estimate on the threat to U.S. information systems gave prominence to China, Russia and other nations. It judged al Qaeda operatives as "less developed in their network capabilities" than many individual hackers and "likely to pose only a limited cyber-threat," according to an authoritative description of its contents.

In February, the CIA issued a revised Directorate of Intelligence Memorandum. According to officials who read it, the new memo said al Qaeda had "far more interest" in cyber-terrorism than previously believed and contemplated the use of hackers for hire to speed the acquisition of capabilities.

"I don't think they are capable of bringing a major segment of this country to its knees using cyber-attack alone," said an official representing the current consensus, but "they would be able to conduct an integrated attack using a combination of physical and cyber resources and get an amplification of consequences."

[honway]

Counterterrorism analysts have known for years that al Qaeda prepares for attacks with elaborate "targeting packages" of photographs and notes. But, in January, U.S. forces in Kabul, Afghanistan, found something new.

A computer seized at an al Qaeda office contained models of a dam, made with structural architecture and engineering software, that enabled the planners to simulate its catastrophic failure. Bush administration officials, who discussed the find, declined to say whether they had identified a specific dam as a target.

The FBI reported that the computer had been running Microstran, an advanced tool for analyzing steel and concrete structures; Autocad 2000, which manipulates technical drawings in two or three dimensions; and software "used to identify and classify soils," which would assist in predicting the course of a wall of water surging downstream.

To destroy a dam physically would require "tons of explosives," Assistant Attorney General Michael Chertoff said a year ago. To breach it from cyberspace is not out of the question. In 1998, a 12-year-old hacker, exploring on a lark, broke into the computer system that runs Arizona's Roosevelt Dam. He did not know or care, but federal authorities said he had complete command of the SCADA system controlling the dam's massive floodgates.

Roosevelt Dam holds back as much as 1.5 million acre-feet of water, or 489 trillion gallons. That volume could theoretically cover the city of Phoenix, down river, to a height of five feet. In practice, that could not happen. Before the water reached the Arizona capital, the rampant Salt River would spend most of itself in a flood plain encompassing the cities of Mesa and Tempe -- with a combined population of nearly a million.

[Ozarkie]

"Some people here must get an orgasmic high out of being afraid of claptrap that shows up in newspapers."

Maybe...but then some of us live near dams and believe in preventive medicine.

[honway]

I recall a news report of a man intercepting a call in Arabic on his
cell phone concerning an attack on Las Vegas and the "day of Freedom". As I recall Hoover Dam is very close to Las Vegas.

[Mark17]

This is just one more reason why more people should be getting ham radio licenses.

KJ6II. Avanced. Kenwood TS 940s. 2 element triband quad, 10, 12 and 15M.

[Fred Mertz]

I suppose we'll know something within the week about any attacks. There was much discussion about the intercepted cell phone call in Las Vegas; I followed some of it.

The FBI pretty much discredited the individual's account, but many found him to be a credible person with an incredible account of the conversation he allegedly heard. Some, like Freeper Registered seem to conclude that his cell phone could not have picked up a stray conversation, due to the digital features of the type cell phone he possessed.

Thanks for the flag, honway.

[honway]

http://www.freerepublic.com/fo cus/news/707518/posts

We arranged an interview Sunday afternoon. Evidence of his 'credibility' became evident before we even arrived at the home. Michael Hamdan lives in a gated community in Henderson, Nevada, so beautifully manicured and green that the fine Nevada dust was blissfully absent. Even his garage floor was clean. The backyard contained a pool, and sits on the border of the golf course, the jewel of this Green Valley housing complex. No sooner did we pass the gate than I asked, "What would he need this for?" The inside of his home was equally well-appointed, and while not ostentatious, would surely be the envy of the average "Special Agent."

Hamdan's artistic taste: There was a Picasso print on the wall.

Michael Hamdan is an articulate retiree who emigrated lawfully from Beirut Lebanon in 1987. He had worked for IBM in the Gulf and later for Cartier. "My fame is my family," he told us, and his proudest moment was when he stood up in the Los Angeles convention center and took his oath of United States citizenship.

He pays his taxes, has the social security number; the whole nine yards.

We sat mesmerized while he described the last week of his life. It was a week that had turned a Real American into a sleepless, anxious man disappointed and frustrated and not knowing where to turn. It began Saturday, June 15, 2002 and ended on Saturday, June 21, 2002, when the FBI and Mayor Goodman declared Michael Hamdan "not credible." And this story is still not over yet. He wasted no time telling his story - a little more than what most other media dared to report. He gave us the timeline.

June 15: Hamdan is out running errands and stops at Good Guys, a huge music warehouse on West Sahara, about 4 miles west of the strip. He buys a small TV and orders a larger one, then leaves the store and turns right, south, on Las Vegas Boulevard (The Strip). Then, the familiar slow ride past world famous Casinos: The Rivera, Circus Circus, The Sahara, The Mirage, etc.. Planning to turn east on Tropicana Blvd., several miles south, Mr. Hamdan calls his wife - somewhere near "Treasure Island."The Most Infamous Cell Phone in Las Vegas

Sierra Times Photo

The cell phone is a new Seimens. It's one of those 'global types.' It'll work as well in London, Paris, Tokyo and Mecca - just as well as it does in Vegas. He has not had it long enough to program it so he hand dials his home number to call his wife. But he hears no click. Thinking he had not pressed the send button, he moves the phone away from his ear when he hear voices. The voices are speaking his native Arabic so he begins listening.

The words he hears make him freeze. It is pure Arabic, with no English and is one voice speaking to a second voice that keeps saying "Tayeb." Tayeb in Arabic means more than OK, it means acceptance or recommendation, "I got it."

"The first voice had a thick, harsh accent from the Gulf Region. It could have been from Saudi Arabia, Dubai, Abu Dabu or Iraq," Hamdan said firmly.

The exact words - words that affected room holiday reservations in Las Vegas were:

"We are in the city of corruption. We are in the city of gambling and prostitution. And they are talking about freedom. We are going to hit them on their day of freedom." He repeats this twice during 60-90 seconds.

"In the background, I heard more people, and another Arabic voice could be heard yelling, 'It's enough! Stop it! It's enough!'". Hamdan implies that someone realized that his loud mouth associate was spilling the beans over a cell phone.

Mr. Hamdan was frozen in fear and began to sweat.

"The voices were not from the street," Hamdan reported, "they were highly educated... using formal words." He told us that the city of corruption was "Medinat el Fasad" in Arabic. It sounded like one guy was reporting and making a statement and the other man was taking it.

The phone goes dead. Mr. Hamdan continues to drive and arrives home. His wife asks him if he is alright, and notices that he looks pale, but he is too disturbed by the call to speak even to her. Later that evening, he finally shares with her what had happened.

The frightened couple does not know whether to call the police, FBI, or media. Hamdan is concerned for his family's safety. At two in the morning, his conscious prevails over his concern for safety "If God forbid, something happens," Hamdan said, "I could never live with myself."

June 16th: 2 a.m. Hamdan speaks with an FBI operator and asks to speak with anyone with authority about serous information. He does not provide the nature of that information, just states that it's valuable. No return call is received from the FBI. This is Sunday morning.

12:00 p.m. No sleep. Could happen when you've overheard that the city you've made your home may be a "Jihad Target." Hamdan again calls the FBI and speaks to a different operator. She says, "I do not see your name." This time, because the operator is very professional and claims to have 14 years experience with the FBI, he tells her what had happened - in detail. The operator takes his report and tells him that they would find an agent immediately to call back.

He waits.

And waits.

Nobody ever calls.

[Bandolier]

Ummmm, not that I know any of then, but the local hackers will eat the jihadists alive, and masturbate on the Koran while playing Tomb Raider.
It ain't no Prob'.

[honway]

From the link in the above reply. This guy is credible, in my opinion.

The words he hears make him freeze. It is pure Arabic, with no English and is one voice speaking to a second voice that keeps saying "Tayeb." Tayeb in Arabic means more than OK, it means acceptance or recommendation, "I got it."

"The first voice had a thick, harsh accent from the Gulf Region. It could have been from Saudi Arabia, Dubai, Abu Dabu or Iraq," Hamdan said firmly. The exact words - words that affected room holiday reservations in Las Vegas were:

"We are in the city of corruption. We are in the city of gambling and prostitution. And they are talking about freedom. We are going to hit them on their day of freedom." He repeats this twice during 60-90 seconds.

"In the background, I heard more people, and another Arabic voice could be heard yelling, 'It's enough! Stop it! It's enough!'". Hamdan implies that someone realized that his loud mouth associate was spilling the beans over a cell phone.

[honway]

seem to conclude that his cell phone could not have picked up a stray conversation, due to the digital features of the type cell phone he possessed.

I have experiened the cross talk on a land line, it's very rare but it can happen. Since land lines interface with cell phones, I believe it is possible, IMHO. The story is very credible.

[Schatze]

Would they actually put something like the control valves to a nuke plant or a dam on outside access where hackers could snoop in the first place? Not likely IMHO.

You have to remember who's in charge of all this infrastructure -- government employees. From everything I've seen, many bureaucrats lack essential analytical skills. It's seems within the realm of possibility that they'd do something just that stupid.

[honway]

A computer seized at an al Qaeda office contained models of a dam, made with structural architecture and engineering software, that enabled the planners to simulate its catastrophic failure. Bush administration officials, who discussed the find, declined to say whether they had identified a specific dam as a target.

If the Bush officials did identify the specific dam and it is in the Las Vegas area, they are playing some high stakes poker by not identifying the dam. If so, I hope they win. We will know soon.