An al Qaeda-linked website, apparently based in the United States, is distributing formidable encryption software – a sign that the group could be improving other technological capabilities, researchers have warned. Paul Henry, vice president of technology evangelism at Secure Computing, told SCMagazineUS.com today that the most alarming aspect of the website is that it is hosted in the United States.
Although extremist groups largely use outdated software to communicate via the web, a website is disseminating "Mujahideen Secrets 2," a mainstream encryption program, according to researchers at Secure Computing, an enterprise security vendor.
“[The website] went forward to note that the new version improved upon a weak key issue and also offered a higher level of encryption,” he said. “What really shook me on this was when we did a simple WHOIS [domain name] search, it showed up as a Tampa Bay server.”
Henry said he and his colleagues notified the FBI after he found a link to the website posted to a research newsgroup page.
Henry said that he is “not trying to make this into a FUD (fear, uncertainty and doubt) issue,” but cautioned that security professionals and the federal government should keep an eye on al Qaeda's technological growth.
“If they're upgrading their encryption, they're probably upgrading their technology in other areas,” he said.
Israeli military and intelligence website DEBKAfile had warned in October that al Qaeda's cyber-brigades were threatening to launch an “electronic jihad” against Western financial websites.
The cyberjihad turned out to be a dud, as numerous security experts had predicted.
The federal government issued a warning in November 2006 that al Qaeda could attack financial websites.