• United States



First Major Al-Qa’eda Malware Release Wreaks (Reeks) Havoc

Feb 27, 20113 mins
Business ContinuityData and Information SecurityIdentity Management Solutions

Al-Qa’eda recently released its first major distributed denial of service (DDoS) attack against Western interests, primarily in the U.S.  The attack only lasted for 7 hours and 47 minutes but it was highly lethal. The attack clogged networks at major institutions, corporate entities and government organizations during regular business hours since the attack was scheduled to engage the general user community at 8AM Eastern Standard Time and last the full work day based upon the largest population centers along the East coast. The sheer uniqueness of the event is being chronicled as the first of its kind. Major security vendors are scrambling to create signatures to prevent further outbreaks.

It has been long since rumored that Al-Qa’eda was working on the capabilities to launch cyber warfare style attacks.  What makes this attack highly unusual is not necessarily the payload; it is the inclusion of human social engineering methods into a technical attack.  It demonstrated the in depth understanding Al-Qa’eda has of Western social mores worrying experts across the nation.  This is one of the key factors that major security vendor’s face; the inclusion of human social networking factors where mere signatures, anomaly detection and blacklisting don’t work. To this point, the major security vendors have been mute on the subject since none of their current solutions can solve the problem. One vendor, known for naming every such malware outbreak or hacking attack, call the event:  Vento Swine

The attack was discovered relatively quickly but the immense number of everyday users and workers saturated networks to the point that normal day-to-day communications where slowed to the point of gridlock.  Security operations centers had to resort to land line telephone systems to communicate since the major carriers of 3G and 4G networks were also buried with the DDoS attack.  Details of the attack are expertly covered via this YouTube report.   The attack played on Americans soft spot for small animals which was the key to the human aspects of the payload. Social psychologists have been brought in to analyze the psyops aspects of the malware release.

The code from the attack looks to have come from previously distributed open source malware. Informed sources choosing not to be named indicated that source code from the Low Orbit Ion Cannon and from reversed engineered anti-virus engines and signatures combined with marketing campaign engines from some of the major celebrity news websites was combined in to create the majority of the malware.  One unnamed security vendor executive stated that “al-keye-dah used an elaborate mix of social engineering techniques but the methods and tools were kludged together into a rather unsophisticated package.”  “It is an everyday reality that Americans will follow human interest stories laced tragedy,” stated the security vendor executive and discoverer of Vento Swine.