Cyberjihad for Veterans' Day weekend?
Don't cancel your day off yet
- By William Jackson
- Nov 07, 2007
An Israeli tabloid Web site has warned that Islamic terrorists are recruiting virtual martyrs to launch an electronic jihad against unfriendly online targets beginning Nov. 11.
According to the DEBKAfile
Web site, the assault apparently would take the form of denial-of-service attacks launched initially against 15 as yet unspecified sites and expand from there 'until hundreds of thousands of Islamist hackers are in action against untold numbers of anti-Muslim sites.'
But it is unlikely that the cyberworld will be coming to an end.
'I wouldn't lose any sleep over it,' said Paul Henry, vice president of technology evangelism at Secure Computing. 'It's a rudimentary attack.' But the alerts should serve as a reminder for organizations to keep denial-of-service defenses in place and up-to-date on their networks.
Warnings seem to all stem from the original late October report by DEBKAfile
, which has a spotty reputation for credibility. They have been repeated by the Northeast Intelligence Network
, a right-wing antiterrorism site, and the Jamestown Foundation
, a conservative think tank. According to the reports, the calls to virtual jihad have been made on a number of Arabic-language Web sites and attributed vaguely to 'Osama bin Laden's followers.'
Threats of cyberjihad are not new and so far have not materialized in any significant way. Launching an attack on a Sunday, and the day before a federal holiday in the United States, would not seem the best way to disrupt critical information technology infrastructure. But Nov. 11 is described as only the first day of the attack, to test ability.
The tool apparently to be used in this attack ' electronic jihad ' has been around for several years.
Henry described it as a 'script kiddy-level tool' with which the user selects a target IP address and launches an attack of ping packets. Version 2.0 of the tool, which appeared in January, automates the process some by automatically attempting to contact command-and-control servers that upload a target list.
'In our testing of the software we found three servers it connects with to get the target list, and two of them were online' at least intermittently, Henry said. The targets are updated every two hours, so there is no final list at this time.
But this remains a last-generation attack, relying on the coordination of many individuals to generate a volume of traffic capable of interrupting service to an address. Although the automatic targeting can help in the coordination, electronic jihad cannot work with botnets capable of launching large-scale distributed attacks.
The impact of any attacks will depend on the results of the recruitment campaign. Brute force is always a threat, Henry said. 'If they can fill the pipes with enough packets, you're dust.' But the odds are against that happening.
'It's nothing to panic about. Our defenses are in pretty good shape today,' he said. On the upside, the attack ' if it materializes ' could provide information to security researchers and intelligence analysts about the breadth of support for the effort and the ability of Islamic extremists to recruit computer users to their cause.
Still, this type of attack technologically is a step above strapping dynamite around your waist and walking into an office building. And it is one that can be repeated.
William Jackson is a Maryland-based freelance writer.