ISIS use of Cyber Presentation

Very interesting presentation coming up at The George Washington University on the terror group ISIS’ use of social media and cyber attacks:

ISIS Cyber

For more information visit the college’s website.


Terrorists now using Remote Control Vehicle Born IED’s

Suicide VBIED or Vehicle Born Improvised Explosive Device have been a favorite weapon of terrorists for decades. Since the first VBIED used against the American barracks in Lebanon in 1983 to the 9/11 attacks, terrorists have been looking for new ways to use vehicles to spread terror.

It now looks like they are now turning to remote control.

The captured video above from shows a new weapon in the terrorist’s arsenal, the remote control VBIED. (Note: As there is no translation to the video above, I am not certain of its contents.)

As we have seen from headline news, vehicles packed with explosives can be very deadly.

See the ATF VBIED blast damage chart below:

Atf blast chart

Adding remote control capabilities to these weapons is very concerning. There are jamming devices that block IED signals, and the military already has several tactics and procedures to deal with VBIEDs.

But hopefully the DHS and military will take this discovered threat seriously and work to create additional ways to defeat them.

Anti-Islam Movie, Cyber Jihad and Political Irresponsibility

It is very sad to see something developing and just knowing what would come of it. I figured the “cyber jihadists”, would jump in on the “Innocence of Muslim” anti-Islam movie bandwagon. And they have, targeting American companies with Distributed Denial of Service (DDoS) attacks until, they say, the “offending film” is removed.

As one group states in a Pastebin post:

We, Cyber fighters of Izz ad-din Al qassam will attack the Bank of America and New York Stock Exchange for the first step. These Targets are properties of American-Zionist Capitalists. This attack will be started today at 2 pm. GMT. This attack will continue till the Erasing of that nasty movie. Beware this attack can vary in type. Down with modern infidels.

One Cyber Jihad group even went as far as to publicly post their “DDoS” tool for new budding cyber-jihadis to use. The frustrating part of this whole mess is that irresponsibility on several levels have made this situation much worse.

The maker of the offensive film (an Egyptian!) was irresponsible for publishing the trailer. Many theories have been swirling around about why he made this. One of the latest even points to a co-producer who allegedly is a supporter of terrorism. The timing of the “protests” though is highly suspect (September 1th) especially when the film was allegedly made a year ago and was even publicly displayed in a California theater.

Our administration was irresponsible for blaming the embassy attacks on this film. Though all signs pointed to a terrorist attack, this administration blamed them on the film and not terrorism. Sadly it took quite a while for the administration to change their stance, even though Libyan intelligence stated right away that it was indeed a terrorist planned attack, and supposedly the US had been warned in advance. It was not until  the Director of the National Counterterrorism Center testified before the senate stating it was indeed a terrorist attack that the stance was changed at the White House.

Our President and Hillary Clinton were irresponsible for creating what have been seen as “apology commercials” and having them displayed in Pakistan, placing the blame on the film instead of on terrorism. This again did not have the desired effect of calming people down, but seems to have just stirred up more Anti-American sentiment.

The media was irresponsible too for blaming the embassy attacks on this film. Though all the evidence pointed to a planned and co-ordinated terrorist attack, many media outlets fell in line with the stance of the White House. Blaming the film (again it was just a trailer for the film!) for the protests was then projected around the world by the media seemingly stirring up more Anti-American protests.

Religious and political leaders in Islamic countries were irresponsible for the roles they played in this also. Many religious leaders encouraged protests and even called for “American Muslims to perform Jihad on the movie creator”. And according to CNN, “A Pakistan government minister has personally offered a $100,000 reward for anyone who kills the man who made the anti-Islam movie that is drawing ire throughout the Muslim world.” And Pakistan is supposed to be an ally in the war on terror.

Now along with public protests, Islamic hacktivists are jumping into the fray and attacking American websites with Denial of Service attacks.

Was the film trailer offensive? Absolutely, but the facts just don’t add up.

For example the cyber jihad Pastebin post mentioned above also states, “United States of America with the help of Zionist Regime made a Sacrilegious movie insulting all the religions not only Islam.” They claim that all religions were insulted with the making of this film. It is interesting to note that allegedly the outrage was over the way Mohammed was represented in the film. And similar outrage has been seen when he has been portrayed in cartoons.

Jesus is also a prophet in Islam, and is actually mention many more times by name in the Koran than Mohammed. But the image of Jesus has been portrayed in some very vial images of “art” including urine and feces, yet there was no storming of American Embassies or worldwide Islamic protests over it.

I am very discouraged over the actions of our President in handling this situation, as it seems his response was very politically motivated. I am discouraged with the media for their part in stirring things up. And I am also very discouraged over the reaction of leaders in supposed allied countries who have fanned the flames of hate into an inferno.

There is very strong Anti-American sentiment in the Islamic world, though this film is being used as an excuse, sadly I think we are just seeing these nation’s true feelings for the US.

Hacktivists using Shortened Links to Hide Malware Servers

Several times I have received direct tweets or replies on Twitter with a message like “Check this out!”, “This is along the same lines”, or “If you think that is bad, check this out”. The profile picture of the sender is usually a professional looking businessman or a pretty lady. And the included link is a shortened URL.

Why some people are just so friendly right?

But running the shortened URLs through a link unshrinker told a different story. One of the first evil links that I found was four lines long when unshrunk and included an IP address of a known Russian Business Network (RBN) host. But the way they formatted the link, the actual website called was at the end of the link and pointed to a server in the US.

I have seen the same tactic used on a forum discussing the 9/11 Anti-American protests that are going on now in many Islamic countries. A comment posted, by a very pretty lady (of course), had an anti-Islamic message and a shortened link. The link unshortened was a very long masked URL.

Recently, the Telegraph posted an article on the Taliban using pretty girl profiles on Facebook to try to befriend and get information from allied troops:

“Most did not recognise that people using fake profiles, perhaps masquerading as school friends, could capture information and movements. Few consider the possibilities of data mining and how patterns of behaviour can be identified over time.”

Unfortunately, with sites like twitter, once you click on the link, you are instantly taken to the site without being able to preview it. And with the nasty zero-day exploits that are out there (IE and Java 7) just visiting a site and allowing a script to run could allow full remote control of your computer to a remote hacker.

As the Anti-American protests continue, expect these tactics to increase. Be careful what you click on and who you befriend on Social Media sites. And always run a script blocking program like “NoScript“.