TRC staff has observed increased calls by cyber Jihadists to carry out denial of service (DoS) attacks against sites deemed to be enemies of Islam. As an example, over the past month, there have been a number of DoS attacks against domains associated with the Vatican (Terror Web Watch).
Statements posted on a web site that participates in the electronic Jihad indicate that the DoS attacks are a response to perceived insults by Pope Benedict XVI (Terror Web Watch). According to the statement, ?with Allah?s blessing, the attack will succeed thanks to the help of our brothers if we all attack simultaneously. We ask all our brothers to be present at the hour of the attack for a joint action, because they have struck our religion. They must be fought and deserve to be attacked and not only on their Internet site.?
New Targets
The most recent target of attack is Morocco?s state airline Royal Air Maroc. According to posts on Jihadist web sites, Royal Air Maroc has been targeted because it has both banned prayer in its offices and barred female employees from wearing the hijab.
The planned attack on Royal Air Maroc is significant because it demonstrates an extension of Osama bin Ladin?s ?bleed until bankruptcy? strategy to the Internet. A successful disruption of service on Royal Air Maroc?s web site, or other sites that also conduct commerce online, may succeed in causing economic damage to the Moroccan state airline.
Failed Attacks
To date, most DoS attacks have not been successful. In particular, the previous electronic attacks carried out against the Vatican appear to have failed to disrupt service on any of the Vatican?s web sites. Due to the public nature of the attack planning against the Vatican sites, information security professionals were able to implement defensive measures that helped thwart the Jihadists? DoS attacks.
While the Vatican?s defensive measures surely helped, the attacks against the Vatican likely also failed because they relied on unsophisticated techniques and technology. Rather than taking advantage of a botnet, a collection of compromised computers, as a force multiplier to boost the effects of a DoS attack, members of the electronic Jihad simply coordinated their actions through a series of Jihadist web sites. These sites inform participants as to the target and the precise time of attack. At the appointed hour, members of the electronic Jihad utilize a DoS attack tool provided by the web sites participating in the electronic Jihad.
The Poor Man?s Botnet
In essence, the electronic Jihad has created a poor man?s substitute for a botnet. However, it seems that the electronic Jihad has failed to gather the requisite number of participants to generate the amount of traffic needed to degrade the performance of targeted high volume web sites.
Hackers and cyber criminals typically use botnets to carry out DoS attacks, among other nefarious tasks. For example, the cyber criminal who attacked Blue Security, an Israel-based anti-spam technology service provider, generated upward of 10 gigabits of spurious traffic through the use of a botnet. Even the most well defended web site would be negatively impacted by an attack of this magnitude.
As a result, it appears that the electronic Jihad has either not created a botnet designed to attack sites deemed hostile to Islam or it only has access to a very small botnet. The available evidence indicates that the electronic Jihad has not utilized the force multiplier of a botnet and instead relied on rallying and organizing the computing resources of willing human participants in the electronic Jihad. This strategy will more than likely continue to fail as long as the electronic Jihad fails to rally enough supporters willing to participate in DoS attacks.