The Risks Posed by Jihadist Hackers Hackers by Christopher Heffelfinger by Christopher Heffelfinger

The Risks Posed by Jihadist Hackers Hackers by Christopher Heffelfinger by Christopher Heffelfinger

JULY 2013 . VOL 6 . ISSUE 7 Contents The Risks Posed by Jihadist FEATURE ARTICLE 1 The Risks Posed by Jihadist Hackers Hackers By Christopher Heffelfinger By Christopher Heffelfinger REPORTS 5 Fire as a Weapon in Terrorist Attacks By Joseph W. Pfeifer 8 The Syrian Spillover and Salafist Radicalization in Lebanon By Bilal Y. Saab 12 Anti-Muslim Attacks in Myanmar Threaten Uptick in Regional Violence and Islamist Activism By James Brandon 16 Zaynab’s Guardians: The Emergence of Shi`a Militias in Syria By Christopher Anzalone 21 Al-Qa`ida in the Islamic Maghreb’s Tunisia Strategy By Aaron Y. Zelin, Daveed Gartenstein-Ross and Andrew Lebovich 26 Recent Highlights in Terrorist Activity 28 CTC Sentinel Staff & Contacts he current pool of jihadist hackers. Perhaps as a result, despite hackers (or jihadist hacktivists1) more than seven years of efforts to is youthful, ambitious in its construct and recruit for jihadist hacking goals, and largely lagging attacks via online forums,2 they have yet Tin terms of its technical capabilities. to form a jihadist hacking group that can This is best illustrated by the fact that demonstrably perform effective cyber these hackers have carried out few attacks. effective large-scale attacks to date. About the CTC Sentinel Jihadist hacktivists remain a loosely to There are a range of skillsets, leadership The Combating Terrorism Center is an disorganized set of individual hackers abilities and ideologies among jihadist- independent educational and research who form and disband hacking groups inspired hacktivists, and some institution based in the Department of Social they create, and frequently enter into individual hackers have carried out Sciences at the United States Military Academy, counterproductive rivalries with fellow small- to medium-scale cyber attacks West Point. The CTC Sentinel harnesses against U.S. government and private the Center’s global network of scholars and sector targets, with moderate impact practitioners to understand and confront 1 A hacktivist is a hacker who performs cyber attacks in terms of data loss and exposure. contemporary threats posed by terrorism and for a movement or cause. The U.S. Computer Emergency Those attacks also provided jihadist other forms of political violence. Response Team (US-CERT) includes in their definition of hacktivists with clout and a media hacktivist: “Hacktivists form a small, foreign population platform (often predominately social of politically active hackers that includes individuals and The views expressed in this report are those of groups with anti-U.S. motives,” although the term does not the authors and not of the U.S. Military Academy, explicitly connote an anti-American agenda. For the US- 2 Calls for jihadist hacking units and electronic mujahidin the Department of the Army, or any other agency of the U.S. Government. CERT definition, see “Cyber Threat Source Descriptions,” armies have been circulating in al-Qa`ida magazines since U.S. Department of Homeland Security, May 2005. late 2005. 1 JULY 2013 . VOL 6. ISSUE 7 media) from which to promote their While jihadist-themed cyber attacks 15-years-old, after “watching videos of message. The range of ideological have been modest and often rudimentary children getting killed in countries like beliefs among jihadist-inspired hackers over the past decade, the advancement Kashmir and Palestine.”6 He described is varied; some hacking groups embrace and ambitions of certain jihadist his actions on behalf of TeaMp0isoN as hard line militant Islamist imagery and hacking groups, individual hacktivists “internet guerrilla warfare.”7 messaging (such as that of al-Qa`ida), and proponents of cyber jihad over the while concurrently incorporating the past one to two years give some cause for Hussain was sentenced on July 27, imagery, ethos and slogans of secular concern in this area, particularly as those 2012, to six months imprisonment hacking collectives such as Anonymous adversaries are growing more adept at after he pleaded guilty in a London into the informational aspects of their identifying vulnerabilities in U.S. and court to conspiring to commit a public cyber attack campaigns. other government targets, as well as nuisance between January 1, 2010, those in the private sector. Clearly, the This article evaluates existing jihadist damage caused by jihadist cyber attacks “Although cyber attacks cyber attack capabilities, offers a pales in comparison to those under case study on a leading pro-jihadist state sponsorship (prominent cases are becoming a more hacktivist, and examines the rise of the latter include Stuxnet in Iran, common and desirable in interest in cyber attacks among the highly destructive Saudi Aramco proponents of jihadist activism malware attack, operations conducted means of furthering the generally. It finds that although cyber by the Syrian Electronic Army, and global jihadist agenda, attacks are becoming a more common various data breaches performed by the and desirable means of furthering Chinese People’s Liberation Army Unit the overall impact and the global jihadist agenda, the overall 61398, among others). Jihadist cyber sophistication of jihadist impact and sophistication of jihadist attacks also trail those of better known hacktivists’ attacks have been relatively hacktivist groups such as Anonymous hacktivists’ attacks have low and will likely remain as such in the or LulzSec, both in terms of the volume been relatively low and will near term. of attacks, sophistication, and impact. Yet the prospect of jihadists conducting likely remain as such in the Evaluating Existing Jihadist Cyber Attack a high impact cyber attack—such near term.” Capabilities as one against an industrial control In comparison to hackers and hacking system (ICS) target or a series of high groups sponsored or controlled by state profile financial attacks—should not be actors, jihadist hacktivists are clearly dismissed. and April 14, 2012, and “causing behind in terms of the impact of their a computer to perform a function attacks, their diminished technical Junaid Hussain (aka TriCk): Pro-Jihadist to secure unauthorized access to skillset, and their overall weak Hacktivist, Cyber Criminal a program or data” under the UK organizational and recruitment abilities. One prominent jihadist-inspired Computer Misuse Act.8 A resident of Their hacking activities frequently hacktivist was Junaid Hussain. Born Birmingham, England, Hussain had include website defacements (usually in 1994, Hussain founded the hacking turned 18 shortly before the trial date in against poorly secured websites), group TeaMp0isoN. Between the ages late June 2012.9 His initial arrest—after wherein the attackers leave antagonistic of 13-17, Hussain was a highly active years of maintaining his anonymity as imagery and comments on the victimized hacker using the online moniker a teenage hacker—was prompted by websites.3 Yet the activities of some “TriCk.” Between 2010 and 2012, he a phone-based hack and concurrent jihadist hacktivists indicate there is a targeted NATO, officials and agencies of telephonic denial-of-service (DoS) gradual sophistication of attack modes the UK government and a United States attack targeting the Anti-Terrorist and intended attack impacts, occurring emergency response call line, among Hotline of the Metropolitan Police alongside a growing contingent of young others, carrying out cyber attacks that Service (MPS) on April 10-11, 2012.10 jihadist enthusiasts who see cyber were typically loosely jihadist-themed attacks as an increasingly effective and and promoting the liberation of Muslims 6 Eduard Kovacs, “Hackers Around the World: It’s No relatively easy way to contribute to the in Palestine, Kashmir and other Muslim- TriCk, He’s Among the Best in the UK,” Softpedia, Feb- liberation or support of “oppressed” majority conflict zones. Hussain’s ruary 18, 2012. Muslims around the globe, which can attacks also included the publication of 7 Ibid. frequently fall under the designation of personally identifiable information on 8 Caroline Grant, “Hacker’s Facing Jail Over Blair Email “cyber terrorism.”4 the leadership of the English Defense Raid,” The Sun, June 30, 2012. League (EDL), an “anti-Islamist 9 Tammy Hughes, “‘Team Poison’ Hacker, 18, who Pub- 3 Such imagery typically includes the attacking group’s extremism” group, in April 2011, and the lished Tony Blair’s Address Book Online Faces Jail,” logo and/or a satire of the victim’s logo, or statements theft of hundreds of Israeli credit card Daily Mail, June 30, 2012. criticizing the victim’s security. holders’ data as part of “Operation Free 10 On the evening of April 12, 2012, TriCk and another 5 4 There is often a thin line between cyberterrorism and Palestine” in November 2011. He stated teenager aged 16 (who was later released on bail after online activism for humanitarian or social causes. As with that he became political when he was police said they did not believe him to be a member of kinetic activities, however, terrorism is distinguished by TeaMp0isoN) were arrested by police at a residence in causing harm to another person or their property in the 5 Hannah Furness, “Team Poison: Profile of the Hack- Birmingham, in West Midlands. See “Two Arrested Af- act of conveying a message, or political agenda. ers,” Telegraph, April 12, 2012. ter Hackers Attacked Anti-Terror Hotline,” Telegraph, 2 JULY 2013 . VOL 6. ISSUE 7 Following Hussain’s arrest, his he and other TeaMp0isoN members That attack also demonstrated an ability previous hacking activities

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    28 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us