e-Jihad against Western Business
by Giles Trendle
This article originally appeared on IT-Director.com on April 5th 2002.
Republished with permission of author.
Other recent articles by Giles Trendle:
One of the many lessons from the September 11th attacks on the twin towers of the World Trade Centre in New York is that the business world must now see itself as a direct target. Small groups such as Al-Qaeda, which probe for the vulnerabilities in their conventionally more powerful enemy, may have concluded that the Internet economy represents the soft underbelly of Western (read US) political and military dominance in the world. Cyberwar may well offer a new potential for devastating attack - and that should be of serious concern to the business community.
Cyberwar - information warfare waged over the Internet - involves disseminating information via websites or e-mail to raise awareness, mobilise support and create global networks. It can also involve infiltrating and disrupting an enemy‘s computer networks and databases, often with the use of weapons such as viruses, worms and Trojan horses.
Cyberwar comes under under what military theorists increasingly refer to as asymmetric warfare, whereby unconventional tactics are used by smaller players to offset their military weaknesses. Like a classic guerrilla struggle, which is a conflict of the weak against the strong, cyberwar can enable an individual to damage the computer system of a government or ‘down‘ the website of a multinational corporation. The weapon of choice can be nothing more than a laptop computer wired to the Internet.
"As information technology comes to rule every part of our life, it is no longer necessary to have rockets to destroy an electrical facility," explained Faris Muhammad Al-Masri, founder of UNITY (www.ummah.net/unity), a website with an Islamic ideology. "Instead, penetrating the enemy‘s networks and planting your code will get a better result."
In cyberwar, an individual can target the chink in the armour of modern technology: that no computer system is totally invulnerable to attack from a talented and determined ‘black-hat‘ hacker (or cracker). It is a form of warfare that can be conducted remotely and anonymously.
Experts believe that many of the viruses and worms created by such hackers could infect systems worldwide. There are also fears that malevolent bugs could cross over to mobile phones and personal digital assistants. Other possible scenarios include cyber-attacks on the websites and databases of Western businesses, on the Internet route-server infrastructure itself, as well as on public utility networks involving, for example, the tampering with electrical grids, shutting down telephone systems, paralyzing banking systems, and rendering air traffic control systems inoperable.
The risk of such scenarios increases with the prospect of a new Arab-Israeli cyberwar, which many in the Middle East feel is imminent. "The Arab-Israeli cyberwar is going to take on greater magnitude," commented Dr Limore Yagil, an Israeli professor and author of a newly-published book entitled Maximum Alert: Terrorism and the Internet. "And I think European and American firms will increasingly be attacked by hackers."
The Arab-Israeli cyberwar first erupted in 2000 when a group of Israeli hackers crippled the prime website of the Hezballah group in Lebanon (www.hizbollah.org) by encouraging Israeli supporters to ‘bomb‘ the site with automated floods of e-mail. Hezballah retaliated by rallying Arab supporters for a counter-attack which soon downed the main Israeli government website and the Israeli Foreign Ministry site. Tit-for-tat attacks continued for some months, with website defacements and denial of service attacks effectively shutting down websites. The cyberwar eventually subsided to a low level of intensity. But now many of those at the cyber-front believe a new outbreak of online hostilities is likely.
"Currently there‘s only a little hacking activity related to the Arab-Israeli war," explained Ehud Tenenbaum, an Israeli hacker who gained notoriety in 1998 when, at the age of eighteen, he broke into the US Pentagon computer. "But I believe the war is going to start up again in a big way." Today Tenenbaum is Founder and Chief Technology Officer of 2XS (www.2xsscom), a company which is installing security systems to protect Israeli sites from future attacks.
Across the border in an office of Al-Manar TV station belonging to Lebanon‘s Hezballah, Ali Ayoub, the webmaster for Hezballah‘s eleven websites, also predicts a second Arab-Israeli cyberwar. "I think a new cyberwar is coming," said Ayoub, "We publish pictures of massacres by Israel so that people can see what‘s happening. That‘s why they‘re trying to shut down our sites."
Ayoub claims that Hezballah uses the Internet only as an "information resource" in its propaganda struggle against Israel. This is an effort to turn the balance of information and knowledge in its favour, given that the balance of conventional military forces is not. Ayoub conceded, however, that Hezballah may be "missing an opportunity" by focusing solely on propaganda cyberwar.
Hezballah clearly recognises the importance of being online. The group recently set up its own private server after Inconet, the American company that previously hosted the Hezballah sites, closed the group‘s account saying it was a terrorist organisation. In another indicator, Hezballah‘s political council recently created the new post of Internet head to upgrade content on all the party‘s sites and add a Hebrew version to those in Arabic and English.
Hezballah is today an officially recognised political party within the Lebanese political system. Yet the Arab-Israeli cyberwar includes shadowy groups - or individuals - on both sides operating furtively in the virtual world. Programmers and designers on the Arab side appear most ready to create their own websites - some with no qualms about justifying hack attacks.
UNITY founder Al-Masri, for example, outlines a strategy to cripple Israeli government, military and business sites and so burden the country with lost business, costly repairs and diverted manpower. "Phase one of our objective consists of disabling official Israeli government sites," explained Al-Masri, in an e-mail interview, "phase two focuses on crashing financial sites such as those belonging to Israel‘s Stock Exchange and central bank; phase three involves knocking out the main Israeli ISP servers; and phase four consists of blitzing major Israeli e-commerce sites to cause the loss of hundreds of online transactions."
Israel is one of the most computer-literate societies in the world, with an estimated 1.1 million Internet hook-ups - more than in all 22 Arab countries combined. Yet this apparent advantage also offers more targets which are more vulnerable to attack. "Their side has almost nothing to lose from this war," explained Tenenbaum, "while our side has a lot to lose because the Israeli economy is based on Internet companies."
During the first Arab-Israeli cyberwar, UNITY‘s team of hackers - calling themselves the Iron Guards - was involved in downing Israeli Internet service providers and attacking Israeli e-commerce sites. These attacks caused an eight percent dip in the Israeli Stock Exchange according to the Israeli Internet Underground, a coalition of anonymous online activists from various Israeli technology companies who monitor the cyberwar.
That sort of damage should send warning signals to Western businesses, especially given that it was not just Israeli sites which came under attack during the first Arab-Israeli cyberwar. The website of Lucent Technologies, a U.S. company that does extensive high-tech business with Israel, came under attack from Arab hackers. Lucent security workers were reportedly able to repel the attack before it could have an impact. In another example, when the Israeli army enlisted the US-based AT&T corporation to host its site after it was downed by Arab hackers, e-mails soon began circulating among Arabs urging the boycott of AT&T for its support of Israel.
UNITY has compiled a list of U.S. corporations which it claims "deal with or support Zionists" and calls on its supporters to start a boycotting campaign against them. Such a list indicates that an escalation of hacking attacks on Western companies - targeted for any actual or suspected business links with Israel - is a conceivable next step.
"Let‘s say someone is fighting me," Al-Masri explained. "What am I to think of the person who gives my enemy another weapon? Western companies should be clear on the consequences of their strategies. They must understand that winning business from Zionist companies may mean losing more business by being targeted in a cyberwar. For the future, all options are open."
Many Arabs, and pro-Arab sympathisers, make a connection between the global Internet economy driven by the US and the annual provision by the US of over $3 billion in financial aid to Israel. They see this aid as contributing towards Israel‘s continued military presence in the Palestinian ‘occupied territories‘. They conclude that the business world is a valid target of attack.
In this way, a new outbreak of Arab-Israeli cyberwar raises the possibility of the conflict spreading beyond the borders of the Middle East. The ramifications could be far greater than when, in 1973, Arab-Israeli war sparked a petrol crisis in the West. Moreover, potential fall-out from any serious attack on the Internet infrastructure could be far more extensive than the loss of profits, bankruptcies, investor jitters, lay-offs and shrivelled job market associated with the recent dotcom bust and recession.
While some commentators believe the threats of cyberwar are overstated, the United States administration is taking no chances. Last year President George Bush named Richard Clarke as special White House advisor for cyberspace security. At a keynote speech in February Clarke painted a stark picture of the nation‘s IT vulnerabilities, portraying the IT industry as complacent and in danger of falling into the same trap that aviation officials were lured into that led to the September 11th attacks.
Cyberwar may be less bloody but it is potentially highly destructive with far-reaching effects. Whether the hacktivists on either side are labelled as terrorists or freedom fighters, their online warfare looks set to become a key part of today‘s era of connectivity and globalisation.
Businesses first need to fully recognise the nature of the cyberwar threat, and its mind-boggling scope. And businesses must understand that in such a war without frontiers, they are just as much a target - and indeed are perceived as a valid target by would-be perpetrators of attacks.
Whether it‘s Al-Qaeda or anyone else, the exponents of asymmetric warfare move with stealth and often go undetected until it‘s too late. They manage to strike by exploiting the flaws they have identified in information systems. Their surprise attacks benefit from complacent minds, illusions of invulnerability and by creating a paralysing fear and sense of fatalism.
original version on IT-Director.com