Cyberterrorism: By Whatever Name, It's On The Increase - InformationWeek
03:45 PM

Cyberterrorism: By Whatever Name, It's On The Increase

Experts say U.S. companies need to take the increasing use of cyberwarfare tactics and tools very seriously.

Security Pros are hesitant to label Web attacks as "cyberterrorism" because of the volatile connotations of that phrase. But recent events in England and Russia point to an increased use of the Web to coordinate or launch such attacks aimed at cultural and political subversion.

A British court last week handed down prison sentences of up to 10 years to three Muslim men it called "cyber-jihadis" and convicted of using the Internet to urge Muslims to wage holy war on non-Muslims. And the U.S. Computer Emergency Readiness Team reported politically motivated cyberattacks in Russia. The Web site for Russia's United Civil Front, which is run by former chess champ turned political activist Garry Kasparov, experienced problems staying online, and malicious hackers tried to break into the main site of the Center for Journalism in Extreme Situations, says director Oleg Panfilo. He added that the sites of several organizations "engaged in the protection of human rights" also were exposed to hacker attacks.

InformationWeek Download

This type of cyberwarfare has been going on for months. The Web sites of Kommersant, a Russian newspaper, and the Echo of Moscow, a radio station, suffered significant denial-of-service attacks in early May for what the editor in chief of Kommersant's Web site speculated might be retaliation for the publication of a police interview with the expatriate billionaire Boris Berezovsky. Estonia's cyberinfrastructure was the target of extended DOS attacks in late April and early May.

These ''cyber-jihadis'' were convicted of inciting terrorists

These "cyber-jihadis" were convicted of inciting terrorists.
Electronic Jihad
Even the generally neutral Swiss government has found itself in the middle of the emerging struggle against cyberterrorism. Late last month, Swiss prosecutors charged a husband-and-wife team with running Web sites that supported terrorists by providing them with information on how to make bombs.

Similarly, the "Electronic Jihad Program," available via the jihadi Web site, is an application that users can install and use to target specific IP addresses for DOS attacks. The application includes a Windows-like interface that lets users choose from a list of target Web sites provided via the Al-jinan site, select an attack speed (weak, medium, or strong), and then click on the "attack" button.

The site was down late last week, but Al-jinan has been registered for about 4-1/2 years. Its domain name server registration features a number of contradictions that make tracing its origins difficult. Al-jinan's domain name server is being hosted by Ibtekarat, a Web hosting company based in Beirut. The site's registration information cites an address with a Los Angeles postal code, while listing the Egyptian city of Al Esmaeiliya as its "registrant city" and Iraq as its "registrant country."

Electronic jihad hasn't yet caused any major Web site disruptions, but the potential is there. "Jihadists are interested in taking down Web sites and disrupting economies that they don't like," says Dorothy Denning, a professor in the Department of Defense Analysis at the Naval Postgraduate School. "It's something to be taken seriously."

U.S. businesses would be greatly affected by large-scale cyberattacks because most of the country's critical infrastructure is run by companies in the private sector. The government and the U.S. business community "are one-in-the-same target," says Andrew Colarik, an information security consultant. Even businesses that don't run critical infrastructure elements would be affected because "there's a cascading effect if you attack the infrastructure," Colarik says.

While companies that operate critical infrastructure must be especially wary of Internet-based attacks, "everyone has to pay attention to security," Denning says. "There may be some businesses that say, 'No one will target us.' But electronic jihad will target anyone if it creates economic disruption. Whoever's vulnerable gets attacked."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
2017 State of IT Report
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends for 2018
As we enter a new year of technology planning, find out about the hot technologies organizations are using to advance their businesses and where the experts say IT is heading.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll