Home » Cyber » Cyber Security Center » The Time for Preemptive Cyber Strikes Has Come

The Time for Preemptive Cyber Strikes Has Come

by christian on January 4, 2010

More and more terrorists and extremist groups are using the Internet to fund their activities, recruit, covertly communicate and coordinate activities with their followers around the world. The use of the Internet now plays a key role in terrorist activities throughout the world. This fact has given rise to a number of questions coming amidst the three recent events. The most controversial question being that of preemptive cyber strikes. In the past few weeks three significant events took place that has raised the concern about the way terrorists leverage the Internet to further their cause. 

Event 1 — The investigation of the Delta Flight 253 attempted terror attack by the 23-year-old Nigerian Umar Farouk Abdulmutallab uncovered Internet activity including viewing a blog and web site of al-Awlaki. In fact sources have stated that the suspected terrorist used the Internet for “counseling and companionship.” Intelligence organizations have stated that al-Awlaki, a cleric in Yemen with a popular jihadist web site and ties to Sept. 11 hijackers, may have played a key role in the attempted bombing.

Event 2 — Five young Americans all from the state of Virginia stand accused of planning terrorist attacks. Pakistani officials have said the Taliban had planned to use them to carry out attacks inside Pakistan. A joint investigation team has concluded that these five individuals contacted militant groups over the Internet in an effort to wage holy war. Pakistani law enforcement will seek life sentences under anti-terrorist laws.

Event 3 — U.S. Army Major Nidal Malik Hasan, the Fort Hood shooter, used the Internet to communicate with the radical cleric al-Awlaki before the attack that left 14 of soldiers were shot dead in November. In fact, the web based interaction was said to have occurred for over a year. Electronic intercepts and other supporting information show a connection between terrorism, the Fort Hood suspect, Umar Farouk Abdulmutallab and Anwar al-Awlaki.

Cyber warfare analysts at Technolytics say these cases reflect a strategic shift where terrorists and extremists are forming social networks and have focused on using the Internet to further their global influence. These events have clearly illustrated the ease by which anyone who wishes to pursue joining militant groups and participate in jihad can do so through the Internet. This is a very troubling reality for counter-terrorism efforts around the world. Cyber intelligence analysts estimates that there are approximately 30 primary cyber jihad web sites that generate and initiate over 90 percent of the communications, content and activity direction to an estimated 15,000 + web sites that serve as localized and focused points of distribution.  

 The interconnected nature of these primary sites creates a resilient architecture for the distribution of content and coordination of activities. Recently, the question of whether the United States should launch a cyber attack and “take out” the primary sites has come up in multiple venues. In fact, the question arose in a recent U.S. House Armed Services Committee — has the time come to view cyberspace as an al-Qaeda battlefront?

Kevin Coleman

Share |

{ 48 comments… read them below or add one }

seymour January 4, 2010 at 2:21 pm

Weigh the cost of not being able to monitor the traffic of those web sites, and potential loss of intel against eh knee-jerk short lived satisfaction of being a "hacker" and taking down those web sites, and driving the jihadist further undercover. If the Intel and infomation operrations communities can state that the loss is worth it…take them down. I have no idea how much initel is provided by monitoring these sites, but I am sure there are some. I believee the intel failures are more related to political correctness then lack or intel. Would not want to hurt someone's feelings by reading their hate filled postings and then acting on them, now would we?

Reply

super January 6, 2010 at 6:07 pm

exactly u need 2 see what the plotters are plotting

Reply

Jeff January 4, 2010 at 2:29 pm

I think a pre-emptive cyber attack might show less worth while results than a more strategic plan. So to say "cyber attack" requires qualifiers to the natrue of the "attack" used. For example might more beneficial results be gained by planting malicious code, viruses, and other similar programs to gain intelegence, to manipulate the communications between terrorist cells, and to sow the seeds for a full attack on their entire network.

Reply

Ptsfp January 4, 2010 at 2:43 pm

I don't know Kevin, I may have to agree with Jeff and Seymour on this one. The terrorists, if nothing else, are very adaptive to US operations. If we take down some main sites, I think all that will do is have them diversify their dissemination points and instead of 80 main sites, we may be facing 500…

Terrorists are notorious for taking notes and making videos. Instead of having our hackers take out websites, have them backtrack from the websites and infiltrate the individual computers that the main posters are using. I think this will lead to a plethora of cyber and humint information.

Reply

zman January 4, 2010 at 3:11 pm

why was my comment deleted

Reply

Nidi January 4, 2010 at 3:17 pm

Just like with any other cell-like organization, if you take the primary one down, another will take it's place. This is exactly what would happen if you take down these sites. And, if you take down these sites, they will just find other ways of communicating. And, even if we managed to find out their main communication sites, they are certainly not not going to be hosted within American companies, and more than likely not on servers located within any friendly country. They would probably be located in countries that are not very friendly with us. How are they going to see an attack by the US government on something that is located within their country? There are strategic implications of actions such as these that go beyond the War on Terror.

However, the main question is, what is the main goal? Is the main goal political, where you can say you took down all these websites and are keeping the terrorists from operating, thereby gaining votes; or, is the goal to monitor these websites, and track their comtributors to individual users or computers, building up dossiers of active and potential terrorist operatives and created a list of possible strikes to be undertaken by either our special forces or the forces of whatever state they are in? These websites are potential gold mines. IT is fairly easy and straightforward to, if we can infiltrate one of these sites, to upload video or other data that contains trojans and other malware that can not only track track users, but allow 3rd party(ie, government) access to the infected computer. To restate the point more concisely, is the goal to look like you are doing something(a political goal), or is it to do something that will allow us to better identify who is involved and what they are planning to do(more strategic goal)?

Reply

seymour January 4, 2010 at 3:33 pm

I seem to remember hearing somewhere that initating a "cyber-strike" is/was considered the equivalent of a WMD strike, and required National Command Authority (NCA) permission. This is/was considered a very big escalation. Having said that, I am sure that selective take downs can and should be taking place. Let us also not foget that a lot of sites are hosted in friendly locations, to include the United States. I lean very heavily upon "reading the other person's mail" (privacy issue on the Internet are a joke), and appropriate action be taken. Individuals/groups who feel that their "rights" are violated, if their emails are read after they peruse several jihadist or other anti-western, should be forewarned. If they fit a profile because of their actions, then maybe they have reason to be concerned. Besides, Darwin is also at work concerning jihadist. The smart ones know better.

Reply

eric January 4, 2010 at 3:45 pm

Germany had a big network of effective spies in Great Britain in WW2, giving them a lot of useful information. They thought. After the war ALL these spies proved to be working for the British! Different times, different techniques, but basically nothing has changed. So, if you can't beat them, join them (with an entirely new meaning to this phrase offcourse).

Reply

DualityOfMan January 6, 2010 at 12:11 am

Exactly… that was one of the greatest coups in the history of intelligence work.
Fake sites to feed bogus information and "sting" terrorists would probably work well. I'd be pretty surprised if it wasn't already being done.

Reply

Nidi January 4, 2010 at 3:46 pm

seymour, I actually did a research paper for one of my graduate classes on the deterrent ability of cyber attacks and I found that most of the prevailing theories regarding nukes can be applied to cyber attacks. The ability to do the equivalent of a nuclear airburst without the fallout is a very significant capability. But yeah, more than likely their communications have to travel either through the US or an allied state. At this point, it should be no problem to intercept and monitor these communications, the only problem is finding which one it is. It's not just looking for a needle in a stack of needles, it's looking for a needle in a stack of needles the same length and weight. Also, I'm not sure of the legality of this(clearly that does not stop governments, but it has huge potential fallout if uncovered). And, if any law is passed within the US to allow this, it can easily be expanded to a point that many people would be uncomfortable with.

Reply

Davy Franz January 4, 2010 at 4:14 pm

Sounds good. Let us also attack the Montana Militia's site? How about Hal Lindsey's site and some of those other radical Christian sites, since they often disagree with our National Command Authority? How about attacking Fox News too? Yup, sounds like it would go a long way toward preserving our way of life.

Reply

@Earlydawn January 4, 2010 at 5:24 pm

Voted yes, but I think there's a lot of merit in treating sites that cells use as sources of intelligence, instead of like C4ISR nodes to be destroyed. That said, we also need to empower lower echelons of leadership to change that approach to the former when it benefits our overall strategy. If some group is using a site or social network as a coordination center for an imminent attack and we can't backstop it.. hammer it and hope for the best.

Reply

TMB January 4, 2010 at 5:27 pm

I agree that "attack" is a bit vague. I do agree that the cyber element needs to be part of our arsenal against terrorists. Instead of simply Denial of Service attacks or other ways to shut down a website, infiltrate the site and gain as much intel as you can from the servers or users. I'm sure there are enemy computers out there that haven't updated their malware recently.

Reply

Oble January 4, 2010 at 5:40 pm

Dozens of Jihadist web sites have been taken down for 10 years now but it’s only just dawned on Kevin.

But I detect a certain tone of desperation creeping into Technolytics marketing spiels. Perhaps it’s not that the button will be soon be pushed but the plug will be pulled.

Reply

Chad January 4, 2010 at 6:50 pm

"Terrorists" and "terrorism" are US operations, don't you military f*ck-ups get that? Terrorism has always been a political maneuver - do you people really think a small group of people half way around the world are really behind all of these bombings and cyber attacks? EVERYTHING you idiots are doing for this GWOT are imprisoning the very people you've been duped into believing you're protecting - the American citizens.

Reply

Kool-Aid Drinker January 4, 2010 at 7:18 pm

LOL….here, have another cupa Kool Aid. I like Black Cherry myself. Want to borrow my tin-foil hat? I have spares. Do you find that sand gets in your ears? It did in mine, until I learned to also plug my ears with my fingers and say "La, La, La" right before I stick my head… Please explain to me then, all about those poor misguide souls who blow themselves up, in the name of a religion, or for intolerance of another society, or even maiming females, to keep them in their place. What does this have to do with Terrorims, or even "Cyber strikes", you ask? To me it makes as much sense as saying there is no terrorism, it is all the polictical posturing of western politicans in an attempt to control the sheepless masses.

Reply

Pete January 4, 2010 at 8:12 pm

These "poor misguided souls" as you called them have defeated the US in Iraqi. and have you on the run in Afghanistan. It is a mistake to underestimate your enemy, which surprisingly the US still continues to so. Its like you never learn anything.

As someone said above, this so called Cyber threat is really js a hyped up scare tactic that smacks of desperation before the plug is pulled. Its nothing more than a "make work scheme' based on scaring little old women.

The only reason is that it is called 'terrorism' is because it is a weapon that is used to dissuade a more powerful enemy by a weaker one. I don't see the US calling the Russian nukes 'terror weapons', even though they are targeted at your cities containing millions of citizens, nor I bet you don't call your nukes terror weapons either though you do exactly the same.

Its like Vietnam, the US tried to suppress nationalism by claiming that it was fighting communism. Here the US is trying to convince the world it is fighting religious extremism, when in fact it is fighting an indigenous force opposing an illegal invader. The same as in Iraq, how many religious terrorist were there under President Saddam Hussein?. Then all of a sudden after the illegal US invasion, the country was full of them.

If you stopped pissing people off, they will stop their pin-prick attacks on you. 9/11 showed the world the US can dish it out, but not take it. 3190 US dead = 360,000 Iraqi dead. all for the so-called GWOT. Whatever

Reply

guest January 4, 2010 at 8:56 pm

I'm not an expert but how were we defeated in iraq the only people dying are in accidents and the drawdone not retreat is on schedule. plus what country are you in "though they are targeted at your cities containing millions of citizens", cause if your some european panzy they are pointed at you to

Reply

Cannon Fodder January 4, 2010 at 10:41 pm

I think chad and pete are either Iranian or French… Hard to tell, Pete might be Comical Ali, remember him? "The US is no where near Baghdad…"

Oble January 5, 2010 at 5:28 am

When Al Qaede and Iran publicly applaud and even thank the US for actions such as the invasions of Afghanistan and Iraq then it might be a clue that you are on losing strategy.

Fact - every day bugs result in more losses then all the cyber attacks put together

Fact - Not being able to renew your library card is not less convenient then having your town turned into radioactive slag with a half life of 2000 years.

Fact - Every year billions of dollars is wasted on schemes dreamed up by Washington lobbyists to line their own coffers.

Project Thor January 4, 2010 at 6:38 pm

Peter-puffer. We can tell that you are one of the "poor misguided souls" by your skewed version of history… last time i checked, we didn't "lose" in Iraq and we aren't "running" anywhere in the Stan, except to save some sheep from your carnal lusts. As for your above comments, it sounds like you've been out in the sun too long. The next time you pray towards Mecca, try not to bang your face on the ground so hard… it's clouding your thinking.

Reply

WJS January 5, 2010 at 4:07 pm

Defeated us in Iraq huh? Is that why they openly acknowledged defeat in Iraq, left and then set up camp in Yemen? Any issue with Afghanistan is based on Obama hemming and hawing. The US will annihilate the Taliban and Al qaeda in A-stan and you will have to find something else to complain about. Sorry. Herd a sheep.

Reply

SkysoldierRecon January 5, 2010 at 2:12 pm

uh, maybe you should stop by my house..i got extra meds ya know..at least i KNOW im thrown a little..how can you not be? You think those animals who throw acid in girls faces and send kids into the middle of the road to stop a convoy are "DUPED?" You IDIOT..thats thier strategy, you have no idea how many good men were lost because they didn't follow SOP, we are facing sub-human cretins that are hell bent on DESTROYING us..WTF!!!!!

Reply

Byron Skinner January 4, 2010 at 2:28 pm

Good Morning Folks,

I voted NO, don’t attack these web sites. Three reasons: First it would seem to me that by tracking these sites the US could get valuable intelligence such as who is recruiting, from where, who is responding, and from where, we could even perhaps capture a few nuggets of intell. that will give us a clue of the terrorists next events.

Secondly, the US would be starting something that could come back and bite us in the arse. If we start doing this, by the very fact that the US is hacking into sites gives a aura of legitimacy to the activity. The US Government and US companies have far more exposure on the internet the all the terrorists organizations combined.

Lastly we would only be forcing the terrorists to find other ways to do what they are doing on the internet. History has shown that the US is not real quick to catch on to these “low tech.” changes.

At this time the US has more to learn from the internet then to be afraid of.

ALLONS,
Byron Skinner

Reply

Zman January 4, 2010 at 3:09 pm

The strikes should be made to incorporate complex worms, trojans, and botnets. We should also incorporate an NSA type cybersecurity with supercomputing that sends us bits of pertinent information and key words or phrases. We should hijack websites and create phony but realistic one. Our supercomputers could easily identify profiles for those most likely to want to commit harm, then the dots can be connected more easily if that person decides to leave the country. An algorithim might have to be written that takes into account age, isolation / persons psychological profile and connects it with his movements to and from different countries in real time. Face recognition should also be incorporated before you board the plane. The newer laptops have webcam. You can also write a program that not only looks, and listen to what the person is typing without him knowing that his webcam is on.

Reply

Max January 4, 2010 at 9:55 pm

I don't know why we even have to ask this question. Isn't the US at war with Al-queda and associated terror groups? We should have gone after them with all available means already. Shut them down asap, IMO.

Reply

Project Thor January 4, 2010 at 10:40 pm

awwww, you deleted my comment! So much for the "Freedom of Speech"

Reply

ForgeMan January 4, 2010 at 10:40 pm

Preemptive attacks on web based targets will be an effort in futility. DoD will be playing wack a mole with rogue sites popping up like mushrooms, not enough manpower or computational power to keep a site "down" should the proper (or improper) users decide to keep a site up. A digital "nuke" will only fix the problem temporarily and draw attention to the attacker thus causing a true escalation in "cyber" war. Would suck if global bot-nets were pointed at a DoD network then that bot-net became a target, the machines that make those bot-nets quite often are friendlies… Even worse it could set a precedence for military control over Global DNS. More definition needs to occur on what can be attacked.

Reply

Mystick January 4, 2010 at 6:16 pm

I think there is an ambiguity in the "events" cited in the article. Use of active recruitment websites and communicating via the internet are two very different things. Email has become ubiquitous enough that stating a criminal communicated via the internet with another criminal really doesn't carry a whole lot of distinctive weight. Its the same as saying they used the phone, or wrote each other letters. Furthermore, the means of 'policing' those two cited modes of internet use are quite different. Tracking web site use is fairly easy to accomplish. Tracking emails is different. Not only do you have to determine the recipients, but also determine content - otherwise you run a high risk of being buried in data. You need to know the content that you want to track, and then track emails with that content… and even then the portability of email recovery from one computer to another further obfuscates the recipient. The only way to track content would be to literally filter every email flying around on the internet… a herculean task to be sure, but not outside of the scope of reality.

Reply

J_E January 4, 2010 at 11:45 pm

given the dynamic nature of the internet, I think it goes w/o saying that preemptive attacks (?) would be futile (you can't take out every iphone, pc, etc in the world - and as long as one exists, a terrorist could conceivably launch a cyber attack).

This idea is stupid to the point of absurdity. But it will open a new frontier of profits to be made by defense contractors as gov't agencies attempt to recoup from successive cyber-bungles with ever increasing layers of technology and cost.

Tax payers: get yer checkbooks out!!!!

Reply

Guinevere January 5, 2010 at 8:51 am

Is that JE or GE?

Reply

Guinevere January 5, 2010 at 8:55 am

I'm sure Got mitt uns….NOT!

Reply

JimboJones January 5, 2010 at 11:43 am

This won't change a anything, America will still be the easiet target for E-attacks as it's to pussy to do anything about them despite many many statements that say we'll get em if they hack us. You wait, we'll be reading about more breaches to American defence and civilian networks over the coming months and years, each and everyone will go unpunished.
Funny thing is that you invented the internet yet , gave it to the world for free yet you fail to be able to control it. You've opened up pandora's box and its coming back to haunt you. LOL

Reply

SkysoldierRecon January 5, 2010 at 2:04 pm

i voted yes, but they will just be harder 2 track..the POLITICALLY CORRECT attitudes in the West is wats killing us. The problem is in mosques, islamic schools that radicalize thier students. Not just in SW Asia or ME, iam talking about EUROPE and the US..close them down, sometimes you gotta play dirty, put a van filled with explosives in front of 1 and detonate it..in PAK or wherever..see how they like a taste of thier own meds…oh, i forgot to take mine this morning..LOL!!!

Reply

DualityOfMan January 6, 2010 at 12:07 am

Congratulations, you sound just like the other side!

Reply

SkysoldierRecon January 5, 2010 at 2:16 pm

oh well, Chad get a grip, these people aim to annihilate us..they are far from stupid..sounds like bible prophesies and others like Nostradamus may have seen this coming..no matter wat the powers that be say, we are in a war of civilazations, religious extremism..pls don't delete this..sorry…

Reply

Chris January 5, 2010 at 3:59 pm

Regarding monitoring of email: Practically speaking, very difficult to monitor ALL email, ALL content. Easy to encrypt (though perhaps not as hard to decrypt as we used the think), plus the need for huge processing power and storage.

Smacking down every site that promotes ideas we don't like would be like the Swedish Chef and that souffle (or whatever it was he was trying to cook up) with live (well, muppet) chickens in it he was trying to prepare - every time he shoved one end down in the pot something would pop up at the other end. We'd probably gain more by leaving these sites alone where we can see them. Keep your friends close, keep your enemies closer.

Perhaps it would be more useful for the DoD to de-centralize its own IT operations and look to our own defense and "cyber borders." That would make physical security a bit harder (we'd have more physical sites we need to protect), but each individual physical site would be proportionally less critical. I would like to think that this kind of thing has already occurred to someone that's actually IN the DoD's IT sector.

Reply

Byron Skinner January 5, 2010 at 1:41 pm

Good Morning Folks,

Since yesterdays response got pulled, I will try again with somewhat less information, maybe my posy might stay up, or not.

I voted no to the idea of attacking or taking down these sites. I really hope that the 92% who favor shutting down are not serious posters and really don’t get it. I also hope that the intelligence community has no thoughts of tampering with these sites. But I fear that they too re clueless as to the gold mine they have with these sites. To shut these sites down is the same as poking a screwdriver into both your eyes.

I will not elaborate, hoping that this post may pass censorship. To those of you who take this subject I would like to recommend a current book: “A Genius For Deception: How the Cunning Helped the British Win Two World Wars.” by Nicholas Rankin. I won’t go into any comments on the book, but for the one or two of you who might read it, you will see the stupidity of this idea.

ALLONS,
Byron Skinner

Reply

b12 January 5, 2010 at 9:00 pm

The article promotes "Technolytics" with some phobia arguments.

When I enter the authors name, Kevin Coleman, into Google the second link that comes up is "Technolytics"

Hey folks - do we really have to fall for such stupid corporate propaganda?

Reply

Paul January 5, 2010 at 11:14 pm

Event 4 : I cannot divulge the company name but a major business mamagement site used by global corporations has been attacked twice this holidays. Both times at primetimes of service use. This disruption caused outages across the globe for all these companies. It was the first time in 3 years I know of that all of our servers went down. It was definately an attack targetting the economic sector.

Reply

DavidB January 6, 2010 at 7:14 am

To take down is foolish. To leave up NOT mine for Intel would be mindless.

From my BlackBerry Storm…

Reply

r5845lm January 15, 2010 at 7:08 pm

If intel can be obtained from these sites that should be done. It seems to me that these sites could be infected with viruses that attach themselves to the computers of persons that log on to them. The virus could be left dormant until the same site is logged on to a second or third time by that person. The virus would then become active and create problems for the site owner and the person that logged on to it. That would provide time to collect more intel and slowly destroy the site and the persons machine that contacted it.

Reply

124r July 30, 2010 at 7:24 pm

ah dont worry, terrorist will mistakenly use facebook connect ;)

Reply

Had Enough Of THEM December 18, 2011 at 8:09 pm

Why not just exterminate everyone that might be a potential terrorist - that includes both men and women of designated ethnic groups, and that especially allows the destruction of enemy offspring, so that they do not grow up to be warriors?

Not just guns and death camps but biowar too.

A Final Solution.

Reply

urgh December 18, 2011 at 8:21 pm

sieg heil. sieg heil. swing heil.

Reply

quomiemelia January 16, 2012 at 1:32 pm
Pete January 5, 2010 at 3:30 am

No, I am from New Zealand. Our country has, and is fighting alongside the US in every war in the last century (WW1, WW2, Korea, Vietnam, Gulf 1. Iraqi, and now Afghanistan.

Reply

Cannon Fodder January 6, 2010 at 9:17 pm

So from your own words, these terrorists must have New Zealand on the run too…

And I thought you guys were cool…

Reply

Leave a Comment

Previous post:

Next post: