Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3309 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Ethical Hacking and Countermeasures Version6 Module XLIII Cyber Warfare- Hacking Al-Qaida and Terrorism Ethical Hacking and Countermeasures v6 Module XLIII: Cyber Warfare-Hacking Al-Qaeda and Terrorism Exam 312-50 Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3310 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News Source: http://www.informationweek.com  News According to a news published on informationweek on November 1, 2007, one Israeli web sitemap warned its readers that Al-Qaida’s hackers would, on November 11 th, start an attack on Western, Jewish, Israeli, Muslim apostate, and Shiite websites. “Al-Qaeda is planning a cyber attack against intelligence agencies' tactics, which not only detects terrorist sites but also destroys them immediately after they appear,” reported DEBKAfile, a news site based in Israel. It is believed that the attacks were based on DDoS (Distributed Denial of Service). Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3311 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News Source: http://www.news.com/  News According to the released statement of New Zealand’s Prime Minister Helen Clark, there was no loss of data and she believed that foreign-government spies were responsible for this cyber attack, and that she did not want to name them. But according to Warren Tucker, New Zealand's Security Intelligence Service Director, the report says that the Chinese government was responsible for the attacks for it has done some spying activities previously. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3312 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited News Source: http://www.wired.com /  News Jon Messner, a Maryland hacker who was responsible for the domain hijacking of Al-Qaida's website, used simple tools such as Whois and traceroute along with online translation software and an anti-cybersquatting service. According to Messner, Al Neda official Internet headquarters of Al-Qaida changed its ownership from an ISP in Malaysia and established itself on a different server since last March 2001. Since the hijacking, Messner considers himself to be the owner of www.alneda.com. Al-Qaida leaders posted messages on Al Neda websites that were meant for some actions and justifications of the terrorists’ activities; it also has multimedia sections that contain pictures, audio, and video files of Osama bin Laden. This site also contains post with coded signal messages. According to Messner, the United States government demanded that Al-Qaida take down www.alneda.com from the server farm in Kuala Lumpur. After Al-Qaida removed Al Neda from its site, Messner became responsible for he was the owner of Al Neda website. According to Messner’s assumption, Al-Qaida's website will be on www.drasat.com, which is owned by Ali Al- Ali of Saudi Arabia. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3313 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Objective • Cyber Terrorism Over Internet • Cyber-Warfare Attacks • Al-Qaeda • Why Terrorists Use Cyber Techniques • Cyber Support to Terrorist Operations • Cyber Threat to the Military • Electronic Jihad This module will familiarize you with: Module Objective This module will familiarize you with:  Cyber Terrorism Over Internet  Cyber-Warfare Attacks  Al-Qaeda  Why Terrorists Use Cyber Techniques  Cyber Support to Terrorist Operations  Cyber Threat to the Military  Electronic Jihad Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3314 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Module Flow Cyber Terrorism Over Internet Al-Qaeda Cyber-Warfare Attacks Cyber Support to Terrorist Operations Cyber Threat to the Military Electronic Jihad Why Terrorists Use Cyber Techniques Module Flow Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3315 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Cyber Terrorism Over Internet According to http://www.cybercrimes.net/Terrorism, FBI defined Cyber terrorism as “the use of computing resources against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives” Cyber-terrorism is the leveraging of a target's computer and information technology, particularly via the Internet, to cause physical, real-world harm,or severe disruption Cyerb terrorism can weaken countries economy; by doing this it can strip the country of its resources and make it more vulnerable to military attack  Cyber Terrorism over Internet According to http://www.cybercrimes.net/terrorism, the FBI defined cyber terrorism as “the use of computing resources against persons or property to intimidate or coerce a government, the civilian population, or any segment thereof, in furtherance of political or social objectives”. According to http://www.naavi.org/pati/pati_cybercrimes_dec03.htm, Cyber terrorism and cyber crime are criminal acts; however, there is a compelling need to distinguish both these crimes. A cyber crime is generally a domestic issue, which may have international consequences; whereas cyber terrorism is a global concern, which has domestic as well as international consequences. The common forms of these terrorist attacks on the Internet are distributed denial of service attacks, hate websites and hate emails, attacks on sensitive computer networks, etc. Technology savvy terrorists are using 512-bit encryption, which is impossible to decrypt. The recent examples may be cited such as Osama Bin Laden, the LTTE, and attack on America’s army deployment system during Iraq war. A terrorist means a person who indulges in wanton killing of persons or in violence or in disruption of services or means of communications essential to the community or in damaging property with the view to: 1) Engross fear in the minds of public or any section of the public; or 2) Affect the harmony between different religious, racial, language, or regional groups or castes or communities adversely; or 3) Coerce the government established by law; or 4) Endanger the sovereignty and integrity of the nation. Cyber terrorist is the person who uses the computer system as a means to achieve the above objectives. Every act done in pursuance is an act of cyber terrorism. Cyber terrorism includes a number of crimes, such as:  Terrorists disrupt the Internet communication between the banks, or other financial company, or share markets.  Terrorists can also hack the important medical formula and may change it, by inserting some danger chemicals into that formula. This may cause disaster and kill thousands of people. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3316 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.  Terrorists communicate with other terrorists over the Internet and sell drugs or guns to other parties via Internet; interferes with the nation’s air traffic control system or train system, and overrides the railroad signal that causes crashing of trains, and blocks the communication that affects the commercial disruption. With the help of cyber terrorism, three types of attacks can be carried out:  Physical Attack: It involves making use of conventional weapons to destroy computer facility or its transmission lines.  Electronic Attack (EA): It involves making use of electromagnetic energy such as an Electromagnetic Pulse (EMP) to overload computer circuitry, and this is carried out by inserting malicious digital code directly into the target’s microwave radio transmission.  Computer Network Attack (CNA): CNA attacks are carried by making use of malicious code for infecting target computer to exploit the weakness found in victim’s software, system configuration, or computer security practices. CNA attacks can also be used to steal critical information to enter the restricted area. Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3317 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Cyber-Warfare Attacks Computer virus, logic bombs, and Trojan horse attacks • It is the use of electronic information and communication devices such as e-mail, instant messaging, text messages, blogs, mobile phones, pagers, instant messages, and defamatory websites to bully or harass the others Cyber Bullying • It is the use of the Internet or other electronic means to stalk someone • It is used with online harassment and online abuse Cyber Stalking EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Cyber-Warfare Attacks (cont’d) • Attacks that deface WebPages, or denial-of-service attacks Web vandalism: • Political messages can be spread through or to anyone by accessing Internet Propaganda: • Classified information that is not handled securely can be intercepted and even modified, making espionage possible from other side of the world Gathering data: EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Cyber-Warfare Attacks (cont’d) • Large numbers of computers in one country launch a DoS attack against systems in another country Distributed Denial-of-Service Attacks: • Military activities that use computers and satellites for co-ordination are at risk from this type of attack, putting soldiers at risk Equipment disruption: • Power, water, fuel, communications, commercial, and transportation are all vulnerable to a cyber attack Attacking critical infrastructure: Ethical Hacking and Countermeasures v6 Exam 312-50 Certified Ethical Hacker Cyber Warfare-Hacking Al-Qaida and Terrorism Module XLIII Page | 3318 Ethical Hacking and Countermeasures v6 Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited.  Cyber-Warfare Attacks Cyber-warfare attacks include computer virus, logic bombs, and Trojan horse attacks.  Cyber Bullying: Cyber bullying involves persistent or continual harm to the victim; it is done through an electronic text medium. It uses electronic information and communication devices such as text messages, email, blogs, mobile phones, instant messages, and offensive websites to bully or trouble others.  Cyber Stalking: It is carried out by using the Internet and other electronic means to track people. It can also be referred to as online harassment and online abuse. Cyberstalkers use the following to abuse and gather information from the target victims:  Bulletin boards  Chat rooms  Electronic viruses  Unsolicited emails  Spyware  Online forums  Spam Listed below are methods of attacks in cyber-warfare:  Web vandalism: Attacks that destroy web pages or cause denial-of-service attacks  Propaganda: Messages related to political issues can be spread through or to anyone by accessing Internet  Gathering data: Information can be intercepted and modified, making it possible for other countries to spy  Distributed Denial-of-Service Attacks: A large number of computers can instigate a DoS attack on different systems through distributed denial-of-service attacks  Equipment disruption: Military activities are at a higher risk; they use these kind of systems and satellites to communicate with each other  Attacking critical infrastructure: Cyber warfare mainly affects power, water, fuel, communications, commercial, and transportation