Be careful, but don’t lose sleep over al Qaeda hack alert, say experts

A federal government warning of possible al Qaeda attacks on financial websites is no cause for panic, a leading security researcher told this morning.

Johannes Ullrich, chief research officer of the SANS Institute, said the threat - which called for attacks to run through December in retaliation for the United States holding terrorism suspects at Guantanamo Bay naval base in Cuba - was posted on a Jihad forum largely populated by "kiddie hackers."

"I read over that forum where it was posted and the message basically asks everyone to attack the U.S. but it doesn't provide any specifics on how to do it," Ullrich said. "It's just basically one kid making a suggestion, an inspiration, and doesn't tell people how to do it. I wouldn't put much stake in that."

He said the threat, religious in tone and making references to prisoner treatment at Guantanamo Bay, attempts to encourage members of the Islamic militant group to launch DoS attacks against U.S. financial websites.

Ullrich said financial organizations should always remain guarded against possible attacks from any type of hacker, but there is no need to panic over this news.

"Russian spammers have much more firepower than al Qaeda could ever get because they're much more technologically sophisticated," he said.

Jose Nazario, senior security and software engineer at Arbor Networks, told today that al Qaeda members historically have been much more concerned with inflicting physical harm.

"Al Qaeda uses the internet to communicate but seems much more interested in physical attacks," he said.

Nazario added that many financial organizations are constantly battling armies of botnets and seem well positioned to offset a terrorist cyberattack.

"These guys are so well protected because it's core to their business," he said. "They see these attacks constantly and they're able to fend them off very handily."

But Ted Julian, vice president of marketing and strategy at Application Security, said the forum threat is not so much a precursor of an imminent attack as it is a sign terrorists are beginning to look at cybercrime as a way to accomplish goals.

"It's a wake-up call," he said. "You have to consider this as a source of attacks as well, not just in the theoretical sense. At this point, the clock is ticking. It's just a matter of time."

According to media reports, the US-CERT (the U.S. Computer Emergency Readiness Team) has issued "a situational awareness report to industry stakeholders," Department of Homeland Security spokesman Russ Knocke said.

Click here to email Dan Kaplan.


Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.