Wednesday, November 07, 2007

Will an Internet "Jihad" Be More Than A Hiccup For The U.S.

If the reports from DEBKAfile are accurate and bin Laden and al-Qaeda are going to initiate an "Internet Jihad" against multiple sources, then question then becomes: How effective would it be?

From DEBKAfile:

In a special Internet announcement in Arabic, picked up DEBKAfile’s counter-terror sources, Osama bin Laden’s followers announced Monday, Oct. 29, the launching of Electronic Jihad. On Sunday, Nov. 11, al Qaeda’s electronic experts will start attacking Western, Jewish, Israeli, Muslim apostate and Shiite Web sites. On Day One, they will test their skills against 15 targeted sites expand the operation from day to day thereafter until hundreds of thousands of Islamist hackers are in action against untold numbers of anti-Muslim sites.

DEBKAfile’s counter-terror sources report that, shortly after the first announcement, some of al Qaeda’s own Web sites went blank, apparently crashed by the American intelligence computer experts tracking them.

The next day, Oct. 30, they were up again, claiming their Islamic fire walls were proof against infidel assault.

They also boasted an impenetrable e-mail network for volunteers wishing to join up with the cyber jihad to contact and receive instructions undetected by the security agencies in their respective countries.

Our sources say the instructions come in simple language and are organized in sections according to target. They offer would-be martyrs, who for one reason or another are unable to fight in the field, to fulfill their jihad obligations on the Net. These virtual martyrs are assured of the same thrill and sense of elation as a jihadi on the “battlefield.”

In effect, say DEBKAfile’s counter-terror experts, al Qaeda is retaliating against Western intelligence agencies’ tactics, which detect new terrorist sites and zap them as soon as they appear. Until now, the jihadists kept dodging the assault by throwing up dozens of new sites simultaneously. This kept the trackers busy and ensured that some of the sites survived, while empty pages were promptly replaced. But as al Qaeda’s cyber wizards got better at keeping its presence on the Net for longer periods, so too did Western counter-attackers at knocking them down. Now Bin Laden’s cyber legions are fighting back. The electronic war they have declared could cause considerable trouble on the world’s Internet.


How much of a problem would this be for the U.S.?

I personally do not think it would cause us more than a hiccup as we countered anything they could possibly throw at us. Then again further research does bring conflicting opinions.

The Internet is a worldwide, publicly accessible series of interconnected computer networks that transmit data by packet switching using the standard Internet Protocol (IP). It is a "network of networks" that consists of millions of smaller domestic, academic, business, and government networks, which together carry various information and services, such as electronic mail, online chat, file transfer, and the interlinked web pages and other resources of the World Wide Web.

In 2002 their was a significant internet attack, 13 servers were hit, which led to downing the top five most visited sites, via CNN

As investigators continued tracking the source of a bid to topple the heart of the Internet this week, experts said the attack was neither the most efficient nor likely way to inflict pain on the average Web surfer.

"Most people had no idea this was happening," said Hari Balakrishnan, a computer science professor at the Massachusetts Institute of Technology. "If the top five most-visited sites were down, that's when people will tell you their service was disrupted."

It's called a "denial of service" attack. And investigators are hard at work trying to find those responsible, said FBI agent Steven Berry. A White House spokesman was asked whether cyber-terrorism was suspected.

"I'm not aware there's anything that would lead anybody in that direction. History has shown that many of these attacks actually come from the hacker community," spokesman Ari Fleischer told reporters.

Experts said the attacks would be hard to trace because hackers typically take over unsuspecting government and business computers as launch pads for bogus data.

Technical experts assisting with the investigation told the Associated Press the FBI was trying to pinpoint the origin of the attack by tracking logs of computers unwittingly used.

The attack is nothing new, Balakrishnan said. "I'm sure the top 20 portals in the world are seeing attacks as we speak."

Hackers are constantly trying to disrupt the servers where companies, schools and governments maintain their Web sites by overloading them with useless information.

Security specialists -- working for the government and companies -- monitor systems round-the-clock to ensure that hackers can be stopped in time. But on occasion, the attacks have been so fierce they've brought down sites such as eBay, Amazon and Yahoo.


Even that took only an hour to counter and implement defensive measures:

The 13 servers hit this week -- key to the Internet's naming system -- are responsible for matching Internet addresses with users' requests.

The attack, which began around 4:45 p.m. EDT Monday, flooded the 13 domain-name service root servers around the world with 30 to 40 times the normal amount of data. Seven of the servers were affected enough to have periods of "zero-reachability," according to Web security firm Matrix NetSystems.

It took about an hour for security specialists to enact defensive measures and restore service.


In July of 2003, the Government warned against a massive internet attack and took precautions, and in 2007 we were hit with, what was called, the most significant internet attack since the 2002 attack mentioned above.

Home and office computers might have unwittingly played a part in a major attack against key root servers yesterday, which could have brought down the Internet. According to reports, this was the most significant attack against the Internet's Domain Name System (DNS) backbone since October 2002.

Hackers created zombie networks or 'botnets' on personal computers in order to bombard the DNS servers with traffic. Zombie computers can be used by criminal hackers to launch distributed denial-of-service attacks, spread spam messages or to steal confidential information. While the computer owners may have been unaware that their PCs were compromised, had the attack been completely successful then all Web site access and e-mail delivery would have been suspended globally.

"These zombie computers could have brought the Web to its knees, and while the resilience of the root servers should be commended, more needs to be done to tackle the root of the problem - the lax attitude of some users towards IT security," said Graham Cluley, senior technology consultant at Sophos. "Society is almost totally reliant on the Internet for day-to-day communication -- it's ironic that the people who depend on the Web may have been the ones whose computers were secretly trying to bring it down."

Root servers, which manage the Internet's Domain Name System, help to convert Web site names such as amazon.com to their numeric IP address - essentially acting as an address book for the Internet. UltraDNS, which manages traffic for Web sites ending with the suffix .org and .info, confirmed that it had witnessed an unusual increase in traffic. In all, three of the 13 servers at the top of the DNS hierarchy are said to have felt the impact of the attack, although none are thought to have stopped working entirely.

"If the DNS servers were to fall over then pandemonium would ensue, emphasizing the importance of properly defending all PCs from being taken over by hackers," continued Cluley. "A denial-of-service attack like this swamps Web-connected servers with traffic from many computers around the globe. It's a bit like twenty hippos trying to get through a revolving door at the same time - there's no route through and everything clogs up. Fortunately the system is designed to be extremely resilient to these kind of attacks, and the average man in the street won't have noticed any impact."

Some reports have suggested that much of the attack traffic may have come from computers based in South Korea. However, the motivation for the attack remains unclear.


The possibility of an internet attack so massive it would shut down all systems is very small, but it isn't anything to be ignored either and our government has been working on it and taking the threat very seriously as the FBI focuses on preventative measures.

As Fox points out, this was threatened in 2004 but the rumors turned out to be baseless.

You can see for yourself how the internet structure works here.

Now, just to prove I am not waving this away and thinking it could never happen, I have been looking for anything of a serious nature that addresses the problem of a successful internet attack, a massive one. What I found was disturbing.

In doing so I ran across a 2 page piece in Newsweek which describes a worse case scenario.

One quote struck me as significant. The quote was from Paul Vixie, president of the Internet Software Consortium, a nonprofit that helps maintain the Internet:

I'm terrified if I think too hard about it, This isn't so much a threat to national security as a threat to civilization."


The first paragraph gives us a hint of the confusion and chaos a successful internet attack could cause:

If you wanted to write a science-fiction thriller about the day the Internet crashed, you'd start with a computer geek. Armed with nothing but a laptop and a high-speed Internet connection, he releases a fast-spreading computer virus that in a matter of minutes gives him control of thousands, perhaps millions, of personal computers and servers throughout the world. This drone army launches a silent and sustained attack on computers that are crucial for sending around the billions of packets of data that keep e-mail, the Web and other, more basic necessities of modern life humming. At first the attack seems to be an inconvenience--e-mail traffic grinds to a halt, Web browsing is impossible. But then the problems spread to services only tangentially related to the Internet: automated-teller machines freeze up, calls to emergency numbers fail to get routed to police stations and ambulance services, airport- and train-reservation systems come down. After a few hours, the slowdown starts to affect critical systems: the computers that help run power grids, air-traffic control and telephone networks. Call it the worldwide muddle--a level of confusion that sometimes occurs during storms and power outages, but never before on a global scale.


Read both pages, the piece is good.

It also makes me hope with a passion that our computer geeks are better than the terrorists computer geeks.

So, would an internet jihad be more than a hiccup for us?

Sure, if it was a completely successful attack, I simply do not think al-Qaeda is that good or that capable.

(Disclaimer: I could be wrong....LOL)

.