Muslim Hackers Assaulting Websites Since Cartoon Controversy Began (updated)

By Andrew Cochran

An article yesterday on Britain's "Computer Shopper" website caught my eye. It discussed the assault of Danish and other Western websites by gangs of Muslim hackers. "Gangs of pro-Muslim computer hackers have unleashed a withering cyber attack on Danish and other websites in the past week, escalating their defacement barrage to coincide with dozens of violent street-level demonstrations across the Arab world in protest at the publication of a cartoon depiction of the Prophet Mohammed. The number of Danish websites alone - those carrying a '.dk' suffix - knocked offline in the past week numbered 578 between 30 January and 6 February, according to Zone-H.org, a cyber-crime observatory that tracks website defacements. Hundreds more websites of European, Israeli and American companies and private citizens have also been defaced during that period, with the vast majority occurring after the re-publication last week of the cartoons in European newspapers."

iDefense is the security intelligence arm of VeriSign, Inc., which operates the systems that manage the ".com" and ".net" domains, handling over 14 billion Web and email look-ups every day (note: VeriSign is a client of the GAGE consulting firm where I am a Vice President). I asked Jim Melnick, iDefense's director of threat intelligence and one of the top experts in the business, what he could tell us about the hacking activity. "All the ingredients are now present for a possible explosion of global hacktivism and retaliation - a warning we put out to our clients on Monday. We've already seen the spike in anti-Danish (.dk) defacements in the last day or so; some Western hackers, having seen the sensitivity of the Muslim world to the cartoons, could retaliate with even more offensive defacements, escalating the crisis still further. The passions of some hacktivists often wear out after they have made their initial point in a few defacements and that could happen here; on the other hand, if long-term boycotts are sustained as part of the protests against the cartoons, ongoing pro-Muslim hacking in support of such efforts also seems likely. The next stage of concern from our standpoint will be to see if hacking against Danish and other European sites now goes to the next level, which would probably be organized denial of service attacks."

This episode is a warning that Muslim extremists are trained, ready, and able to attack websites and networks as one tactic in the larger war against the West.

UPDATE: Another friend in the business who also follows certain terrorist groups and individuals had the following informative and disturbing comments:

"Jim Melnick's comments were definitely worth reading -- thanks for posting them.

I'm also in the computer security business here in the Seattle area. Until recently, most of the computer attacks here originated in China. The past week, I have seen probes originating from Europe and the Middle East. Hacking attempts were made the past three days against the representative office on the West Coast of a major Scandinavian company.

Another side of the story is shocking to me. US companies and institutions either doing without computer security or hiring aliens (sometimes known illegal aliens) to handle computer security.

Majid al-Massari, arrested in Seattle in August, 2004, was in charge of computer security at the University of Washington's School of Nursing. Majid al-Massari is the son of Dr. Muhammad al-Massari, head of the Committee for Defense of Legitimate Rights (CDLR) and the voice of al Qaeda in London. Muhammad al-Massari hosted the websites running "beheading" videos and ran a pro-UBL radio talk show. Majid's stepmother, Lujain al-Iman, established a branch of the Advice and Reformation Committee (ARC), the media wing of al-Qaeda, in the United States. Rita Katz presented sworn testimony and physical evidence that Majid al-Massari used University of Washington servers to assist in the transmission of al Qaeda videos.

Again, Majid al-Massari wasn't just a student with computer access. He was in charge of computer security for the U/W School of Nursing.

Several private companies in the Seattle area have hired illegal aliens from Russia, China and India to run their companies' computer security. These aliens are well qualified, get along well with people and they work hard and cheap. Lost on the managers involved is that they are putting their companies' entire future in hands of people who residing in the USA illegally and may have other agendas. The Indian national named is Muslim and also speaks Farsi and Arabic. He may well be an Iranian traveling on an Indian passport.

One has to wonder about the value of warnings from White Hats like Jim Melnick when these warnings are being sent directly to the fox in charge of the hen house."

TrackBack