“Electronic Jihad” – Not November, But Never?

 Over the weekend, The US CERT and the Multi-State Information Sharing and Analysis Center had the fifty states on guard for a potential “Electronic Jihad.” It didn’t happen. But Never? Be Careful.

 Many websites and articles were written over the past few weeks regarding potential cyber terrorism on Sunday, November 11, 2007.   

Here’s one report: Cyber Jihad Set for Nov. 11

Here’s an excerpt: “The attack was reported by DEBKAfile, an online military intelligence magazine. Citing anonymous ‘counter-terror sources,’ DEBKAfile said it had intercepted an Oct. 29 ‘Internet announcement,’ calling for a volunteer-run online attack against 15 targeted sites, set to begin Nov. 11. The operation is supposed to expand after its launch date until ‘hundreds of thousands of Islamist hackers are in action against untold numbers of anti-Muslim sites,’ the magazine reported.”

Other articles such as “Electronic Jihad” 2.0 Set to “Take Down the Web” on November 11, speculated about the technical ability of hackers to get this done.

Here’s a quote: “Henry said they have the wherewithal but, ‘it remains to be seen if they have enough people willing to use the software and if they’re able to create enough bandwidth to create any havoc for those sites that are targeted.’ “

I agree with the sentiment of many blogs which claim that web attacks happen every day, and this is really nothing new.    

Some articles written on the Monday after reiterated the lack of any real news. ‘Electronic Jihad’ fails to threaten, again

 A few quotes from that one: “Well, so far we haven’t seen any activity,” said Mikko Hyppönen, director of research for F-Secure, said on the company’s blog. “And we’re not holding our breath either.”

However, I disagree with Marcus Sachs, director of ISC, who reportedly said in the same article, “The odds of a terrorist group ‘terrorizing’ the Internet with cyber bullets and e-bombs are about as small as the odds of the Morse Code coming back as a primary means of communication, “It’s not zero, but it’s also not much more than zero.”

Those kind of statements have a way of backfiring – like taunting an opposing football team before the big game. Even if their ability is weak, statements like “the odds are … not much more than zero” can actually have the opposite effect and motivate people to act in scary ways. 

Not only that, but we never know what the future holds, especially in this cyber field. My biggest concern is that bad guys with money hook up with other bad guys who have the ability. See my previous blog: Hacktivists Working With Parents, A Scary New Reality 

One other comment: if there is ever a major terrorist attack like this, I doubt that we’ll be reading and speculating about it in blogs several weeks prior to the attack. That certainly didn’t happen on September 11, 2001.