Cyber Terrorism Communications and Propaganda

Further expanding the previous discussion on Tracking Down Internet Terrorist Propaganda, and patterns of Arabic Extremist Group Forum Messages' Characteristics, there've also been some recent developments on Hezbollah's never-ending use of U.S hosting companies as a media/communication/fund raising/recruitment/propaganda platform:

"Hezbollah used the Broadwing Communications fiber-optic network to deliver its Al-Manar web site to the world last week after finding a weakness in a Broadwing customer's connection. When that happened, Hezbollah television's web site was suddenly hosted, of all places, in Texas. When Broadwing discovered what had happened, they cut the T1 connection to their customer until the customer resolved the problems on its end, and the Al-Manar site disappeared back into the ether—only to pop up a few hours later on a server in India. Hezbollah's tactics are laid out in a brief Time article that also discusses the people trying to shut Hezbollah down. And it's not the people you might think. Those in the war and security business are no doubt involved, but some of the work is done by amateurs, as well. Volunteers from the Society for Internet Research track jihadi websites and tactics across the Internet, then alert domain registrars and web hosting companies to the presence of potentially illegal material on their servers."

Al Manar TV has long been known for delivering Hezbollah's PSYOPS through constantly relocating its stream, but information warfare capable enemies seem to be able to hijack the signal as it recently happened. Moreover, according to Haganah's most recent Table of American Internet Service Providers of Hezbollah -- detailed analyses -- Register.com remains a popular choice.

Cyber terrorism is a complex and often misunderstood term that originally emerged as the direct effect of Techno Imperialism sentiments, and, of course, the balancing power of the Internet when it comes to cyber warfare capabilities. In another great research Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks, the author summarized the most commonly encountered Cyber Terrorism categories and keywords, and discussed the different explanations of the term. As for Cyber terrorism, the first issue that comes to the mind of the average expert are the SCADA systems whose IP based connectivity remains a growing concern for governments utilizing these. Which is exactly the least issue to worry about, today's Cyber terrorism is still maturing, tomorrow's Cyber terrorism will be taking advantage of cyber warfare capabilities on demand or through direct recruitment/blackmailing practices of individuals capable of delivering them. Here's a neat table representing the maturity/evolution of Cyber terrorism.

For the time being, propaganda and recruitment are so far the most indirect and popular practices, whereas the concept itself is truly maturing thus becoming even more evident. Thankfully, various researchers are already actively combining AI and various web crawling approaches while analyzing the presence of terrorists on the web -- and here's a good starting point.

Related resources and posts:
Cyber Terrorism
Hacktivism
Information Warfare
Cyberterrorism - don't stereotype and it's there!
Cyberterrorism - recent developments
The Current, Emerging, and Future State of Hacktivism
Terrorist Social Network Analysis
Hacktivism Tensions - Israel vs Palestine Cyberwars

Virus Outbreak Response Time

In a previous posts I discussed various trends related to malware families, and mentioned CipherTrust's Real Time PC Zombie Statistics. You might also be interested in IronPort's Virus Outbreak Response Times for the last 24 hours which currently tracks, IronPort themselves, Sophos, Trend Micro, Symantec, and McAfee. Although vendor's bias often exist, let's just say that self-serving statements can easily be verified by doing a little research on your own -- it doesn't cost a fortune to run a geographically diverse honeyfarm. However, what bothers me is the vendors' constant claims on exchanging malware samples for the sake of keeping the E in front of E-Commerce, whereas response time "achievements" often get converted into marketing benchmarks to be achieved. Protecting against known malware is far more complex than it seems, and it is often arguable whether zero day malware, or known malware has the highest impact when infecting both, corporate, and home PCs. Basically you have powerful end users getting themselves infected with months old malware and later on collectively becoming capable of causing damage on a network that's already aiming at achieving the proactive protection level. Ironic isn't it? If detailed statistics truly matter, VirusTotal has the potential to dominate the analysts community without bias.

Response times used to matter once, now it's all up to proactive protection approaches, and, of course, revenue generation from both sides. Moreover, sometimes even a signature based approach doesn't work, especially when it comes to packet based or web application based malware. Avoid the signatures hype and start rethinking the concept of malware on demand, open source malware, and the growing trend of malicious software to disable an anti virus scanner, or its ability to actually obtain the latest signatures available.

At the bottom line, achieving ROSI when it comes to false malware positives is yet another growing concern for the majority of enterprises wisely spending their security dollars.

U.S Air Force on MySpace

Seems like the U.S Air Force is joining MySpace:

"The Air Force profile will show users five video clips that the Recruiting Service says gives them “a behind-the-scenes look at the extraordinary things airmen accomplish every day,” according to a press release. Users will be able to view longer videos of airmen as they fly jets, call in air strikes, navigate satellites and jump out of airplanes, the service said. They also can vote on which commercial will kick off the Air Force’s new “Do Something Amazing” advertising campaign, scheduled for Sept. 18 during the FOX network’s “Prison Break” television show."

It's like using a Yahoo Group mailing list to break the ice and keep it teen-friendly. Now, teens all over the U.S know which buddy to avoid. I'm sure Privacy advocates will pick this up shortly, given "someone" isn't already data mining MySpace profiles for targeted propositions -- of course they are.