Cyber Terrorism Communications and Propaganda

Further expanding the previous discussion on Tracking Down Internet Terrorist Propaganda, and patterns of Arabic Extremist Group Forum Messages' Characteristics, there've also been some recent developments on Hezbollah's never-ending use of U.S hosting companies as a media/communication/fund raising/recruitment/propaganda platform:

"Hezbollah used the Broadwing Communications fiber-optic network to deliver its Al-Manar web site to the world last week after finding a weakness in a Broadwing customer's connection. When that happened, Hezbollah television's web site was suddenly hosted, of all places, in Texas. When Broadwing discovered what had happened, they cut the T1 connection to their customer until the customer resolved the problems on its end, and the Al-Manar site disappeared back into the ether—only to pop up a few hours later on a server in India. Hezbollah's tactics are laid out in a brief Time article that also discusses the people trying to shut Hezbollah down. And it's not the people you might think. Those in the war and security business are no doubt involved, but some of the work is done by amateurs, as well. Volunteers from the Society for Internet Research track jihadi websites and tactics across the Internet, then alert domain registrars and web hosting companies to the presence of potentially illegal material on their servers."

Al Manar TV has long been known for delivering Hezbollah's PSYOPS through constantly relocating its stream, but information warfare capable enemies seem to be able to hijack the signal as it recently happened. Moreover, according to Haganah's most recent Table of American Internet Service Providers of Hezbollah -- detailed analyses -- Register.com remains a popular choice.

Cyber terrorism is a complex and often misunderstood term that originally emerged as the direct effect of Techno Imperialism sentiments, and, of course, the balancing power of the Internet when it comes to cyber warfare capabilities. In another great research Cyber Terrorism: A Study of the Extent of Coverage in Computer Security Textbooks, the author summarized the most commonly encountered Cyber Terrorism categories and keywords, and discussed the different explanations of the term. As for Cyber terrorism, the first issue that comes to the mind of the average expert are the SCADA systems whose IP based connectivity remains a growing concern for governments utilizing these. Which is exactly the least issue to worry about, today's Cyber terrorism is still maturing, tomorrow's Cyber terrorism will be taking advantage of cyber warfare capabilities on demand or through direct recruitment/blackmailing practices of individuals capable of delivering them. Here's a neat table representing the maturity/evolution of Cyber terrorism.

For the time being, propaganda and recruitment are so far the most indirect and popular practices, whereas the concept itself is truly maturing thus becoming even more evident. Thankfully, various researchers are already actively combining AI and various web crawling approaches while analyzing the presence of terrorists on the web -- and here's a good starting point.

Related resources and posts:
Cyber Terrorism
Hacktivism
Information Warfare
Cyberterrorism - don't stereotype and it's there!
Cyberterrorism - recent developments
The Current, Emerging, and Future State of Hacktivism
Terrorist Social Network Analysis
Hacktivism Tensions - Israel vs Palestine Cyberwars

Virus Outbreak Response Time

In a previous posts I discussed various trends related to malware families, and mentioned CipherTrust's Real Time PC Zombie Statistics. You might also be interested in IronPort's Virus Outbreak Response Times for the last 24 hours which currently tracks, IronPort themselves, Sophos, Trend Micro, Symantec, and McAfee. Although vendor's bias often exist, let's just say that self-serving statements can easily be verified by doing a little research on your own -- it doesn't cost a fortune to run a geographically diverse honeyfarm. However, what bothers me is the vendors' constant claims on exchanging malware samples for the sake of keeping the E in front of E-Commerce, whereas response time "achievements" often get converted into marketing benchmarks to be achieved. Protecting against known malware is far more complex than it seems, and it is often arguable whether zero day malware, or known malware has the highest impact when infecting both, corporate, and home PCs. Basically you have powerful end users getting themselves infected with months old malware and later on collectively becoming capable of causing damage on a network that's already aiming at achieving the proactive protection level. Ironic isn't it? If detailed statistics truly matter, VirusTotal has the potential to dominate the analysts community without bias.

Response times used to matter once, now it's all up to proactive protection approaches, and, of course, revenue generation from both sides. Moreover, sometimes even a signature based approach doesn't work, especially when it comes to packet based or web application based malware. Avoid the signatures hype and start rethinking the concept of malware on demand, open source malware, and the growing trend of malicious software to disable an anti virus scanner, or its ability to actually obtain the latest signatures available.

At the bottom line, achieving ROSI when it comes to false malware positives is yet another growing concern for the majority of enterprises wisely spending their security dollars.

U.S Air Force on MySpace

Seems like the U.S Air Force is joining MySpace:

"The Air Force profile will show users five video clips that the Recruiting Service says gives them “a behind-the-scenes look at the extraordinary things airmen accomplish every day,” according to a press release. Users will be able to view longer videos of airmen as they fly jets, call in air strikes, navigate satellites and jump out of airplanes, the service said. They also can vote on which commercial will kick off the Air Force’s new “Do Something Amazing” advertising campaign, scheduled for Sept. 18 during the FOX network’s “Prison Break” television show."

It's like using a Yahoo Group mailing list to break the ice and keep it teen-friendly. Now, teens all over the U.S know which buddy to avoid. I'm sure Privacy advocates will pick this up shortly, given "someone" isn't already data mining MySpace profiles for targeted propositions -- of course they are.

North Korea's Strategic Developments and Financial Operations

Catching up with the latest developments at the hottest -- at least from a national security point of view -- zone in Asia. North Korea seems to be taking external provocations rather seriously, and feeling endangered for the colapse of its regime is actively working on its nuclear test sites development, disinformation in between for sure. According to a recent article at Reuters, North Korea may be preparing nuclear bomb test :

"ABC reported the activity at the suspected test site included the unloading of large reels of cable outside an underground facility called Pungyee-yok in northeast North Korea. It said cables can be used in nuclear testing to connect an underground test site to outside observation equipment. The intelligence was brought to the attention of the White House last week, the report said. Fears about North Korea's nuclear ambitions were exacerbated when Pyongyang defied international warnings and fired seven missiles into waters east of the Korean peninsula on July 5."

Excluding an opinionated Weapons of Mass Deception expert's interest in developments like these, speculations remain a powerful driving force for everyone involved. Consider a basic principle in life, it is often assumed that gathering together a bunch of handicapped people is the best solution for their "fragile" situation, compared to actually trying to integrate instead of isolate them. I find the same issue as the cornerstone when dealing with countries on purposely isolating themsleves, thus limiting the international accountability and ensuring the continuity of the twisted reality.

Meanwhile, the U.S is actively working on closing down North Korean bank accounts, and worsening its relations with major financial institutions worldwide, in reseponse to which North Korea is diversifying and openning accounts at 23 banks in 10 countries :

"North Korea has opened accounts at 23 banks in 10 countries following the U.S. imposition of financial sanctions on a bank in Macau last year, a Japanese newspaper reported Saturday. The Sankei Shimbun said on its Web site the 10 countries include Vietnam, Mongolia and Russia, quoting sources familiar with North Korean affairs. In September, the United States banned all American financial institutions from transacting with a Macau-based bank, Banco Delta Asia, accusing it of aiding North Korea in circulation of counterfeit U.S. dollars allegedly printed in the communist state. The U.S. also confirmed last month that the Bank of China, a major Chinese lender, had frozen all of its North Korean accounts suspected of being connected with the North's alleged counterfeiting activities."

And while China is realizing its growing economic potential, thus complying with such efforts as well, helping the enemies of your enemies still remain a fashionable concept in the silent war.

Related resources and posts:
Satellite Imagery of Pre-Launch and Post-Launch at the Taepodong Launch Facility and Affected Vegetation
A-Bomb North Korean Propaganda
North Korea - Turn On the Lights, Please
Japan's Reliance on U.S Spy Satellites and Early Warning Missile Systems
Open Source North Korean IMINT Reloaded
North Korea's Cyber Warfare Unit 121