Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Cyber Jihad? Yeah, right...

Published: 2007-11-11
Last Updated: 2007-11-12 00:42:39 UTC
by Marcus Sachs (Version: 2)
3 comment(s)

In the news this past week were the ominous stories about a Cyber Jihad on November 11th.  OK terrorists, it's November 11th and we haven't seen your little Jihad yet.  As Johannes said in his diary a few days ago, it seems to have been called off.  What happened?  If there are any terrorists hanging out here reading this diary I'd like to hear from you.  Please use our contact page.

This whole cyber terrorism thing has always bothered me, especially since every time some nut decides that the "next attack" is going to be against an online target the press goes into hyper alert mode.  Folks, let's get serious about this for a few minutes.  I know that this is politically incorrect, but the odds of a terrorist group "terrorizing" the Internet with cyber bullets and e-bombs are about as small as the odds of the Morse Code coming back as a primary means of communication.  It's not zero, but it's also not much more than zero.  (Remember, math fans, that odds are a comparison expression such as 1:20 or 1:100 and can also be expressed as a real number by dividing the first value by the second.)  The terrorists use the Internet for the same thing everybody else does - communicating with each other.  They also use it to raise money through criminal activity, then launder it via one of the many electronic payment systems.  Ever look at the spam and phishing junk mail you receive?  It's not just the Russian Business Network operating in the shadows.  With the Internet providing near-perfect communications and a seemingly endless supply of money why would a terrorist group want to blow it up?

So for those looking for something to do while we remember our military veterans and fallen comrades in arms today (don't forget today is Armistice Day, also known as Veterans Day or Remberance Day in several countries) think about how a terrorist group might actually go about terrorizing the Internet.  Send us your ideas and we'll publish them here.  The point is to learn from this exercise, to see what is possible and then to ask what we can do to prevent it or mitigate any consequences should it happen.

Thank You, Veterans, for your service to your country!


I'm so bummed.  No terrorists took me up on my request today.  We did receive several emails from readers who agreed with the thesis above, and a couple of notes that pointed out (correctly) that there are some critical infrastructure nodes in some countries that if physically damaged could cause regional outages.  But nobody came up with any good attack scenarios that could be used for a terrorist group wanting to conduct a Cyber Jihad.  So, let's get back to the real problem at hand - the criminal abuse of the Internet.  In case you have not noticed we've created a near "perfect storm" for criminal behavior: 

  • No taxes, therefore no tax evasion
  • Value in everything online
  • Anonymous access to vast resources
  • Criminal tools look and act like lawful tools
  • No national or political boundaries
  • Laws and law enforcement are limited
  • Numerous opportunities for money laundering (PayPal, etc.)
  • Virtually unlimited interconnectivity
  • Millions of clueless victims

Oh, and don't forget the 30-year old protocols with no security in them.  I don't think we have to worry about the terrorists.  We've got plenty of other problems to solve first.

Marcus H. Sachs
Director, SANS Internet Storm Center

3 comment(s)
Diary Archives