Warning – another criminal – hackers attack anticipated

Warning – another criminal – hackers attack anticipated

This post is also available in: heעברית (Hebrew)

15563221_sA “group of mostly Middle East- and North Africa-based criminal hackers are preparing to launch a cyber attack campaign” beginning this week  “against websites of high-profile US government agencies, financial institutions and commercial entities,” according to an intelligence warning issued last week by the Department of Homeland Security (DHS). 

Prepared by DHS’ Office of Intelligence & Analysis (I&A) Cyber Intelligence Analysis Division and coordinated with the US-Computer Emergency Readiness Team (US-CERT), the Industrial Control Systems Cyber Emergency Response Team and the National Cybersecurity and Communications Integration Center, the bulletin said “The attacks likely will result in limited disruptions and mostly consist of nuisance-level attacks against publicly accessible webpages and possibly data exploitation.”

“Independent of the success of the attacks,” DHS warned, “the criminal hackers [also] likely will leverage press coverage and social media to propagate an anti-US message.”

Known as “OpUSA,” the DHS intelligence bulletin said “since mid-April 2013, the campaign’s members have used social media and web forums hosting violent extremist content to attract additional participants and raise awareness of the efforts.”

According to HS Today of more concern to officials, however, is an apparent growing alliance between various criminal hacking groups and violent Islamic extremist organizations.

For example, the bulletin said, “Several individuals linked to websites that host violent extremist content have promoted OpUSA and called on like-minded individuals to support the effort, indicating the campaign has gained the attention of at least some violent extremist sympathizers,” including at least one “web forum that hosts Al Qaeda-inspired content” on which members have “posted messages on the forum and social media encouraging supporters of violent extremism to participate in the cyber attacks, according to open source reporting.”

DHS I&A said the pending cyber attacks pose only a limited threat of temporarily disrupting US websites, but warned “it may … signal an emerging trend of Middle East- and North Africa-based criminally motivated hackers collaborating with others regardless of their motivation.”

For some time now, counterterrorism officials have expressed growing concern about not only more aggressive and sophisticated cyber attacks by jihadist groups, but also linkages between cyber jihadists and traditional criminal and anarchist cyber attackers.

The DHS “For Official Use Only” bulletin said “Middle East- and North-Africa-based criminal hackers will continue issuing public statements to announce cyber attack plans against high-profile targets to attract media attention to their cause,” and that “These statements may provide insight into whether these groups are radicalizing toward violence and whether they would potentially partner with or conduct attacks on behalf of violent extremists.”

The DHS bulletin concluded that the perceived success of the OpUSA campaign could lead other individuals — including those with advanced technical skills — to undertake similar efforts and “attempt more threatening cyber attacks targeting US government and commercial websites.”

“I doubt that Al Qaeda or other Sunni extremist groups have much of an internal capacity for these kinds of attacks,” said Charles Faddis, a former career CIA clandestine services officer who hunted terrorists throughout the world and headed the CIA and National Counterterrorism Center’s WMD counterterrorism unit. However, “I do think that there is some significant danger posed if Islamic extremist groups begin to cooperate with criminal organizations,” Faddis added.

Faddis cautioned though that “Some of these criminal organizations — particularly the  Russian and other Eastern European groups — have some very advanced, very dangerous capabilities.”

According to DHS, its analysis “is based on US-CERT reporting and open source reporting,” the reliability of which it said “is excellent, giving us high confidence in our judgments.”

The intelligence bulletin “also is supported by US media reporting; as this information may contain political or journalistic bias and may be intended to influence as well as inform,” the warning said.

Nevertheless, DHS said “we have medium confidence in the analytic judgments derived from this reporting.”

This is a “Good alert to notify ISP and support partners that may be required to keep online banking and public facing bank sites up and usable,” said EyeLock Corp. Chief Development Officer, Jeff Carter, a leading innovator who ran innovation for Bank of America and the Center for Future Banking, a joint venture between Bank of America, MIT and Harvard University.

Carter said the “DHS alert becomes problematic due to the scale and scope of participants and the fact that so many varied organizations may join in to the attack,” adding that he’s “Beginning to wonder if these DDoS [Distributed Denial of Service] attacks are simply a mask for other attacks.”

“In other words,” Carter said, “the true attacker sends information to secondary groups. These secondary groups publicize the attacks from a secluded, hard to reach organization — then have others join in the attack and ‘pile on.’ The primary attacker then uses the fog of war, or ‘noise,’ from the simple attacks to mask their more complex penetrations, fraudulent transactions, etc.”

i-HLS ISRAEL Homeland Security 

For more details


Subscribe to our newsletter

SIMILAR ARTICLES

Images provided by pixabay

image provided by pixabay

image provided by pixabay

image provided by pixabay

image provided by pixabay

Image provided by pixabay

Factory. image by pixabay