CIA warns of Net terror threat

America's spooks have named Sunni extremists, Hezbollah and Aleph--formerly known as Aum Shinrikyo--as other top threats.

"These groups have both the intentions and the desire to develop some of the cyberskills necessary to forge an effective cyberattack modus operandi," the CIA said in a report to the Senate Intelligence Committee.

The CIA's report, which responds to a list of questions from senators, also says that scientific data posted online aids terrorists: "Terrorist groups worldwide have ready access to information on unconventional weapons, including nuclear weapons, via the Internet."

After the Sept. 11, 2001 terrorist attacks, government pressure to self-censor scientific information has grown. It prompted the presidents of the National Academies to say in a statement on Oct. 18 that "restrictions are clearly needed to safeguard strategic secrets, but openness also is needed to accelerate the progress of technical knowledge and enhance the nation's understanding of potential threats."

"Aleph, formerly known as Aum Shinrikyo, is the terrorist group that places the highest level of importance on developing cyberskills," said the CIA report prepared by Stanley Moskowitz, the agency's director of congressional affairs. "These could be applied to cyberattacks against the U.S. This group identifies itself as a cybercult and derives millions of dollars a year from computer retailing."

The Aum Shinrikyo religious group carried out the deadly nerve gas attack in a Tokyo subway in 1995, which killed 12 people and sent more than 5,000 to hospitals. The group is a doomsday cult that believes the end of the world is near.

The CIA report, along with two others from the State Department and the Defense Intelligence Agency, were prepared in March and April but were not made public by the Senate until this month.

In September, the White House released a 64-page report on securing networks and thwarting "cyberterrorism." Richard Clarke, an adviser to President Bush, said at the time: "We rely on cyberspace, and it is not yet secure. We know the vulnerabilities, and we know the solutions. Let us all work together."

In the past, some intelligence officials have been criticized for being overly alarmist. At an unclassified hearing in February 2001, Adm. Tom Wilson, head of the Defense Intelligence Agency, predicted that Fidel Castro might be preparing a cyberattack against the United States.

Wilson told the Senate Intelligence Committee that Castro's armed forces could initiate an "information warfare or computer network attack" that could "disrupt our military."

Castro denied the charge as "craziness," saying his nation did not have the technical ability to succeed in such an attack even if it wanted to launch one.

Considering the number of elite level hackers in Germany (who hate us to begin with), I wouldn't be surprised if that is where the attacks have been coming from - up to and including both our problems on FR and the attacks on the backbone routers a week or two back.

If FR (or anyone else) is under attack it if very important to identify the source of the attack, and make the fact public -- don't keep it hidden. For denial of service attacks, it is possible to trace the IP address back to the source. Then we could see if it came from Germany or not. Of course, if the hackers used a compromised machine and launched the attack from another site it is a bit harder. Even so, the site originating the DoS gets turned off.

There are literally hundreds of Arab groups devoted to hacking. Here's a few links to get started:

Arab Hackers
Egyptian Hackers Intelligence Agency
Coffee4Arab: A forum for hackers
Palestine hackerz
Hezbullah hackers
(many more, contact me if you'd like to research these groups and trade notes).

The Jewish group Haganah has been under attack for a month. All of the attacks have appeared to have originated from Saudi Arabia, Kuwait, ... and EveryOne's Internet (in Houston Texas) home of several jehadi sites. Of course, Haganah is a lightning-rod for attacks by Islamists. Last month Al-Qaeda hackers declared jihad on SiMoKyFed.com

Political unrest fuels hack threats
Reuters
October 29, 2002, 5:16 AM PT
URL: http://zdnet.com.com/2100-1105-963653.html
SYDNEY--Pro-Islamic hackers are on the frontline of a potential new cyber war after the end of a cease-fire by "hacktivists" and virus designers that followed the September 11 attacks on the United States, Internet experts say.

Pro-Islamic hackers are escalating attacks against countries backing the U.S. war on terror and its campaign against Iraq, while the "Bugbear" worm and last week's strike on the Internet backbone signal that cyber villains are again on the prowl.

London-based computer security firm mi2g said on Tuesday that October had already qualified as the worst month for overt digital attacks since its records began in 1995, with an estimated 16,559 attacks carried out on systems and Web sites.

The firm which advises banks, insurance and reinsurance firms on security said politically motivated attacks had risen ``sharply.''

"We have noticed that more and more Islamic interest hacking groups are beginning to rally under a common anti-U.S., UK, Australia, anti-India and anti-Israeli agenda," it said.

According to the zone-H database, an independent site which monitors hacker activity, politically motivated Web Site defacements make up around 11 percent of the total.

Most hacking is attributable to "script kiddies" from Brazil to Germany "bragging and strutting," said Dean White, the SANS Institute Internet Storm Center coordinator for the Asia Pacific.

But real-life events like the September 11 anniversary, simmering violence in Israel, bombs in the Philippines or the October 12 blasts that killed 180 people on Indonesia's island of Bali all could be expected to serve as inspirations on the Web.

Something around the corner

"We were saying we have to be ready and we have to be prepared, it's been quiet for too long, there's going to be something around the corner," White told Reuters.

Of the hacking groups active in October, three were pro-Islamic, according to mi2g.

One of them is the "UNIX Security Guards" (USG), a "macro" hacking group formed in May this year and believed to be composed of other smaller entities ranging from "EgyptianFighter," to hackers from Muslim former Soviet republics and Morocco.

USG increased the number of attacks it carried out in September tenfold to 207 from 21 in August.

By October 27, USG boasted 1,511 attacks for that month alone, mi2g said. The zone-H database notes that most of USG's attacks involve mass defacements--carried out through cracking virtual hosters supporting dozens of Web Sites.

The other active groups are "FBH,' or "Federal Bureau of Hackers," thought to be based in Pakistan, and "TheBuGz," also believed to be mainly Pakistani.

On hundreds of U.S., British and other Web Sites defaced by data attacks, the groups have placed messages demanding "freedom" for the Palestinians and opposing a war in Iraq.

"USA I think that you are all about to be some war criminals. UK you are a slave to USA," USG wrote on one site.

"Hey, wanna know what America and UK do 2 Iraqi kids? Take a look...they bomb them," FBH wrote on a Virgin mobile telephone ring tone download site recently.

The rise in pro-Islamic hacking coincides with last week's unprecedented "distributed denial of service" attack on nine of the 13 root DNS servers that form the Internet's spine.

Washington has downplayed the likelihood of "cyberterrorism."

But experts said, whoever was responsible, it highlighted the vulnerability of infrastructure to "Command and Control" intrusions or reconnaissance probes that could affect power transmission, nuclear plants, water storage or communications.

"In recent months, information of this type has been ferreted via the Internet. This has been traced back to IP addresses in Saudi Arabia, Kuwait, Pakistan and Indonesia," mi2g said.

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.