Rumors that al-Qaeda will carry out a “cyber jihad” attack against Western institutions next month should be treated with scepticism, experts say.
Security expert Gadi Evron, who recently studied the cyber attacks in Estonia, and states, “DEBKAfile gets a lot of news that no one else has, and fast,” he said. “But it’s a community-driven tabloid. Treat it as a golden source to be taken with 5 grains of salt,” he said. Even if an attack is planned, it would likely be nothing new, Evron added. “Cyber jihad on the level of attacking websites happens every day for numerous causes by enthusiasts. The content of this warning is doubtful. There are not hundreds of thousands of infosec workers worldwide, not to mention working for al-Qaeda,” he said.
He believes that some low-skilled hackers may be planning something, but that DEBKAfile has probably not uncovered plans of a major online attack.
Larry Seltzer at E-Week says, “Don’t Freak Out”. Unless you’re a specific target, it’s not worth focusing on unsubstantiated general warnings. The world is full of threats.
And Paul Henry, vice president of technology evangelism for Secure Computing has told various news outlets that the attack would probably be carried out with a software kit known as Electronic Jihad 2.0. That software, which has been around for some three years, has purportedly become easily configurable so as to be downloaded by attackers who could then launch a distributed denial of service attack.
It all sounds serious, but the report is being treated with skepticism by many law enforcement officials, and with good reason. This is not the first rumor about an electronic Jihad to seize the Internet citizenry’s imagination. Aug. 26, 2004 was also supposed to see the Internet go down in e-flames from a sustained and devastating cyber-attack by Islamic cyber-Jihadists, but the rumors at that time turned out to be utterly baseless.