The Cyber Jihad that wasn’t

By PatB
Contributing Writer, [GAS]

Groups of political activists or “hacktivists” that support Al Queda had been calling for a “cyber jihad” to occur yesterday, November 11th.  There was never any mention of a specific target for their holy cyber war, and no one noticed any effects of their efforts.  If there was a concerted effort to attack internet sites, you could label this jihad as a failure.

Image copyright CBSNews.

The Washington Times has some background on the attacks here.

A planned cyber-attack by al Qaeda supporters against Internet sites today has its intended targets in the U.S. on guard.  The plans were uncovered by several Web sites in October, one of which launched a counterattack earlier last week.

A Homeland Security Department spokeswoman dismissed the threat as rumor and said the agency did not issue any warnings in advance.

One message board called al-Jinan acted as the main page for attackers to download software called “Cyber Jihad 3.0” for the attacks, but another, unidentified blogger initiated a counterattack and shut down the page last week.

So it seems there is indeed anti-terror cyber warfare taking place on the net, and much of it is led by private groups.  These efforts have, to my knowledge, gone on without interference or prosecution by the U.S. government, which could be considered as tacit approval of the government.  Or, since it is against the law to operate websites or publish propaganda to support Al Queda or other terrorist groups, any victims of this cyber-vigilanteism has remained quiet, knowing they would face prosecution themselves for exposing their identities.

The article also mentions a piece of software called “Cyber Jihad 3.0.”  McAfee’s Avert blog analyzed the software and provides screencaps of the program here.  As one commenter correctly notes in the blog, its like volunteering for a botnet.

Marc Sachs, the director of SANS, notes his gleeful disappointment at the failures of the cyber jihadis here, saying:

Folks, let’s get serious about this for a few minutes.  I know that this is politically incorrect, but the odds of a terrorist group “terrorizing” the Internet with cyber bullets and e-bombs are about as small as the odds of the Morse Code coming back as a primary means of communication.  It’s not zero, but it’s also not much more than zero.  With the Internet providing near-perfect communications and a seemingly endless supply of money (from fundraising, phishing and other criminal activity) why would a terrorist group want to blow it up?

But the cyber jihad may have failed for more technical reasons rather than lack of effort.  McAfee examined the binaries of the Cyber Jihad 3.0 program here and concluded the software won’t pose much of a threat.  They list 7 reasons why it didn’t work.  They concluded:

The little bits of analysis make the code look to be written by high school or early college kids. If their network gets large enough, maybe they could have caused harm. Right now the websever isn’t working and the app seems like a no-go. I’d suggest everyone block traffic to the server and stop worrying.

So is this enough to not have to worry about cyber terrorism?  Perhaps only as far as its direct impact on internet operations.  Remember, causing infrastructure to explode is always more terrifying than a DDoS against a messageboard.  The real threat, however continues to be terrorist organizations using the internet for fundraising, phishing scams, and identity theft.  The next major terrorist attack could be financed by stealing the identities of internet users who tried to buy low cost Viagra.

Now thats a terrifying idea.