Return-Path: <sentto-279987-4257-1010582290-fc=all.net@returns.groups.yahoo.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 09 Jan 2002 05:20:08 -0800 (PST)
Received: (qmail 19454 invoked by uid 510); 9 Jan 2002 13:18:30 -0000
Received: from n32.groups.yahoo.com (216.115.96.82) by all.net with SMTP; 9 Jan 2002 13:18:30 -0000
X-eGroups-Return: sentto-279987-4257-1010582290-fc=all.net@returns.groups.yahoo.com
Received: from [216.115.97.163] by n32.groups.yahoo.com with NNFMP; 09 Jan 2002 13:18:11 -0000
X-Sender: fc@red.all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-8_0_1_3); 9 Jan 2002 13:18:09 -0000
Received: (qmail 34818 invoked from network); 9 Jan 2002 13:18:09 -0000
Received: from unknown (216.115.97.172) by m9.grp.snv.yahoo.com with QMQP; 9 Jan 2002 13:18:09 -0000
Received: from unknown (HELO red.all.net) (12.232.125.69) by mta2.grp.snv.yahoo.com with SMTP; 9 Jan 2002 13:18:09 -0000
Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g09DIll15041 for iwar@onelist.com; Wed, 9 Jan 2002 05:18:47 -0800
Message-Id: <200201091318.g09DIll15041@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL3]
From: Fred Cohen <fc@all.net>
X-Yahoo-Profile: fcallnet
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Wed, 9 Jan 2002 05:18:47 -0800 (PST)
Subject: [iwar] [fc:Al-Qaida.Cyber.Capability]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Al-Qaida Cyber Capability
Key Judgements
a.. Al-Qaida (the group formed and led by Osama bin Laden) has not engaged
in computer-based attacks in the past. However, in the wake of the World Trade Center
(WTC) attacks, bin Laden has suggested that Al-Qaida has the expertise to use the
computer as a weapon.
b.. Given the economic damage the United States suffered due to the WTC
attacks, it is possible that those responsible may shift their sights away from primarily
symbolic targets, such as heavily populated buildings or sports stadiums, toward
critical infrastructures.
c.. Bin Laden's base for his operations, Afghanistan, does not provide an
ideal venue for staging cyber attacks.
d.. A potential cyber terrorist attack by the Al-Qaida group, or its sympathizers,
would likely be launched or coordinated outside Afghanistan.
e.. Retaliatory cyber attacks -- primarily web defacements -- from individual
sympathetic hackers on both sides have commenced and will continue to occur
Background
Osama bin Laden established Al-Qaida in the late 1980s to bring together Arabs who
fought in Afghanistan against the Soviet invasion. It helped finance, recruit, transport
and train Sunni Islamic extremists for the Afghan resistance. Its current goal is
to establish a pan-Islamic Caliphate throughout the world by working with allied
Islamic extremist groups to overthrow regimes it deems "non-Islamic" and to expel
Westerners and non-Muslims from Muslim countries. In February 1998, Al-Qaida issued
a statement under the banner of the "World Islamic Front for Jihad Against the Jews
and Crusaders" claiming it was the duty of all Muslims to kill US citizens--civilian
or military--and their allies everywhere.
The size of Al-Qaida is unclear. The group itself has been reported to have several
hundred to several thousand members. Al-Qaida also serves as a focal point, or umbrella
organization, for a worldwide terrorist network that includes many Sunni Islamic
extremist groups such as Egyptian Islamic Jihad, some members of al-Gama'at al-Islamiyya,
the Islamic Movement of Uzbekistan and the Harakat ul-Mujahidin. Al-Qaida has a worldwide
reach with cells in a number of countries and is reinforced by its ties to global
Sunni extremist networks.
Bin Laden and his key lieutenants reside in Afghanistan and the group maintains
terrorist training camps there. Bin Laden, son of a billionaire Saudi family, is
said to have inherited approximately US$300 million which he uses to finance the
group. Al-Qaida also maintains moneymaking front organizations, solicits donations
from like-minded supporters and illicitly siphons funds from donations to Muslim
charitable organizations.
Threat to Critical Infrastructure
Some insight into the thinking of Islamic extremists was obtained in July 2001.
At this time, Ahmed Ressam (convicted of attempting to place a bomb at the Los Angeles
International Airport around 1 January 2000) testified in court that he was trained
to attack the infrastructure of countries. Specifically, he stated that he was trained
to target "such installations as electric plants, gas plants, airports, railroads,
large corporations and military installations also." When asked why he chose an airport
as a target, he said, "an airport is sensitive politically and economically." Ressam
received terrorist training in Afghanistan and is linked to the Al-Qaida network.
The targeting of the World Trade Center by Islamic extremists in 1993 and 2001 was
a symbolic act, ideal for sowing fear in the United States. However, the 11 September
attack had an even deeper ripple effect: the temporary disruption of the entire US
financial and transportation infrastructure. If the terrorists did not fully anticipate
these aftershocks, they can see them clearly now. This raises the possibility that
those responsible may shift their sights away from primarily symbolic targets, such
as heavily populated buildings or sports stadiums, toward critical infrastructures.
Cyber Capability to Target Critical Infrastructure
There are no known examples of Al-Qaida launching cyber attacks against critical
infrastructure. Although it has demonstrated a very sophisticated logistical and
organizational ability, to date, its attacks have been physical and clearly "low-tech".
For example, past attacks have included blowing up a dingy packed with explosives
next to the USS Cole and exploding bombs near US embassies in Africa. Even the attacks
on the World Trade Center and Pentagon on 11 September were done with conventional
means.
Nevertheless, there has been significant, albeit unsubstantiated, reporting that
bin Laden and his Al-Qaida organization are sophisticated users of computer and telecommunication
technology. For example, it has been reported that Al-Qaida personnel use the Internet
for sending encrypted communications.
Interestingly, in the wake of the 11 September 2001 attacks, Osama bin Laden reportedly
gave a statement to Hadmid Mir (editor of the Ausaf newspaper) indicating that:
"hundreds of young men had pledged to him that they were ready to die and that
hundreds of Muslim scientists were with him and who would use their knowledge in
chemistry, biology and (sic) ranging from computers to electronics against the infidels.
He said they had no atom bombs and missiles but the passion for jihad was more important
than those weapons."
This statement suggests that Bin Laden is threatening to use computer-based attacks
against the West. However, due to its very poor communications infrastructure, Afghanistan
does not provide an ideal venue for staging such attacks. According to the CIA World
Fact Book, the capital city of Kabul had only 21,000 main phone lines in use in 1998.
Domestically, there are telecommunication links between the cities of Mazar-e Sharif,
Herat, Kandahar, Jalalabad and Kabul through microwave and satellite systems. There
are reportedly very few links abroad. Osama bin Laden's personnel reportedly go to
Peshawar, Pakistan to maintain phone, fax and modem communication with the outside
world.
Bin Laden's choice to use Afghanistan as a base for his operations limits Al-Qaida's
ability to use that country as a base for malicious cyber activity. Therefore, a
potential cyber terrorist attack by the Al-Qaida group, or their sympathizers, against
the West would most likely have to be launched or coordinated outside Afghanistan.
Likewise, Taliban forces would appear to be very ill-equipped to launch any sort
of cyber effort from within the country.
Cyber Threat Related to 11 September
The events of 11 September will engender cyber attacks between individuals sympathetic
to the United States and those who support the terrorists. US supporters have already
begun cyber attacks against Arab and bin Laden-linked computer systems. When this
becomes significant, a retaliatory response can be expected against networks perceived
to be connected to the US and its allies.
On 14 September, a group calling itself the "Dispatchers" posted a statement on
the Web saying it has already disabled Internet Service Providers (ISPs) in the Middle
East and has been targeting ISPs in Afghanistan with the explicit goal of destroying
them. The Dispatchers, claiming to be approximately 300 strong, said it would target
Pakistan, Iraq and several other Middle Eastern countries. The hacker group said
it is planning a coordinated attack against Internet infrastructure in targeted countries
and other critical information systems. The US National Infrastructure Protection
Center has issued an alert suggesting that the Dispatchers may inadvertently cause
collateral damage to American computer systems during attempts to damage Arab/Muslim
foreign computer systems via distributed denial of service attacks.
Groups that may be sympathetic to the terrorists, and may themselves launch cyber
attacks against US and western computer systems, include the "Iron Guard". The Iron
Guard is a group of hackers formed during the Israeli-Palestinian cyber conflict
late in 2000. This group is believed to be technically adept and is reported to have
ties to Hezbollah and other Muslim extremist groups. The group's initial call for
cyber jihad was supported and promoted by al-Muhajiroun, whose leader (Sheik Omar
Bakri Mohammed) has known ties to bin Laden. The Iron Guard has suggested in the
past that it considers American commercial companies to be responsible for their
government's actions.
Analysis of Threat
While bin Laden' s comments that his organization was prepared to use experts with
knowledge of computers to launch further attacks are noteworthy, there is no history
of Al-Qaida engaging in cyber attacks and no information suggesting that it has already
prepared itself for such action. Bin Laden's vast financial resources, however, would
enable him or his organization to purchase the equipment and expertise required for
a cyber attack and mount such an attack in very short order. Regardless of Al-Qaida'
s actions, a cycle of attacks and reprisals has commenced and will continue to occur
between hackers sympathetic to Islamic extremist action and supporters of the United
States.
Contact Us
For urgent matters or to report any incidents, please contact OCIPEP's Emergency
Operations Centre at:
Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094
Email: <a href="mailto:opscen@ocipep-bpiepc.gc.ca?Subject=Re:%20(ai)%20Al-Qaida%20Cyber%20Capability%2526In-Reply-To=%2526lt;007701c198d1$f55bb760$9af4b23f@oemcomputer">opscen@ocipep-bpiepc.gc.ca</a>
For general information, please contact OCIPEP's Communications division at:
Phone: (613) 991-7066 or 1-800-830-3118
Fax: (613) 998-9589
Email: <a href="mailto:communications@ocipep-bpiepc.gc.ca?Subject=Re:%20(ai)%20Al-Qaida%20Cyber%20Capability%2526In-Reply-To=%2526lt;007701c198d1$f55bb760$9af4b23f@oemcomputer">communications@ocipep-bpiepc.gc.ca</a>
Web Site: www.ocipep-bpiepc.gc.ca
Notice to readers
OCIPEP publications are based on information obtained from a variety of sources.
The organization makes every reasonable effort to ensure the accuracy, reliability,
completeness and validity of the contents in its publications. However, it cannot
guarantee the veracity of the information nor can it assume responsibility or liability
for any consequences related to that information. It is recommended that OCIPEP publications
be carefully considered within a proper context and in conjunction with information
available from other sources, as appropriate.
------------------------ Yahoo! Groups Sponsor ---------------------~-->
Tiny Wireless Camera under $80!
Order Now! FREE VCR Commander!
Click Here - Only 1 Day Left!
http://us.click.yahoo.com/WoOlbB/7.PDAA/ySSFAA/kgFolB/TM
---------------------------------------------------------------------~->
------------------
http://all.net/
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:02 PST