I always knew there's a team of cheap marketers behind every terrorist organization trying to market yet another multimedia killing, or put it simple fear, treats, and no respect for life. Why cheap? Mainly because there's no segmentation or niche issues to deal with, but mostly mass marketing, while harnessing the power of the never ending resonation from the media echo.
Rather biased, today's opinion on Cyberterrorism always has to do primarily with destruction as the core of the problem. Active research is already conducted on "Arabic Extremist Group Forum Messages' Characteristics" and "Terrorist Social Network Analysis", and the real issues still remain communication, research, fundraising, propaganda, recruitment and training -- I wish Dorothy Denning was also blogging on the topic!
iDefense, being the masters of CYBERINT, recently found jihadist web sites related to Zarqawi's "Successor". The interesting part :
"This website contains forums with a mix of threads covering items from the latest information on the militants in the Middle East, such as a video of militants in Syria, to hacker education, such as Microsoft Word documents available for downloading that detail CGI, unicode and php exploits. The members appear to be interested in physical and cyber-related threats. The membership of the site is growing and is already over 10,000+ members. Plus, we at iDefense/VeriSign are very interested to see what hacking issues or levels of cyber expertise may be covered on this site."
By the way, I just came across to an outstanding list of Islamic sites at Cryptome. These are definitely about to get crawled, analyzed, and for sure, under attack in the future. For instance, the most recent example of hacktivism tensions, are the hundreds of hacked Israeli web pages, in the light of Israel's military action in Gaza.
Further reading on:
Terrorism
Cyberterrorism
How Modern Terrorism Uses the Internet
Jihad Online : Islamic Terrorists and the Internet
Right-wing Extremism on the Internet
Terrorist web sites courtesy of the SITE Institute
The HATE Directory November 2005 update
Recruitment by Extremist Groups on the Internet
Thursday, June 29, 2006
Tracking Down Internet Terrorist Propaganda
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Wednesday, June 28, 2006
Delicious Information Warfare - 24/27 June
Go through my daily reads for 13/24 June as well.
01. Meteorite Collision - "Japanese animation showing what would happen if a giant meteor hit the Earth." to Space on june 25
02. Should We Lift North Korean Sanctions? - "Quentin Hardy summed up his side’s argument: “Capitalism has corrupted other authoritarian regimes, why not North Korea?”to Investing on june 25
03. The ABCs of New Security Leadership - "Maintaining the right level of boardroom and employee awareness is a consequence of leadership. And more effective ideas and tactics are replacing the old, reactive security leadership paradigm. Below, CSO looks at what's Out and what's In." to Security Leadership on june 27
04. Blackmailer : the story of Gpcode - "Analysts at Kaspersky Lab had successfully cracked a 660 bit RSA encryption key. This was the latest victory against a cyber blackmailer that had been plaguing users in Russia for over a year and a half." to Malware Ransomware on june 27
05. My Anti-Virus Revolving Door - "I'm the Donald Trump of anti-virus software testing. It won't be long before they're all fired." to Malware AntiVirus on june 27
06. Eyeballing Israel Signal Facilities - "Israeli Signal Facilities, courtesy of the Eyeball Series." to Security Defense Reconnaissance Satellite GEOINT on june 27
07. DHS Special Report Can DHS meet IT cybersecurity expectations? - “In the Defense budget we have put hundreds of millions of dollars in for info. dominance,” Weldon said. He cited Pentagon programs to fund universities to launch cybersecurity studies centers and to expand the military’s own cybersecurity programs." to Security Defense Cyberterrorism Leadership on june 27
08. Tampa GOP Cyber-Attack - "As the global Islamist war heats up, technically savvy cyber-terrorists will continue to look to find weaknesses in the Internet infrastructure of the West." to InformationWarfare Cyberterrorism Hacktivism PSYOPS on june 27
09. Analysis Warns U.S. of Cyber Security Weaknesses - "If our nation is hit by a cyber Katrina that wipes out large parts of the Internet, there is no coordinated plan in place to restart and restore the Internet," said John J. Castellani, President of the Roundtable." to Security Defense Cyberterrorism Leadership on june 27
10. Ignoring the Great Firewall of China - "The so-called "Great Firewall of China" operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST fag set) are sent to both endpoints of the connection.." to Censorship China FreeSpeech on june 27
11. Encyclopedia of Espionage, Intelligence, and Security - "Espionage information." to Intelligence Espionage on june 27
12. China-Led Group to Fight Web Fraud, Cyber Terrorism - "A Russian and Chinese-led bloc of Asian states said Thursday it plans to set up an expert group to boost computer security and help guard against threats to their regimes from the Internet." to Security on june 27
13. Immunizing The Internet, Or : How I Learned To Stop Worrying And Love The Worm - "In a 1997 exercise, NSA teams hacked into computer systems at four regional military commands and the National Military Command Center and showed that hackers could cause large-scale power outages and 911 emergency telephone network overloads." to Security Defense InformationWarfare Cyberterrorism on june 27
14. Five Questions For Martin Roesch, Founder and CTO of Sourcefire - "In 1998, Roesch created Snort, an app that sniffs out malicious traffic trying to enter a network. Snort's free source code has been downloaded more than 3 million times." to Interview on june 27
15. Firms Eye Video Surveillence - "And as the technology shrinks, the cameras slip deeper into the background, hardly noticed, streaming more than 4 billion hours of footage a week—footage that usually ends up lost, and never seen." to Surveillance CCTV Technology on june 27
16. How big is Earth compared to other planets and stars? - "Fun series of photos comparing Earth's size to that of other planets and stars." to Space on june 27
17. All-Seeing Blimp on the Rise - "The problem with the American military today is that it doesn't have a giant, robotic airship, two-and-a-half times the size of the Goodyear blimp, that can watch over an entire city at once.The idea is to park an unmanned airship over a hot zone. to Military Surveillance Privacy on june 27
18. Malware in Popular Networks - "Some of the other popular means of computer supported collaboration are USENET, IRC, P2P, IM. We have seen a consistent uprise of malware targeting these collaborative systems."
to Malware on june 27
19. Word macro trojan dropper and (another) downloader - "We've seen a lot of new malware being spammed in last couple of hours." to Malware on june 27
01. Meteorite Collision - "Japanese animation showing what would happen if a giant meteor hit the Earth." to Space on june 25
02. Should We Lift North Korean Sanctions? - "Quentin Hardy summed up his side’s argument: “Capitalism has corrupted other authoritarian regimes, why not North Korea?”to Investing on june 25
03. The ABCs of New Security Leadership - "Maintaining the right level of boardroom and employee awareness is a consequence of leadership. And more effective ideas and tactics are replacing the old, reactive security leadership paradigm. Below, CSO looks at what's Out and what's In." to Security Leadership on june 27
04. Blackmailer : the story of Gpcode - "Analysts at Kaspersky Lab had successfully cracked a 660 bit RSA encryption key. This was the latest victory against a cyber blackmailer that had been plaguing users in Russia for over a year and a half." to Malware Ransomware on june 27
05. My Anti-Virus Revolving Door - "I'm the Donald Trump of anti-virus software testing. It won't be long before they're all fired." to Malware AntiVirus on june 27
06. Eyeballing Israel Signal Facilities - "Israeli Signal Facilities, courtesy of the Eyeball Series." to Security Defense Reconnaissance Satellite GEOINT on june 27
07. DHS Special Report Can DHS meet IT cybersecurity expectations? - “In the Defense budget we have put hundreds of millions of dollars in for info. dominance,” Weldon said. He cited Pentagon programs to fund universities to launch cybersecurity studies centers and to expand the military’s own cybersecurity programs." to Security Defense Cyberterrorism Leadership on june 27
08. Tampa GOP Cyber-Attack - "As the global Islamist war heats up, technically savvy cyber-terrorists will continue to look to find weaknesses in the Internet infrastructure of the West." to InformationWarfare Cyberterrorism Hacktivism PSYOPS on june 27
09. Analysis Warns U.S. of Cyber Security Weaknesses - "If our nation is hit by a cyber Katrina that wipes out large parts of the Internet, there is no coordinated plan in place to restart and restore the Internet," said John J. Castellani, President of the Roundtable." to Security Defense Cyberterrorism Leadership on june 27
10. Ignoring the Great Firewall of China - "The so-called "Great Firewall of China" operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST fag set) are sent to both endpoints of the connection.." to Censorship China FreeSpeech on june 27
11. Encyclopedia of Espionage, Intelligence, and Security - "Espionage information." to Intelligence Espionage on june 27
12. China-Led Group to Fight Web Fraud, Cyber Terrorism - "A Russian and Chinese-led bloc of Asian states said Thursday it plans to set up an expert group to boost computer security and help guard against threats to their regimes from the Internet." to Security on june 27
13. Immunizing The Internet, Or : How I Learned To Stop Worrying And Love The Worm - "In a 1997 exercise, NSA teams hacked into computer systems at four regional military commands and the National Military Command Center and showed that hackers could cause large-scale power outages and 911 emergency telephone network overloads." to Security Defense InformationWarfare Cyberterrorism on june 27
14. Five Questions For Martin Roesch, Founder and CTO of Sourcefire - "In 1998, Roesch created Snort, an app that sniffs out malicious traffic trying to enter a network. Snort's free source code has been downloaded more than 3 million times." to Interview on june 27
15. Firms Eye Video Surveillence - "And as the technology shrinks, the cameras slip deeper into the background, hardly noticed, streaming more than 4 billion hours of footage a week—footage that usually ends up lost, and never seen." to Surveillance CCTV Technology on june 27
16. How big is Earth compared to other planets and stars? - "Fun series of photos comparing Earth's size to that of other planets and stars." to Space on june 27
17. All-Seeing Blimp on the Rise - "The problem with the American military today is that it doesn't have a giant, robotic airship, two-and-a-half times the size of the Goodyear blimp, that can watch over an entire city at once.The idea is to park an unmanned airship over a hot zone. to Military Surveillance Privacy on june 27
18. Malware in Popular Networks - "Some of the other popular means of computer supported collaboration are USENET, IRC, P2P, IM. We have seen a consistent uprise of malware targeting these collaborative systems."
to Malware on june 27
19. Word macro trojan dropper and (another) downloader - "We've seen a lot of new malware being spammed in last couple of hours." to Malware on june 27
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Tuesday, June 27, 2006
Malicious Web Crawling
SiteAdvisor indeed cashed for evaluating the maliciosness of the web, and New Zealand feels that nation wide google hacking initiatives are a more feasible solution to the problem of google hacking, compared to the Catawba County Schools Board of Education who blamed Google for indexing student test scores & social security numbers. It's like having a just-moved, 25/30 years old neighbors next to your place, who didn't know you have thermal movement detection equipment and parabolic microphones, in order to seal the house by using robots.txt, or assigning the necessary permissions on the web server asap.
Tip to the Board of Education, don't bother Google but take care of the problem on your own, immediately, through Google's automatic URL removal system, by first "inserting the appropriate meta tags into the page's HTML code. Doing this and submitting via the automatic URL removal system will cause a temporary, 180-day removal of these pages from the Google index, regardless of whether you remove the robots.txt file or meta tags after processing your request."
Going back to the idea of malicious web crawling, the best "what if" analysis comes from Michal Zalewski, back in 2001's Phrack issue article on "The Rise of the Robots" -- nice starting quote! It tries to emphasize that "Others - Internet workers - hundreds of never sleeping, endlessly browsing information crawlers, intelligent agents, search engines... They come to pick this information, and - unknowingly - to attack victims. You can stop one of them, but can't stop them all. You can find out what their orders are, but you can't guess what these orders will be tomorrow, hidden somewhere in the abyss of not yet explored cyberspace. Your private army, close at hand, picking orders you left for them on their way. You exploit them without having to compromise them. They do what they are designed for, and they do their best to accomplish it. Welcome to the new reality, where our A.I. machines can rise against us."
That's a far more serious security issue to keep an eye on, instead of Google's crawlers eating your web site for breakfast.
Tip to the Board of Education, don't bother Google but take care of the problem on your own, immediately, through Google's automatic URL removal system, by first "inserting the appropriate meta tags into the page's HTML code. Doing this and submitting via the automatic URL removal system will cause a temporary, 180-day removal of these pages from the Google index, regardless of whether you remove the robots.txt file or meta tags after processing your request."
Going back to the idea of malicious web crawling, the best "what if" analysis comes from Michal Zalewski, back in 2001's Phrack issue article on "The Rise of the Robots" -- nice starting quote! It tries to emphasize that "Others - Internet workers - hundreds of never sleeping, endlessly browsing information crawlers, intelligent agents, search engines... They come to pick this information, and - unknowingly - to attack victims. You can stop one of them, but can't stop them all. You can find out what their orders are, but you can't guess what these orders will be tomorrow, hidden somewhere in the abyss of not yet explored cyberspace. Your private army, close at hand, picking orders you left for them on their way. You exploit them without having to compromise them. They do what they are designed for, and they do their best to accomplish it. Welcome to the new reality, where our A.I. machines can rise against us."
That's a far more serious security issue to keep an eye on, instead of Google's crawlers eating your web site for breakfast.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Shots From the Wild - Terrorism Information Awareness Program Demo Portal
A lot has changed since my last post on "Data mining, terrorism and security", namely NSA's warrantless surveillance efforts. So, in the spirit of a second possible NSA facility, I've decided to post a shot from the TIA's early stages of development obtained though the most detailed, conceptual, and from a developer's point of view description of the program.
There've also been speculations on the severity of NSA wiretapping program compared to the Watergate scenario, while I feel that besides political engineering through infowar, it also occurs relatively more often over a juicy barbecue.
Related resources on Intelligence, NSA, Surveillance, Wiretapping.
There've also been speculations on the severity of NSA wiretapping program compared to the Watergate scenario, while I feel that besides political engineering through infowar, it also occurs relatively more often over a juicy barbecue.
Related resources on Intelligence, NSA, Surveillance, Wiretapping.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Comments (Atom)