Author Topic: Cyber Jihad  (Read 14209 times)

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile
Cyber Jihad
« on: March 02, 2007, 10:01:52 PM »
Cyberspace as a combat zone: The phenomenon of Electronic Jihad

E. ALSHECH , THE JERUSALEM POST Feb. 28, 2007
Alongside military jihad, which has been gaining momentum and extracting an ever growing price from many countries around the globe, Islamists have been developing a new form of warfare, termed "electronic jihad," which is waged on the Internet. This new form of jihad was launched in recent years and is still in its early stages of development. However, as this paper will show, Islamists are fully aware of its destructive potential, and persistently strive to realize this potential.

Electronic jihad is a phenomenon whereby mujahideen use the Internet to wage economic and ideological warfare against their enemies. Unlike other hackers, those engaged in electronic jihad are united by a common strategy and ideology which are still in a process of formation.

This paper aims to present the phenomenon of electronic jihad and to characterize some of its more recent developments. It lays out the basic ideology and motivations of its perpetrators, describes, as far as possible, its various operational strategies, and assesses the short and long-term dangers posed by this relatively new phenomenon. The paper focuses on electronic jihad waged by organized Islamist groups that mobilize large numbers of hackers around the world to attack servers and Web sites owned by those whom they regard as their enemies.

Organized Electronic Jihad

In the past few years Islamist Web sites have provided ample evidence that Islamist hackers do not operate as isolated individuals, but carry out coordinated attacks against Web sites belonging to those whom they regard as their enemies. As evident from numerous postings on the Islamist Web sites, many of these coordinated attacks are organized by groups devoted to electronic jihad. Six prominent groups of this sort have emerged on the Internet over the past few years: Hackboy, Ansar Al-Jihad LilJihad Al-Electroni, Munazamat Fursan Al-Jihad Al-Electroni, Majmu'at Al-Jihad Al-Electroni, Majma' Al-Haker Al-Muslim, and Inhiyar AlDolar. All these groups, with the exception of Munazamat Fursan Al-Jihad and Inhiyar alDolar, have Web sites of their own through which they recruit volunteers to take part in electronic attacks, maintain contacts with others who engage in electronic jihad, coordinate their attacks, and enable their members to chat with one another anonymously.

The Majmu'at Al-Jihad Al-Electroni Web site, for example, includes the following sections: a document explaining the nature of electronic jihad, a section devoted to electronic jihad strategy, a technical section on software used for electronic attacks, a section describing previous attacks and their results, and various appeals to Muslims, mujahideen, and hackers worldwide.

A more recent indication of the increasingly organized nature of electronic jihad is an initiative launched January 3, 2007 on Islamist Web sites: mujahideen operating on the Internet (and in the media in general) were invited to sign a special pact called "Hilf Al-Muhajirin" (Pact of the Immigrants). In it, they agree "to stand united under the banner of the Muhajirun Brigades in order to promote [cyber-warfare]," and "to pledge allegiance to the leader [of the Muhajirun Brigades]." They vow to "obey [the leader] in [all tasks], pleasant or unpleasant, not to contest [his] leadership, to exert every conceivable effort in [waging] media jihad...[and to persist] in attacking those websites which do harm to Islam and to the Muslims..."

This initiative clearly indicates that the Islamist hackers no longer regard themselves as loosely connected individual activists, but as dedicated soldiers who are bound by a pact and committed to a joint ideological mission.

The Ideology and Ethical Boundaries of Electronic Jihad

Mission statements posted on the Web sites of electronic jihad groups reveal that just like the mujahideen on the military front, the mujahideen operating on the Internet are motivated by profound ideological conviction.

They despise hackers who "engage in purposeless and meaningless sabotage" or are motivated by desire for publicity or by any other worldly objective. They perceive themselves as jihad-fighters who assist Islam and promote (monotheism) via the Internet.

More importantly, they view cyberspace as a virtual battlefield in which the mujahideen can effectively defeat the West.

That the mujahideen operating in cyberspace are motivated by ideology, in contrast to many hackers, is illustrated by the following example. Recently, a participant on an Islamist forum posted instructions for breaking into a UK-based commercial Web site and stealing the customers' credit card information in order to inflict financial damage on the "unbelievers" (i.e. on the non-Muslims customers and retailers). His initiative sparked a fierce debate among the forum participants, the dominant opinion being that this initiative falls outside the boundaries of legitimate cyberjihad. One forum participant wrote: "Oh brother, we do not steal... We attack racist, American and Shi'ite [websites] and all corrupt websites." Another participant reminded the forum members that stealing from unbelievers is forbidden.

One objective of electronic jihad which is frequently evoked by the mujahideen is assisting Islam by attacking Web sites that slander Islam or launch attacks against Islamic Web sites, or by attacking websites that interfere with the goal of rendering Islam supreme (e.g. Christian Web sites). More recently, however, the mujahideen have begun to cite additional objectives: avenging the death of Muslim martyrs and the suffering of Muslims worldwide (including imprisoned jihad fighters); inflicting damage on Western economy; affecting the morale of the West; and even bringing about the total collapse of the West.

The following excerpts from Arabic messages posted by Islamist hackers exemplify each of these objectives.

Eliminating Websites That Harm Islam

"The administration wishes to inform you of the following so that you understand our operational methods and our jihad strategy. My brothers, our operational methods are not only to assault... and target any website that stands in the way of our victory... We are indeed victorious when we disable such [harmful] websites, but the matter is not so simple. We target...websites that wage intensive war [against us]... We target them because they are the foremost enemies of jihad in cyberspace; their existence threatens Islamic and religious websites throughout the Internet..."

Avenging the Death of Martyrs and the Suffering of Muslims and Imprisoned Mujahideen Worldwide

"We shall say to the Crusaders and their followers: We take an oath to avenge the martyrs' blood and the weeping of Muslim mothers and children. The Worshipers of the Cross and their followers have already been warned that their websites may be broken into and destroyed. We must not forget our leaders, our mujahideen, our people and our children who were martyred in Palestine, Iraq, Afghanistan, Chechnya and in other places. We shall take revenge upon you, O' Zionists and Worshipers of the Cross. We shall never rest or forget what you did to us. [There are only two options] in electronic jihad for the sake of Allah: Victory or death.

We dedicate these [operations of] hacking [into enemy websites] to the martyr and jihadfighter sheikh Abu Mus'ab Al-Zarqawi, to the jihad-fighter Sheikh Osama bin Laden, to the imprisoned fighter of electronic jihad Irhabi 007, to the fighter of electronic jihad Muhibb Al-Shaykhan and to all the mujahideen for the sake of Allah..."

Inflicting Economic Damage on the West and Damaging its Morale

"Allah has commanded us in various Koranic verses to wage war against the unbelievers... Electronic jihad utilizes methods and means which inflict great material damage on the enemy and [which also] lower his morale and his spirits via the Internet. The methods of [hacking] have been revealed [to us] by expert [hackers] on the Internet and networks... many of whom engage in purposeless and meaningless sabotage. These lethal methods will be harnessed [for use] against our enemies, so as to inflict the greatest [possible] financial damage [upon them] - which can amount to millions - and [in order] to damage [their] morale, so that [they] will be afraid of the Muslims wherever they go and even when they are surfing the Web."

Bringing About the Total Collapse of the West

"I have examined most of the material [available] in hacking manuals but have not found articles which discuss... how to disable all the [electronic] networks around the world. I found various articles which discuss how to attack websites, e-mails, servers, etc., but I have not read anything about harming or blocking the networks around the world, even though this is one of the most important topics for a hacker and for anyone who engages in electronic jihad. Such [an attack] will cripple the West completely. I am not talking about attacking websites or [even] the Internet [as a whole], but [about attacking] all the [computer] networks around the world including military networks, and [networks] which control radars, missiles and communications around the world... If all these networks stop [functioning even] for a single day... it will bring about the total collapse of the West... while affecting our interests only slightly. The collapse of the West will bring about the breakdown of world economy and of the stock markets, which depend on [electronic] communication [for] their activities, [e.g.] transfers of assets and shares. [Such an attack] will cause the capitalist West to collapse."

Actual Attacks and Their Effects

Reports on Islamist Web sites indicate that most of the hacking operations carried out by mujahideen have been aimed at three types of Web sites: a) Ideological Web sites which promote beliefs, doctrines and ideologies which the mujahideen perceive as incompatible with Sunni Islam, such as Christianity, Shi'ism and Zionism. b) Web sites which the mujahideen perceive as defamatory or harmful to Islam. Many of these are private blogs, news blogs and non-Islamic forums (e.g., http://answering-islam.org.uk ). c) Web sites which promote behavior that is contrary to the mujahideen's religious worldview (e.g., http://www.nscrush.org/news/journal, a Web site associated with a girls' sports team).

As for Web sites associated with governments, defense systems, and Western economic interests - Islamist Web sites present little or no evidence that mujahideen have actually attacked them. There is, however, sufficient evidence to suggest that such sensitive targets continue to be of intense interest to the mujahideen. For example, an Islamist forum recently conducted a survey among its participants regarding the targets they would like to attack. Among the targets suggested were Western financial Web sites and Web sites associated with the FBI and CIA. Moreover, in September 2006, an Islamic Web site posted a long list of IP addresses allegedly associated with key governmental defense institutions in the West, including "the Army Ballistics Research Laboratory," "the Army Armament Research Development and Engineering Center," "the Navy Computers and Telecommunications Station," "the National Space Development Agency of Japan," and others. The title of the message indicates that the list is meant for use in electronic attacks.

Another message, posted on an Islamist Web site on December 5, 2006, stated that Islamist hackers had cancelled a planned attack, nicknamed "The Electronic Guantanamo Raid," against American banks. The posting explained that the attack had been cancelled because the banks had been warned about the attack by American media and government agencies. It stated further that the panic in the media shows how important it is "to focus on attacking sensitive economic American websites [instead of] other [websites, like those that offend Islam]..." The writer added: "If [we] attack websites associated with the stock[market] and with banks, disabling them for a few days or even for a few hours, it will cause millions of dollars' worth of damage... I [therefore] call upon all members [of this forum] to focus on these websites and to urge all Muslims who are able to participate in this [type of] Islamic Intifada to attack websites associated with the American stock[market] and banks..."

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile
Re: Cyber Jihad: Part Two
« Reply #1 on: March 02, 2007, 10:03:14 PM »
Attack Strategies

A General Call to Participate in a Virus Attack

Postings on Islamist Web sites reveal that the cyberspace mujahideen favor two main strategies. The first is to paralyze sites by "swarming," i.e., flooding them with hits and thus creating a traffic overload. When traffic to the site exceeds the Web site's or server's capacity, the site is blocked to additional users, and in some cases it even crashes. The second strategy is called "ping attack": special programs are used to flood a Web site with thousands of emails, sometimes containing viruses, thus clogging the Web site and infecting it. The programs utilized by mujahideen in these attacks are either programs available to the hacker community at large or programs created especially for Islamist hackers.

Reports posted by the mujahideen after attacks on Web sites indicate that these cyberassaults affect the Web sites only temporarily, if at all. In many cases the mujahideen themselves admit that their attack was ineffective and that the Web site returned to normal functioning only minutes or hours after the attack. In light of this, the mujhahideen often resort to another method in an attempt to completely eliminate the targeted site.

An Islamist hacker explained the method as follows: "We contact... the server [which hosts the target website] before and after the assault, and threaten [the server admin] until they shut down the target website. [In such cases], the 'host' [i.e., server] is usually forced to shut down the website. The battle continues until the enemy declares: 'I surrender.'"

Islamist Web sites present very little evidence of more sophisticated attacks utilizing actual hacking techniques (i.e., obtaining the admin password and using admin privileges to corrupt data or damage the server itself).

However, two examples do indicate that the cyberspace mujahideen may possess the capability to carry out such attacks. On October 17, 2006, an Islamist Web site posted a message containing a link to what appeared to be live pictures of Anchorage International Airport taken by the airport's security cameras. There was also a link to an admin control program allowing surfers to control the airport's security cameras. If this was an authentic break-in, it indicates that Muslim hackers are capable of hacking even into highly secure servers.

Another example which illustrates the extent of the mujahideen's hacking skills is the story of 22-year-old Younis Tsouli from West London, better know as Irhabi 007, who was arrested in 2005 by Scotland Yard. In his short but rich hacking career, Irahbi 007 wrote a hacking manual for mujahideen, instructed Islamist hackers online, and broke into servers of American universities, using them to upload shared files containing jihad-related materials.

Coordination of Attacks

Islamist Web sites provide extensive evidence that Islamist cyber-attacks are not random initiatives by individual mujahideen, but are steadily becoming more coordinated. Firstly, announcements of imminent attacks, which appear almost daily, are posted on numerous sites simultaneously. Participants are instructed to look out for postings specifying the time of attack, the URL of the target (usually posted some 30 minutes before the attack itself) and the program to be used for carrying out the attack. Secondly, before the attacks, Web sites have lately begun to post messages addressed to specific individuals referred to as "attack coordinators," each of whom is associated with a specific Islamist site. Finally, there is a significant increase in response to the calls for participation in electronic attacks.

Recently, for example, a message announcing an attack on a Shi'ite Web site received 15,000 hits, and approximately 3,000 forum members responded to the message. The attacks, then, seem to be well-organized and supervised by a network of specially appointed individuals on various sites, and they appear to generate high participation levels among forum members.

The following three examples demonstrate the coordinated nature of the attacks.

Instructions for Attack Coordinators

On December 21, 2006, the Al-Muhajirun Web site posted the following message regarding a planned attack: "Our attack will take place this coming Friday... I remind you that the name of the program to be used will not be posted until half an hour to an hour before the attack... Attack coordinators, you worked hard last week... and I ask you to display the same zeal in this [upcoming] attack. I ask [each] individual who intends to serve as attack coordinator on [his] website to reply [to this posting with the message]: "I will be the attack coordinator for this network..." [The coordinator] will be responsible for the following: ...urging forum participants [to take part in the attack], while [taking care] not to mention names of 'Hilf Al-Muhajirin' members and the names of those who take part in the attack... [The coordinators] must be online at least one full hour before the attack... in order to post links to the programs that will be used and to the [intended target] websites. [They are also] responsible for posting the code-name of the attack, along with the text shown below [which presents some general information about the attack]... "

Announcement of a Ping Attack Against a Web site That Harms Islam

The following message was posted November 23, 2006 on the website Majmu'at Al-Jihad Al-Electroni: "...An attack is about to be carried out by all the Internet mujahideen, may Allah accept it as jihad for His sake... [The targets are] websites that do harm to Islam... The attacks will take place on Saturday, Monday, and Thursday, between 6:00 p.m. and 10:00 p.m., Mecca time, or between 5:00 p.m. and 9:00 p.m. Jerusalem time... The primary [computer] program to be used is Al-Jihad Al-Electroni 1.5... We have been able to create a better version of the [program]... and eliminate most of the problems that were encountered by members [in the past]. [The new version] is much lighter and is capable of producing a much more powerful attack..." "This action is a rapid [response] to [a website] that has annoyed us. This is war... Who is with me and who is against me? Allah is with me... and the Crusader Jew and his followers... are against me. I have... uploaded three viruses and a file which can disable firewalls. I will inform you of the time of the attacks... Whoever wishes to participate in the raid should download the virus he wishes to use and [then] send it [to the target]... I ask that before you do anything on the Internet... my mujahid brother, [please] place your trust in Allah."

Electronic Jihad: A Nuisance or a Real Threat?

The evidence presented here shows that electronic jihad is a form of cyber-warfare with ideological underpinnings and defined goals, which manifests in well-coordinated cyber-attacks. Examination of the Web sites reveals that the Islamist hackers maintain constant communication among themselves, share software and expertise and conduct debates on strategy and legitimate targets. There is also evidence of increasingly efficient coordination of attacks. The mujahideen's own statements show that they mean to position themselves as a formidable electronic attack force which is capable of inflicting severe damage - greater even than the damage caused by conventional terror-ist attacks.

At the same time, however, the information presented here reveals a significant gap between the mujahideen's aspirations and their actual capabilities. Despite their selfproclaimed intention to target key economic and government systems and Web sites in order to bring about a total economic collapse of the West, Islamist Web sites provide no evidence that such targets have indeed been attacked. In actuality, most of the attacks documented on Islamist Web sites were aimed at sites that are seen by the mujahideen as morally corrupt or offensive to Islam. In addition, most of the attacks were carried out using unsophisticated methods which are not very likely to pose a significant threat to Western economic interests or sensitive infrastructure. In this respect, electronic jihad can still be seen, at least present, as a nuisance rather than a serious threat.

Nevertheless, it is important not to underestimate the potential danger posed by this phenomenon. First, as shown above, at least two examples indicate that the mujahideen are already capable of compromising servers, even highly secure ones. Given the increasing communication and the constant sharing of expertise among Islamist hackers, the gap between their goals and their actual capabilities is bound to narrow down. In other words, the mujahideen's persistent pursuit of expertise in the area of hacking, as reflected in numerous Web site postings, may eventually enable them to compromise Western Web sites of a highly sensitive nature.

Second, past experience has shown that even primitive attacks, which do not damage servers, can cause substantial financial damage. For example, after a midair collision between a Chinese fighter jet and an American spy plane on April 1, 2001, Chinese hackers spread a malicious "worm," known as the "Code Red Worm," which infected about a million US servers in July 2001 and caused some $2.6 billion worth of damage to computer hardware, software, and networks. On another occasion, a ping attack against the retail giants Yahoo, eBay, and Amazon in February 2000 was estimated to have caused Yahoo alone a loss of $500,000 due a decrease in hits during the attack.

In conclusion, electronic jihad, in its current state of development, is capable of causing some moderate damage to Western economy, but there is no indication that it constitutes an immediate threat to more sensitive interests such as defense systems and other crucial infrastructure. Nevertheless, in light of rapid evolving of this phenomenon, especially during the recent months, the Western countries should monitor it closely in order to track the changes in its modes of operation and the steady increase in its sophistication.

The author is director of MEMRI's Jihad and Terrorism Studies Project


This article can also be read at http://www.jpost.com/servlet/Satellite?cid=117189453751...JPArticle%2FShowFull

"We're all going to die, but three of us are going to do something"--Tom Burnett, citizen-warrior KIA 9/11/01 engaging the enemy on Flight 93

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile
Re: Cyber Jihad
« Reply #2 on: March 02, 2007, 10:05:35 PM »
 U.S. INTELLIGENCE OFFICER FOR IRAQ AND AFGHANISTAN SAYS INTERNET IS TERRORISTS' BIGGEST RECRUITING TOOL
Fri Mar 2 2007 14:11:05 ET

America's top intelligence officer overseeing Iraq and Afghanistan says terrorists have made the Internet their most important recruiting tool. Brig. Gen. John Custer tells Scott Pelley that terrorist groups like Al Qaeda are influencing Islamic youth to join their cause through Websites devoted to jihad, or religious war. Pelley's report will be broadcast on 60 MINUTES Sunday, March 4 (7:00-8:00 PM, ET/PT) on the CBS Television Network.

"I see 16, 17-yr.-olds who have been indoctrinated on the Internet turn up on the battlefield. We capture them, we kill them every day in Iraq, in Afghanistan,"says Custer. "Without a doubt, the Internet is the single-most important venue for the radicalization of Islamic youth," he tells Pelley.

Potential recruits can be lured to sites that offer news or information that contain links to other sites featuring violence against people the terrorists say are enemies of Islam. Those sites often show American soldiers being killed and military vehicles blown up, as well as journalists and contractors being murdered or shown in captivity. Custer says the sites can convince potential recruits that American soldiers are on the run. "It's a war of perceptionsÉ.They don't have to win on the tactical battlefield. They never will. No platoon has ever been defeated in Afghanistan or Iraq, but it doesn't matter."

The sites also provide religious justification for waging a holy war and celebrate suicide bombers by showing their farewell videos and depicting them enshrined in heaven. Chat rooms and message boards also play a role, manipulating visitors with religious guilt. Ultimately, the terrorists are trying to hijack Islam says Stephen Ulph, an expert on militant Islam and a consultant to West Point from the Jamestown Foundation. "[The terrorists] say 'You're not a proper Muslim, nor are your parents.' Very important implication here. If your parents aren't proper Muslims and if the sheik of a mosque isn't a proper Muslim, What are you doing obeying them?" says Ulph.

The Internet allows terrorists to use increasingly sophisticated methods, such as music videos distributed by media organizations, to reach more potential recruits with more effective messages. "Now they are able to distribute... anything they want anywhere they want. This is unheard of in history," says Ulph. "We're witnessing this ideological war on our own desktops."

To Custer, it's the end of conventional war. "Can you imagine thousands of tanks on a battlefield now? I can't,"he tells Pelley. "It's a different type of warfare. It's a battle of perceptions and Al Qaeda understands it and America needs to understand it."

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile
Stratfor: Fanning the flames of Jihad
« Reply #4 on: July 22, 2010, 02:51:38 AM »
Fanning the Flames of Jihad
July 22, 2010




By Scott Stewart

On July 11, 2010, al-Malahim Media, the media arm of al Qaeda in the Arabian Peninsula (AQAP), published the first edition of its new English-language online magazine “Inspire.” The group had tried to release the magazine in late June, but for some reason — whether a technical glitch, virus (as rumored on some of the jihadist message boards) or cyberattack — most of the initial file released was unreadable.

The magazine was produced by someone who has a moderate amount of technological savvy, who speaks English well and who uses a lot of American idioms and phraseology. We did not note any hint of British or South Asian influence in the writing. A government source has suggested to us (and we have seen the claim repeated in the media) that Inspire was produced by a U.S citizen who was born in Saudi Arabia named Samir Khan. Khan is a well-known cyber-jihadist — indeed, The New York Times did an excellent story on Khan in October 2007. Given Khan’s background, history of publishing English-language jihadist material and the fact that he reportedly left the United States for Yemen in 2009 and has not returned, it does seem plausible that he is the driving force behind Inspire.

The magazine contains previously published material from Osama bin Laden, Ayman al-Zawahiri, Abu Musab al-Suri and Anwar al-Awlaki. While it also contains new material, this material, especially from al-Awlaki and AQAP leader Nasir al-Wahayshi (aka Abu Bashir), is consistent with their previously published statements. One of the messages by al-Awlaki featured in Inspire, “A Message to the American People,” was previously released to CNN and reissued by al-Malahim on the Internet July 19, almost as if to validate Inspire. Even though the way in which some of the material in Inspire is presented is quite elementary, and could lead some to believe the magazine might be a spoof, we have found no analytical reason to doubt its authenticity.

Presentation aside, the material is quite consistent with what we have seen released by al-Malahim media in its Arabic-language materials over many months. When closely examined, the inaugural issue of Inspire provides a good gauge of AQAP’s thought and suggests the general direction of the broader jihadist movement.


Inspiration

In a letter from the editor appearing at the beginning of the magazine, the purpose of Inspire is clearly laid out: “This magazine is geared towards making the Muslim a mujahid.” The editor also clearly states that Inspire is an effort by al-Malahim Media to reach out to, radicalize and train the millions of English-speaking Muslims in the West, Africa, South Asia and Southeast Asia.

Inspire does not represent any sort of major breakthrough in jihadist communication. English-language jihadist material has been available on the Internet since the early 1990s on sites such as Azzam.com, and jihadists have released other magazines directly targeting English-speaking audiences. What is remarkable about Inspire is that it was released by al-Malahim and AQAP. Within the jihadist movement, AQAP has assumed the vanguard position on the physical battlefield over the past year with links to several attacks or attempted attacks in the West. AQAP has also been frequently mentioned in Western media over the past several months, and it appears that al-Malahim is trying to exploit that notoriety in order to get the attention of English-speaking Muslims.

Regarding AQAP’s links to recent attacks, Inspire follows the trend of AQAP publications and leaders in recent months in praising Fort Hood shooter Maj. Nidal Hasan and failed Christmas Day bomber Umar Farouk Abdulmutallab and lifting them up as examples for all jihadists to follow. “We call on every Muslim who feels any jealousy for their religious beliefs to expel the polytheists from the Arabian Peninsula, by killing all of the crusaders working in embassies or otherwise, and to declare war against the crusaders in the land of the Prophet Muhammad — peace be upon him — on the ground, sea and air. And we call on every soldier working in the crusader armies and puppet governments to repent to Allah and follow the example of the heroic mujahid brother Nidal Hassan [sic]; to stand up and kill all the crusaders by all means available to him.…”

In the article discussing Abdulmutallab, the author again brags about the manufacturing of the improvised explosive device used in the Christmas Day attack even though that device, like the one used in the assassination attempt against Saudi Deputy Interior Minister Prince Mohammed bin Nayef, failed to achieve the objective. “The mujahidin brothers in the manufacturing department managed with the grace of Allah to make an advanced bomb. The bomb had been tested and proven effective as it has passed through the detector ports. The martyrdom bomber managed with the grace of Allah to reach his target, but due to a technical glitch, the bomb did not explode completely; and we will continue on our path until we get what we want….” This statement would seem to indicate that if AQAP is able to recruit a willing suicide bomber who is able to travel to the West, they will again attempt to attack an airliner using a similar device.

Airliners remain vulnerable to such attacks. STRATFOR has previously noted when discussing AQAP and its innovative IED designs, there are many ways to smuggle IED components on board an aircraft if a person has a little imagination and access to explosives. As we wrote in September 2009, three months before the Christmas Day bomber’s attempted attack, efforts to improve technical methods to locate IED components must not be abandoned, but the existing vulnerabilities in airport screening systems demonstrate that an emphasis needs to be placed not only on finding the bomb but also on finding the bomber.

Throughout the magazine, articles criticize the U.S. operations in Afghanistan, Iraq and Yemen; Saudi operations against jihadists; the burqa ban in Europe and even global warming — Inspire carried a reproduction of a statement purportedly authored by Osama bin Laden earlier this year titled “The Way to Save the Earth” that criticizes U.S. policy regarding climate change and calls for economic jihad against the United States.

The magazine also contained a portion of a previously-released message titled “From Kabul to Mogadishu” by al Qaeda second-in-command Ayman al-Zawahiri that encouraged the people of Yemen to join al Qaeda in its global struggle. It only quoted a part of the original message that pertained to Yemen and omitted portions that pertained to other locations.


AQAP Revealed

In addition to the recycled content from al Qaeda’s core leadership, Inspire also contains quite a bit of new and interesting content from AQAP’s military and theological leaders. An interview with AQAP leader Nasir al-Wahayshi provided al-Wahayshi the opportunity to reinforce several points he has been making for months now regarding his call for jihadists to conduct simple attacks using readily available weapons. “My advice to my Muslim brothers in the West is to acquire weapons and learn methods of war. They are living in a place where they can cause great harm to the enemy and where they can support the Messenger of Allah.” Al-Wahayshi continued “…a man with his knife, a man with his gun, a man with his rifle, a man with his bomb, by learning how to design explosive devices, by burning down forests and buildings, or by running over them with your cars and trucks. The means of harming them are many so seek assistance from Allah and do not be weak and you will find a way.”

This call was echoed by Adam Gadahn in March 2010 when the American-born spokesman for al Qaeda prime advised jihadists to strike targets that were close to them with simple assaults and urged his audience to not “wait for tomorrow to do what can be done today, and don’t wait for others to do what you can do yourself.”

These calls are part of a move toward a leaderless resistance model of jihadism that has accompanied the devolution of the jihadist threat from one based on al Qaeda the group to a broader threat based primarily on al Qaeda franchises and the wider jihadist movement. (STRATFOR is currently putting the finishing touches on a book that details our coverage of this devolutionary process since 2004.) With this shift, more attacks such as the Times Square bombing attempt, the Fort Hood shooting and the June 1, 2009, Little Rock shootings can be anticipated.

In an effort to provide training in terrorist tradecraft to such grassroots and lone-wolf jihadists, Inspire contains a section called “Open Source Jihad,” which is the term that AQAP uses to refer to leaderless resistance. This section is intended to serve as “a resource manual for those who loathe tyrants.” The material is intended to allow “Muslims to train at home instead of risking a dangerous travel abroad,” and one part exclaims, “Look no further, the open source jihad is now at hand’s reach.” The section also contains a lengthy step-by-step guide to constructing simple pipe bombs with electronic timers, bearing the rhymed title “Make a Bomb in the Kitchen of Your Mom.” The images of New York City contained in this section serve as a reminder of the importance New York holds in jihadist thought as a target. Such rudimentary improvised explosive devices are unlikely to cause mass casualties, but like the pipe bombs employed by Eric Rudolph, they could prove deadly on a small scale if they are employed effectively.

When considering this concept of leaderless resistance and of using publications like Inspire to train aspiring jihadists, it is important to remember that this type of instruction has only a limited effectiveness and that there are many elements of terrorist tradecraft that cannot be learned by merely reading about them. In other words, while the jihadist threat may be broadening in one way, it is also becoming less severe, because it is increasingly emanating from actors who do not possess the skill of professional terrorist operatives and who lack the ability to conduct complex and spectacular attacks.


Cartoon Controversy

One of the other features in Inspire is an article by Anwar al-Awlaki, the American-born Yemeni cleric who has been linked to Nidal Hasan, Umar Farouk Abdulmutallab, Faisal Shahzad and two of the 9/11 hijackers. In his article, titled “May Our Souls be Sacrificed for You,” al-Awlaki focuses on the controversy that arose over the cartoons of the Prophet Mohammed that first appeared in 2005. Although the cartoons were published nearly five years ago, the jihadists have not allowed the issue to die down. To date, the jihadist response to the cartoons has resulted in riots, arsons, deaths, the 2008 bombing of the Danish Embassy in Islamabad and an attack in January 2010 in which a man armed with an axe and knife broke into the home of Jyllands-Posten newspaper cartoonist Kurt Westergaard in Denmark and allegedly tried to kill him. The Kashmiri militant group Harkat-ul-Jihad e-Islami (HUJI) also dispatched American operative David Headley to Denmark on two occasions to plan attacks against Jyllands-Posten and Westergaard in what HUJI called “Operation Mickey Mouse.”

In his Inspire article, al-Awlaki states, “If you have the right to slander the Messenger of Allah, we have the right to defend him. If it is part of your freedom of speech to defame Muhammad it is part of our religion to fight you.” Al-Awlaki continues: “This effort, the effort of defending the Messenger of Allah, should not be limited to a particular group of Muslims such as the mujahidin but should be the effort of the ummah, the entire ummah.” He also referred to a 2008 lecture he gave regarding the cartoon issue titled “The Dust Will Never Settle Down” and notes that, “Today, two years later, the dust still hasn’t settled down. In fact the dust cloud is only getting bigger.” He adds that “Assassinations, bombings, and acts of arson are all legitimate forms of revenge against a system that relishes the sacrilege of Islam in the name of freedom.”

Inspire also features a “hit list” that includes the names of people like Westergaard who were involved in the cartoon controversy as well as other targets such as Dutch politician Geert Wilders, who produced the controversial film Fitna in 2008; Ayaan Hirsi Ali, who wrote the screenplay for the movie Submission (filmmaker Theo Van Gogh, the director of Submission, was murdered by a jihadist in November 2004); and Salman Rushdie, author of the book The Satanic Verses. Most of these individuals have appeared on previous jihadist hit lists. A new notable addition was American cartoonist Molly Norris, who was added due to her idea to have a day where “everybody draws Mohammed.” Norris made her suggestion in response to threats against the irreverent animated television program South Park by Muslims over a brief scene in an episode that lampooned the Prophet. Comedy Central censored the South Park episode featuring Mohammed because of the threats, provoking Norris’s suggestion.

Al-Awlaki and AQAP appear to believe they can use the anger over the Mohammed cartoons to help them inspire Muslims to conduct attacks. In this edition of Inspire, they are clearly attempting to fan the flames to ensure that the dust will not settle down. They are also seeking to train these radicalized individuals to kill people, although, as we note above, that is a difficult task to do remotely over the Internet.

One other thing the magazine seeks to accomplish is to help make the jihadist training experience better for English speakers who seek to travel to jihadist training camps abroad. There have been anecdotal reports of Westerners who have traveled to get training and who have not had positive experiences during the process — and of at least one Somali-American who was executed after expressing his desire to leave an al Shabaab training camp and return home. In light of this problem, AQAP includes an article in Inspire titled “What to Expect in Jihad” and designed to reduce the “confusion, shock and depression” that can be experienced by trainees at such camps. The article also provides a list of things to bring to the training camp, including a friend to help ease the loneliness, and recommends that aspiring jihadists learn the local language.

The time and effort that AQAP put into this first issue of Inspire, and the support the magazine apparently receives from important AQAP figures such as al-Wahayshi and al-Awlaki, are strong indicators of the group’s intent to support leaderless resistance as a way to attack the West, something AQAP has had some difficulty doing itself.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile
Re: Cyber Jihad
« Reply #7 on: April 10, 2011, 10:34:48 AM »
Certainly not impossible, but also is it not possible that it builds connections and goodwill with the young-aspiring-to-civilization-ver-barbarism portion of the mideast?

G M

  • Power User
  • ***
  • Posts: 26643
    • View Profile
Re: Cyber Jihad
« Reply #8 on: April 10, 2011, 10:40:20 AM »
If the modernizing-twitter generation ever gains enough momentum to challenge the status quo, they'll be imprisoned/killed. Meanwhile, the jihadists will use them to slide into power. See Egypt as an example.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile
WSJ: Iranian disconnect
« Reply #9 on: May 30, 2011, 04:44:56 PM »



CHRISTOPHER RHOADS and FARNAZ FASSIHI
 
Andres Gonzalez for The Wall Street Journal
 
An Iranian engineer who helped design and run the country's Internet filters says he subtly undermined some censorship until fleeing into exile

Iran is taking steps toward an aggressive new form of censorship: a so-called national Internet that could, in effect, disconnect Iranian cyberspace from the rest of the world.

The leadership in Iran sees the project as a way to end the fight for control of the Internet, according to observers of Iranian policy inside and outside the country. Iran, already among the most sophisticated nations in online censoring, also promotes its national Internet as a cost-saving measure for consumers and as a way to uphold Islamic moral codes.

In February, as pro-democracy protests spread rapidly across the Middle East and North Africa, Reza Bagheri Asl, director of the telecommunication ministry's research institute, told an Iranian news agency that soon 60% of the nation's homes and businesses would be on the new, internal network. Within two years it would extend to the entire country, he said.

 .The unusual initiative appears part of a broader effort to confront what the regime now considers a major threat: an online invasion of Western ideas, culture and influence, primarily originating from the U.S. In recent speeches, Iran's Supreme Leader Ayatollah Ali Khamenei and other top officials have called this emerging conflict the "soft war."

On Friday, new reports emerged in the local press that Iran also intends to roll out its own computer operating system in coming months to replace Microsoft Corp.'s Windows. The development, which couldn't be independently confirmed, was attributed to Reza Taghipour, Iran's communication minister.

Iran's national Internet will be "a genuinely halal network, aimed at Muslims on an ethical and moral level," Ali Aghamohammadi, Iran's head of economic affairs, said recently according to a state-run news service. Halal means compliant with Islamic law.

Mr. Aghamohammadi said the new network would at first operate in parallel to the normal Internet—banks, government ministries and large companies would continue to have access to the regular Internet. Eventually, he said, the national network could replace the global Internet in Iran, as well as in other Muslim countries.

A spokesman for Iran's mission to the United Nations declined to comment further, saying the matter is a "technical question about the scientific progress of the country."

There are many obstacles. Even for a country isolated economically from the West by sanctions, the Internet is an important business tool. Limiting access could hinder investment from Russia, China and other trading partners. There's also the matter of having the expertise and resources for creating Iranian equivalents of popular search engines and websites, like Google.

Few think that Iran could completely cut its links to the wider Internet. But it could move toward a dual-Internet structure used in a few other countries with repressive regimes.


.Myanmar said last October that public Internet connections would run through a separate system controlled and monitored by a new government company, accessing theoretically just Myanmar content. It's introducing alternatives to popular websites including an email service, called Ymail, as a replacement for Google Inc.'s Gmail.

Cuba, too, has what amounts to two Internets—one that connects to the outside world for tourists and government officials, and the other a closed and monitored network, with limited access, for public use. North Korea is taking its first tentative steps into cyberspace with a similar dual network, though with far fewer people on a much more rudimentary system.

Iran has a developed Internet culture, and blogs play a prominent role—even President Mahmoud Ahmadinejad has one.

Though estimates vary, about 11 of every 100 Iranians are online, according to the International Telecommunication Union, among the highest percentages among comparable countries in the region. Because of this, during the protests following 2009's controversial presidential election, the world was able to follow events on the ground nearly live, through video and images circulated on Twitter, Facebook and elsewhere.

"It might not be possible to cut off Iran and put it in a box," said Fred Petrossian, who fled Iran in the 1990s and is now online editor of Radio Farda, which is Free Europe/Radio Liberty's Iranian news service. "But it's what they're working on."

The discovery last year of the sophisticated "Stuxnet" computer worm that apparently disrupted Iran's nuclear program has added urgency to the Internet initiative, Iran watchers say. Iran believes the Stuxnet attack was orchestrated by Israel and the U.S.

"The regime no longer fears a physical attack from the West," said Mahmood Enayat, director of the Iran media program at the University of Pennsylvania's Annenberg School of Communications. "It still thinks the West wants to take over Iran, but through the Internet."

The U.S. State Department's funding of tools to circumvent Internet censorship, and Secretary of State Hillary Clinton's recent speeches advocating Internet freedom, have reinforced Iran's perceptions, these people said.

Iran got connected to the Internet in the early 1990s, making it the first Muslim nation in the Middle East online, and the second in the region behind Israel. Young, educated and largely centered in cities, Iranians embraced the new technology.

Authorities first encouraged Internet use, seeing it as a way to spread Islamic and revolutionary ideology and to support science and technology research. Hundreds of private Internet service providers emerged. Nearly all of them connected through Data Communications Iran, or DCI, the Internet arm of the state telecommunications monopoly.

The mood changed in the late 1990s, when Islamic hardliners pushed back against the more open policies of then-president Mohammad Khatami. The subsequent shuttering of dozens of so-called reformist newspapers had the unintended effect of triggering the explosion of the Iranian blogosphere. Journalists who had lost their jobs went online. Readers followed.

Authorities struck back. In 2003, officials announced plans to block more than 15,000 websites, according to a report by the OpenNet Initiative, a collaboration of several Western universities. The regime began arresting bloggers.

Iran tried to shore up its cyber defenses in other ways, including upgrading its filtering system, for the first time using only Iranian technology. Until around 2007, the country had relied on filtering gear from U.S. companies, obtained through third countries and sometimes involving pirated versions, including Secure Computing Corp.'s SmartFilter, as well as products from Juniper Networks Inc. and Fortinet Inc., according to Iranian engineers familiar with with the filtering.

Such products are designed primarily to combat malware and viruses, but can be used to block other things, such as websites. Iranian officials several years ago designed their own filtering system—based on what they learned from the illegally obtained U.S. products—so they could service and upgrade it on their own, according to the Iranian engineers.

A Fortinet spokesman said he was unaware of any company products in Iran, adding that the company doesn't sell to embargoed countries, nor do its resellers. McAfee Inc., which owns Secure Computing, said no contract or support was provided to Iran. Intel Corp. recently bought McAfee, which added that it can now disable its technology obtained by embargoed countries. A Juniper spokesman said the company has a "strict policy of compliance with U.S. export law," and hasn't sold products to Iran.

The notion of an Iran-only Internet emerged in 2005 when Mr. Ahmadinejad became president. Officials experimented with pilot programs using a closed network serving more than 3,000 Iranian public schools as well as 400 local offices of the education ministry.

The government in 2008 allocated $1 billion to continue building the needed infrastructure. "The national Internet will not limit access for users," Abdolmajid Riazi, then-deputy director of communication technology in the ministry of telecommunications, said of the project that year. "It will instead empower Iran and protect its society from cultural invasion and threats."

Iran's government has also argued that an Iranian Internet would be cheaper for users. Replacing international data traffic with domestic traffic could cut down on hefty international telecom costs.

The widespread violence following Iran's deeply divisive presidential election in June 2009 exposed the limits of Iran's Internet control—strengthening the case for replacing the normal Internet with a closed, domestic version. In one of the most dramatic moments of the crisis, video showing the apparent shooting death of a female student, Neda Agha-Soltan, circulated globally and nearly in real time.

More Censorship Inc.
U.S. Products Help Block Mideast Web (03/28/2011)
.Some of the holes in Iran's Internet security blanket were punched by sympathetic people working within it. According to one former engineer at DCI, the government Internet company, during the 2009 protests he would block some prohibited websites only partially—letting traffic through to the outside world.

Since the 2009 protests, the government has ratcheted up its online repression. "Countering the soft war is the main priority for us today," Mr. Khamenei, the Supreme Leader, said November 2009 in a speech to members of the Basij, a pro-government paramilitary volunteer group. "In a soft war the enemy tries to make use of advanced and cultural and communication tools to spread lies and rumors."

The Revolutionary Guard, a powerful branch of the Iranian security forces, has taken the lead in the virtual fight. In late 2009, the Guard acquired a majority stake of the state telecom monopoly that owns DCI. That put all of Iran's communications networks under Revolutionary Guard control.

The Guard has created a "Cyber Army" as part of an effort to train more than 250,000 computer hackers. It recently took credit for attacks on Western sites including Voice of America, the U.S. government-funded international broadcasting service. And at the telecom ministry, work has begun on a national search engine called "Ya Hagh," or "Oh, Justice," as a possible alternative to popular search engines like Google and Yahoo.

Write to Christopher Rhoads at christopher.rhoads@wsj.com and Farnaz Fassihi at



Read more: http://online.wsj.com/article/SB10001424052748704889404576277391449002016.html#ixzz1Nslj2h2I

bigdog

  • Power User
  • ***
  • Posts: 2321
    • View Profile
Re: Cyber Jihad
« Reply #10 on: May 31, 2011, 04:53:18 AM »

WASHINGTON—The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.

The Pentagon's first formal cyber strategy, unclassified portions of which are expected to become public next month, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country's military.

In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," said a military official.

Recent attacks on the Pentagon's own systems—as well as the sabotaging of Iran's nuclear program via the Stuxnet computer worm—have given new urgency to U.S. efforts to develop a more formalized approach to cyber attacks. A key moment occurred in 2008, when at least one U.S. military computer system was penetrated. This weekend Lockheed Martin, a major military contractor, acknowledged that it had been the victim of an infiltration, while playing down its impact.

The report will also spark a debate over a range of sensitive issues the Pentagon left unaddressed, including whether the U.S. can ever be certain about an attack's origin, and how to define when computer sabotage is serious enough to constitute an act of war. These questions have already been a topic of dispute within the military.

One idea gaining momentum at the Pentagon is the notion of "equivalence." If a cyber attack produces the death, damage, destruction or high-level disruption that a traditional military attack would cause, then it would be a candidate for a "use of force" consideration, which could merit retaliation.



Read more: http://www.foxnews.com/politics/2011/05/31/pentagon-cyber-attacks-count-acts-war/#ixzz1NviUtx6h

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile
IPT: The end of the Inspire Era
« Reply #11 on: May 04, 2012, 12:31:00 PM »
The End of the Inspire Era
IPT News
May 3, 2012
http://www.investigativeproject.org/3565/the-end-of-the-inspire-era
  

 
Al-Qaida has released two new issues of its English-language magazine eight months after a drone strike eliminated the American jihadi leaders behind it. The latest editions of Inspire magazine reinforce al-Qaida's promotion of lone wolf attacks, but each is aimed at a very different audience.
Inspire was known for cultivating English-language jihadis, contributing to more than a dozen plots against American and Western targets. The sophisticated magazine combined all the elements necessary to motivate would-be terrorists, from the justifying theology to detailed suggestions for new attacks in the West. It was also critical for al-Qaida's shift from large, top down directed attacks to small, individualistic terror.
The newly-released eighth issue carrying the cover headline, "Targeting Dar al-Harb Populations," promotes the lone wolf trend for non-Muslim lands in the same way as previous editions. It details plans for new attack methods in the "Open Source Jihad" section, and presents the culmination of American-born cleric Anwar al-Awlaki's justification for killing American civilians.
But the ninth issue, "Winning on the Ground," reads more like an address to Western audiences and the moderate Muslims that al-Qaida despises. It was written after Awlaki and Inspire editor Samir Khan – a fellow American – were killed in the September U.S. drone strike.
Although it contains suggestions to burn down Western forests and cities, it spends more time eulogizing fallen fighters like Awlaki and trying to explain al-Qaida's ideology to outsiders. Its quality is noticeably worse without Khan, lacking the polished style and graphics of previous editions, and is further limited by contradictory articles and barely readable translations.
The difference between the two magazines is striking, and perhaps hints at the new direction for future al-Qaida English-language publications.
Issue 8's update in the "Open Source Jihad" series reinforces Inspire's hallmark methods of lone wolf terrorism by showing how to use small handguns and to build remote-controlled detonators for explosives. This effort clearly builds on articles from previous issues, like "How to Build a Bomb in the Kitchen of Your Mom."
Its ideological articles also mirror those in previous issues. In a lengthy feature article, "Targeting the Populations of Countries that Are at War with the Muslims," Awlaki lays out his most sophisticated argument for killing American civilians.
Such arguments arguably are his most important contribution to al-Qaida's ideological longevity. This role was so important that Osama bin Laden called him "qualified and capable of running the matter in Yemen," according to documents captured from bin Laden's compound after his assassination.
In "Targeting the Populations of Countries that Are at War with the Muslims," Awlaki argued that Islam's prohibition against killing civilians doesn't hold up for modern-day Westerners.
"… In no way does it mean that Islam prohibits the fighting against the disbelievers if their men, women and children are intermingled. This understanding is very dangerous and detrimental to jihad and awareness on this issue is very important," he wrote. "To stop the targeting of disbelievers who are at war with the Muslims just because there are women and children among them leads to constraints on today's jihad that make it very difficult, and at times, impossible to fight and places the Muslims at a great disadvantage compared to their enemy."
Although it was intended to be released last fall, most of the issue's ideological material remains relevant and dangerous.
In "Blended Duality: Muslim and American?" Khan argued that being Muslim and American are inherent contradictions.
"To say one is proud of being American is not merely a cultural declaration but one of allegiance," he wrote. Being American is "to undertake that which Allah detests," and all attempts to create a "moderate" Islam are just "Muslims throwing the Qur'an behind their backs."
Would-be warriors should help al-Qaida create a real Islamic state instead, and throw off the shackles of Western secularism, he argued.
Stark Contrast
The ninth issue looks and reads like a different publication, complete with notes explaining Islamic terminology to the uninitiated. It also presents contradictory arguments about what al-Qaida really wants and who it is willing to kill to get there.
Khan's final testament is published in the issue. He initially portrays al-Qaida's fight as a defensive battle against American hegemony, which will ultimately lead to a renewed Islamic Caliphate that will defend Muslims. "As long as they continue to kill our people, occupy our lands, support Israel, fund the tyrannical puppets in the Muslim lands and try to re-interpret Islam, we will punish them and their nation severely," Khan wrote.
But in the article, "This is How We Win and This is How You Lose," Abu Hurairah as-Sana'ani states that al-Qaida's fight is about offensive domination of non-Muslims. "So contemplate… perhaps you [will be] guided to Islam, recognizing it as sovereign over you and give the jizyah willingly while you are humbled," he wrote, referring to the obligatory tax on non-Muslims living under Islamic supremacy.
While Khan and as-Sana'ani's arguments are essentially two sides of the same coin, each promoting the victory of Islam and the defeat of the West, they clash in explaining why al-Qaida is fighting.
Similar contradictions exist in the issue's approach to killing civilians.
In "They Killed Father, They Killed Son," writer Um Ahmed takes issue with separate drone strikes killing Awlaki and his eldest son. "One should wonder what Obama will do, what Obama would feel if Muslims kill his daughters only for being his daughters? We are sure that not only the Americans but the whole world would condemn such murder," she wrote. "But Muslims would never intentionally killed (sic) children, no matter who their parents are. No matter if they are the worst enemy of Islam, if they are children it is prohibited to target them intentionally."
But 20 pages later, the article "Do the Mujahideen and Christian terrorist have similar goals?" celebrates a recent terror attack by an al-Qaida wannabe in France. In March, French terrorist Mohammed Merah viciously murdered three young Jewish children and a rabbi on their way to school, chasing them down and killing them execution-style.
The same article states that al-Qaida terrorists "do not deliberately target women and children," but refers to the deliberate murder of all civilians as entirely justified revenge.
"If someone says that our bombings in London and Madrid, for example, are proof that we target women and children, then we say that we purposely target specialized institutions to not only send political messages, but to damage their economies, and [do] revenge for the Muslims they have massacred over the years by repeating the same to their own citizens so that they may taste what we taste on a near daily basis," the author claimed.
He concedes that, "Our war with America and the West may appear to some that we are out to kill for the sake of killing, since all we do to them is just that. The reason behind it is – as we've previously stated – because of the crimes these governments have perpetrated on our lands and continue to perpetrate."
Other themes in the ninth issue contradict either prominent articles from previous issues or al-Qaida's standard operating procedures.
"The Jihadi Experiences: The Most Important Enemy Targets Aimed at by the Individual Jihad," calls for striking Jews but not synagogues or other places of worship. That goes against the entire third edition of Inspire, which promoted an attempted mail bombing attack on two Jewish houses of worship.
The article also warns against targeting civilians not involved in conflict with Muslims, and advises individual attackers to be sensitive to al-Qaida's reputation. That point doesn't jibe with the policy of al-Qaida's North African and Yemeni branches, which have regularly kidnapped and executed foreign tourists.
The new Inspire issues represent different expressions of al-Qaida's message, and alternative summaries of Inspire magazine's legacy. Like past editions, they are likely to remain highly relevant to future plots, and may provide fertile ideological ground for the next generation of al-Qaida propaganda.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile
Iran blamed for Cyberattacks
« Reply #12 on: October 12, 2012, 05:56:38 PM »
Iran Blamed for Cyberattacks
U.S. Officials Say Iranian Hackers Behind Electronic Assaults on U.S. Banks, Foreign Energy Firms.
By SIOBHAN GORMAN And JULIAN E. BARNES

WASHINGTON—Iranian hackers with government ties have mounted cyberattacks against American targets in recent months, escalating a low-grade cyberwar, U.S. officials say.

The Iranian effort culminated in a series of recent attacks against U.S. banks as well as electronic assaults this year on energy companies in the Persian Gulf. The attacks bore "signatures" that allowed U.S. investigators to trace them to the Iranian government, the officials said.

The hackers appear to be a network of fewer than 100 Iranian computer-security specialists at universities and network security companies in Iran, investigators said.

Iranian officials didn't return a call seeking comment.

U.S. officials said detailed evidence linking the attacks to Tehran is classified. But Iranian hackers don't have the resources to mount major attacks without the support and technical expertise of the government, the officials said.

"These are not ordinary Iranians," one senior U.S. official said.

Defense Secretary Leon Panetta alluded to the Iranian cyberattacks in a policy announcement this week on U.S. efforts to counter the threat. He didn't directly finger Iran in these attacks, but said they mark "a significant escalation." Mr. Panetta, in an address in New York, outlined procedures being put into place to block such attacks, identify attackers and retaliate, if necessary.

A Litany of High-Tech Assaults
Incidents have escalated in recent months.


October 2012: The Qassam Cyber Fighters issued announcements, followed by cyber strikes, involving other U.S. banks, slowing or interrupting consumer websites
.WFC -2.64%"They have been going after everyone—financial services, Wall Street," said a senior defense official. "Is there a cyberwar going on? It depends on how you define 'war.'"

The attacks against U.S. banks were so-called denial of service attacks, in which computers are programmed to bombard a particular website and knock it off line. But investigators fear that they represent a first step to more destructive electronic assaults, which already had been mounted on a Saudi oil company.

The attacks began early this year in what some officials surmised was retaliation for harsh sanctions on Iran's oil and financial sectors, imposed as part of an effort by the U.S. and its allies to halt Tehran's nuclear program. Tehran denies Western charges that it is seeking to use the nuclear program to develop atomic weapons.

The Iranian effort may also be payback for a high-tech campaign against Iran that involved the U.S., including the cybersabotage project known as Stuxnet. That project targeted Iran's Natanz nuclear plant with cyberattacks that caused a large proportion of its centrifuges to spin out of control beginning in 2008.

U.S. officials have long considered Iran as a second-tier cyberpower, behind China, Russia, France, Israel and the United States. They now are debating the extent to which Iran has the capability to damage the financial system and other U.S. infrastructure.

Iran has stepped up its cyber capabilities in recent years, spending at least $1 billion on them since the beginning of this year, said Ilan Berman, a Middle East expert at the American Foreign Policy Council. The Pentagon spends about $3 billion a year on cyberdefenses.

Iran's strategy has shifted from fortifying its cyberdefenses to developing offensive cyberweapons, said Mr. Berman.

Defense officials see the cyberattacks as part of a larger effort by Iran. U.S. investigators allege Iran was behind an attack in July on Israeli tourists in Bulgaria, the killing of a Saudi diplomat in May in Pakistan, and the attempted assassination last year of the Saudi ambassador in Washington. Iran has denied involvement in all the incidents.

U.S. banks were the first targets of attacks that were comparatively small in scale, according to former U.S. officials.

The attacks expanded to oil and gas companies in the Persian Gulf and Middle East over the summer, then returned to U.S. banks with far more potent attacks in recent weeks.

Three more banks were hit this week, and each of those actions was preceded by an Internet warning of an imminent attack.

"In the last year, there's been a cyberwar going on in the Middle East, and it's spilled over now" into America, a former U.S. official said.

The attacks began shortly after approval last December of a U.S. defense bill that stepped up punitive sanctions. Iranian hackers initially mounted potent, but smaller-scale denial of service attacks on a group of U.S. banks in January, investigators say. The attackers were testing the banks' responses to each assault and adjusting their tactics to penetrate banks' defenses.

The Tel Aviv Stock Exchange and the website of Israeli airline El Al also came under attack that month, each suffering website outages. Although an unknown hacker who claimed to be a Saudi took credit, investigators are examining a possible Iranian role. The stock exchange and airline acknowledged the attack at the time and said they quickly recovered from it.

The Iranian hackers re-emerged in July with an attack on the Saudi Arabian Oil Co., known as Saudi Aramco, investigators believe. That attack, wielding a virus called "Shamoon," destroyed data on 30,000 computers. A group calling itself "Cutting Sword of Justice" claimed responsibility for the attack, which U.S. investigators believe was tied to Iran.

Aramco acknowledged then that its computers had been taken down by an electronic attack and said it expected more attacks in the future. It said that it quickly recovered.

The Aramco attacks set off alarms within the U.S. government as a shift in tactics from stealing information to destroying it.

In August, the target was Rasgas, a Qatari natural gas company that is a leading global provider of liquefied natural gas. The attack, which U.S. officials believe was carried out by the same Iranian network, shut down its website and internal email servers. Rasgas also acknowledged the attack and said it had no impact on operations.

In September, the group redoubled its attacks on the U.S. financial sector. It announced its plans in advance under the moniker "Qassam Cyber Fighters," a previously unknown group.

On Sept. 18, the group announced it would target Bank of America Corp. It followed with several more attacks, including J.P. Morgan Chase & Co., U.S. Bancorp, PNC Financial Services Corp., and Wells Fargo & Co.

This past week, the pre-announced attacks continued with Capital One Financial Corp., COF -1.15%SunTrust Banks Inc., STI -3.38%and Regions Financial Corp. RF -4.46%Following the announcements, the attacks bombarded computers that run bank websites, slowing website performance of some and taking others offline temporarily.

Bank of America declined to comment and J.P. Morgan wouldn't confirm an attack but acknowledged some customers had difficulty accessing its website. PNC's president wrote an open letter to customers about the attacks, which lasted about 31 hours. Wells Fargo and U.S. Bancorp also acknowledged they had been hit.

With this week's attacks, a Capital One spokeswoman said that some customers were intermittently unable to log on to their accounts on Oct. 9 due to a large volume of traffic. A SunTrust spokesman said the company experienced increased traffic Oct. 10 that led to service outages. A Regions spokesman said the company experienced intermittent Internet service disruption on Oct. 11.

—Suzanne Kapner, Jessica Holtzer and Devlin Barrett contributed to this article.

Crafty_Dog

  • Administrator
  • Power User
  • *****
  • Posts: 72258
    • View Profile
Stratfor: Cyber Jihad Iran
« Reply #13 on: June 18, 2020, 05:33:44 PM »
Iran Appears Poised to Go on the Cyber Offensive
6 MINS READ
Jun 18, 2020 | 09:00 GMT
A desalination plant in Tel Aviv, Israel.
(Pallava Bagla/Corbis via Getty Images)
Editor's Note: ­This security-focused assessment is one of many such analyses found at Stratfor Threat Lens, a unique protective intelligence product designed with corporate security leaders in mind. Threat Lens enables industry professionals and organizations to anticipate, identify, measure and mitigate emerging threats to people, assets and intellectual property the world over. Threat Lens is the only unified solution that analyzes and forecasts security risk from a holistic perspective, bringing all the most relevant global insights into a single, interactive threat dashboard.

Continued U.S. sanctions and Israel's aggressive strategy against Iran in Syria and Iraq have backed Iran into a corner, forcing it to become more aggressive in its counterstrategy. In 2019, Iran made a significant shift in its asymmetric strategy in the Persian Gulf and on the Arabian Peninsula when it launched missile, drone and bombing attacks that inflicted significant damage on regional oil exports and Saudi Arabia's oil industry. Now it appears that Iran may be making the same shift toward inflicting physical damage using cyberattacks as well. Such a shift would entail a significantly higher risk of further cyberattacks on Arab, U.S., Israeli and other Western companies operating in the region, as well as for critical infrastructure worldwide.
 
In April, Iranian-backed cyber actors targeted Israeli water infrastructure in an attack that could have increased the amount of chlorine to dangerous levels. The Israel National Cyber Directorate stopped the attack when operators noticed that water pumps were malfunctioning. While few details about the incident have emerged, the hackers apparently deployed malware targeting the plant's industrial control systems' programmable logic controllers once they gained entry into the network.
 
Prior to April's attack, Iran's offensive cyber operations did not damage critical civilian infrastructure but rather focused on deleting data and records and on accessing information, but April's cyberattack was intended to significantly physically damage and disrupt Israel's water supply. Iran has spent years attempting to gain entry to critical infrastructure and developing the necessary cyber tools to target industrial control systems to damage infrastructure and economic targets.

Iran saw firsthand what offensive cyber operations can cause when the Stuxnet virus, likely the work of Israel and the United States, caused significant damage to Iran's nuclear program when it targeted enrichment activities and centrifuges in 2010.
A 2016 U.S. indictment highlighted Iran's attempt to gain entry into a U.S. dam, and Iranian-backed hackers have increasingly tested for vulnerabilities in, and tried to gain entry to, critical infrastructure in Bahrain, Israel and other countries.

If Iran's attempts to disrupt critical infrastructure continue, it will force other countries to respond in kind to maintain some level of deterrence — risking continued tit-for-tat escalation.

Tehran now appears to have both the willingness and capability to conduct attacks on industrial control systems in response to the significant economic damage inflicted on it by U.S. sanctions, and to accept the associated risk with using destructive offensive cyberattacks. Last November, cybersecurity researchers noted that the Iranian-backed hacking group, APT33 (aka Elfin, aka Refined Kitten), had increasingly been focusing its efforts on infiltrating critical infrastructure networks, leading to speculation that Iran would try to deploy Shamoon or other malware or viruses to target industrial control systems. This follows a shift in Iran's military activity last year when it went from merely threatening to shut down the Strait of Hormuz and harassing the U.S. Navy in the Persian Gulf to actually planting mines on commercial tankers and conducting drone and missile strikes against Saudi Arabia's oil industry. Iran has not carried out similar missile and drone attacks since last September, likely over fears of escalation to military conflict, but may be assessing that cyber activity reduces the risk of rapid escalation and carries less risk of direct military conflict even though it carries a higher risk of retaliatory cyberattacks.
 
Iran will continue to expand its cyber capabilities, but its acquisition of such skills will remain relatively slow when compared to more highly skilled rivals like Israel, Russia, China and the United States – still, even second-tier cyber powers can inflict significant damage due to the challenge of hardening systems from cyberattacks. If Iran's attempts to disrupt critical infrastructure continue, it will force other countries to respond in kind to maintain some level of deterrence — risking continued tit-for-tat escalation. Israel already apparently did this in May when it launched a cyberattack against an Iranian port, disrupting activities there. Protecting against cyberattacks is notoriously difficult due to a wide range of potential vulnerabilities and access points to systems.
 
Israel is likely to remain a focal point for Iran's cyber operations against civilian and government targets. Israel has been very aggressive in targeting Iranian activity not only through constant cyber activity trying to gain entry to critical infrastructure in Iran, but also by striking Islamic Revolutionary Guard targets in Syria and Iraq to reduce Iran's geographic reach close to Israel. Iran will continue to seek as many vulnerabilities in Israeli critical infrastructure including water and power infrastructure, and in commercial entities where data wiping, surveillance and intelligence-gathering operations remain priorities for hacking groups.
 
U.S. companies operating in the region are also likely to face increased risk, but critical infrastructure operators back in the United States may also face a higher risk. One of the key reasons Iran has developed asymmetric capabilities is to hit back strategically at the United States and its allies. None of Iran's asymmetric capabilities other than cyberattacks can directly inflict damage in the United States. With the exception of commercially oriented hackers conducting ransomware attacks, Iran poses the most significant threat to U.S. critical infrastructure and strategic industries when it comes to disruption. Russia and China possess far more advanced cyber tools and will seek to infiltrate networks more often, but neither has the intent to disrupt and cause as much significant damage as Iran does.
 
Saudi Arabia and other Gulf Cooperation Council countries are also logical targets for continued attacks, including on oil and gas companies, water companies and other critical infrastructure operators. Unlike Israel and the United States, Saudi Arabia and other GCC countries do not want to risk confrontation with Iran and do not carry out offensive cyber operations directly — but their ties to the United States will continue to make them targets for Iranian activity. Civilian infrastructure including desalination plants, refineries, and oil and gas processing facilities are all likely to continue being targeted for entry. While they may not be as high a priority for Iran as striking out directly at the United States or Israel, GCC cyber capabilities pale by comparison to U.S. and Israeli capabilities, increasing their vulnerability to Iran.