Jihadist Makes Cyber Attack

By Kevin Coleman — Defense Tech Cyber Warfare contributor

Last week’s rapidly spreading computer virus has been traced back to a cyber-jihad group called Tariq ibn Ziyad. Information security company SecureWorks was able to link this cyber jihad group to the ‘Here you have’ malicious worm. The worm was able to crash systems, computer networks and bring down email servers. IDG reported the worm was able to disrupt large U.S. organizations including Disney, Proctor and Gamble, AIG, Wells Fargo, Comcast and NASA.

Analysis indicated a back-door established by the worm that could be used by the cyber terrorists to remotely log into any infected system. The worm also has functionality that attempts to disable anti-virus and security software that is installed and operational on the infected computer. In addition, the worm tries to establish a connection to a computer that uses the Tariq ibn Ziyad name. Further analysis focusing on the worm’s Digital DNA  indicates it is identical to a piece of malicious code released last month. This analysis indicates that both pieces of code refers to a Libyan hacker who is said to use the name Iraq Resistance. This name has also been associated with efforts that are trying to form a hacking group called Brigades of Tariq ibn Ziyad, according to cyber intelligence provided by SecureWorks.

Further intelligence indicates Tariq ibn Ziyad’s objective is to “penetrate U.S. agencies belonging to the U.S. Army.”  All of this taking place as the United Nation’s Telecommunications chief issues a warning and calls for nations to join together in developing a coherent global cyber security peace treaty or face the very real possibility of an all-out cyber war.

  • Joe Blough

    Tech, what public forum was this?

    Maybe the moderators know more.

  • Bill

    Dear Jihadists,
    TRON isn’t real, leave Disney alone.

    The United States

    • Brian

      Best post ever. :)

  • Bob

    Why am I not suprised. Thankfully, we are not at war with Islam, and it is a religion of peace. Just think what Islam might do if it were at war with us, and not such a peaceful group.

    • 4mer03sgt

      You are kidding, right??? Yeah, I thought so. Semper Fi, Mac.

      • Bob

        Just parroting the official guvmint line. Doesn’t mean I believe it.

    • Sam

      Which religion has committed more acts of violence throughout history? Islam or Christianity?

      • thedavidwilson

        Religions do not commit acts of violence, people do. A better question is which religion teaches eternal warfare and subjugation of people who do not follow it? It is not Christianity.

  • STemplar

    Break out the Xboxes and return fire…..

  • prometheusgonewild

    And who trained them? We did.
    Lets thank our leaders and their enlightened graduate student policies…..
    Just like those nice boys who wanted to learn how to fly…….

    • Sev

      There are so many muslims at my school (Tech and engnineering school). They give ROTC kids a sneer look. I’ll bet some of them are going to pakistan afterward to build IEDs. Of course my school and its students are sooooo Politically COrrect that we have interfaith Appreciation.

      • prometheusgonewild

        Just like Arafat, an engineer.
        Maybe if he had taken some liberal arts classes he would have not been such a fool.
        But no, they just want math, and none of those foolish western ideas in the liberal arts classes.
        In that respect they have as much respect for western culture as the faculty…….

        • Wildcard

          Don’t knock Math, its the language of the universe.

          • blight

            You exaggerate the worth of “liberal arts”. You are replacing the radical imams spoon-feeding of ideas with “western ideas”, which doesn’t encourage free thought.

    • NunyaBiznez

      I knew we should have shot that arab muslim in our IT Computer security class in college before he went back to his home in the middle east.

  • Tech

    Here’s the link to a video uploaded by the individual who claimed responsibility for the worm. http://www.youtube.com/profile?user=iqziad

    Some other bits of info I’ve gathered:
    – the individual ASKED for assistance in using VB to write the code used in the worm on a public forum
    – another more sophisticated attack was executed in unison with the worm – this one used a vulnerability in Win7 and WinXP

    All-in-all, the guy obviously had some help b/c he doesn’t seem too smart at all. The 2nd attack was the sophisticared one that should be analysed more closely as the vulnerabilities used are sophisticated in and of themselves.

  • STemplar

    Does he have an IP address? I think I’ve got a tasking for Delta…….

  • blight

    We do have a precedent for international policing: Interpol. Perhaps a Cyberpol is the answer?

  • STemplar

    Perhaps a 12 man team with ninja hoods and a bag is the answer, post that on youtube and see how many techno dorks are in a rush to hack stuff…

  • Donnell

    How about our political leaders make a law stating that any cyber attack against the US will be viewed as a foreign military attack on the US and the US will respond in kind with force and as STemplar stated earlier, a tasking for Delta and lets see what happens then.

    • blight

      Makes false flag attacks more entertaining. Tonkin Gulf incident, except the “torpedo spread” is a ddos attack rerouted through Switzerland. Let the smart bombs fly!

    • thedavidwilson

      Then we might have to go to war against islam which we are not at war with.

  • Donnell

    Instead of keeping our Delta operations against these cyber attackers secret, The military should leak what happened to the press with some very graphic photos. Sort of like what the British SAS does. Just to let the bad guys know this is your brain with lead poising

  • Jon

    I still can’t believe the gov’t uses Windows for critical systems. If they’re not willing to develop their own embedded OS then at least use a version of Unix. Thank goodness I use a Mac and don’t have to worry about this crap.

    • Normanomiblog

      Hey, just because you use a MAC, doesn’t make you invulnerable. I use a MAC as well. There’s just as many ‘bad things’ out there that can happen to a MAC. It’s just that they’re not as popular right now and if you’re going to write something that will capitalize on an operating system, then why not write it for the one that’s got the market share. Especially when the government is so slow to embrace change.

      Yes, I use a MAC. Yes I HATE Winder$. But let me tell you, if Winder$ wasn’t as buggy and as full of holes as it was, I’d be out of a job.

      Sorry, I’ll get off my soap box now. Back to the embedded OS thing. Do you have any idea what it actually costs to create an embedded OS? Or the software that works with that OS? Besides, even if it were developed, tested, implemented and replacement applications were created to cover everything the government currently uses (such as an office type program, e-mail program, web browsers, chat programs, network and systems management systems, etc), it would be leaked. Someone, somewhere would get a copy of it out of the government and it would spread like wildfire. Besides, the government can’t do it all. There would be systems that would have to be built to handle all of the software. The hardware would have to be made ‘in house’ so to speak so there couldn’t be vulnerabilities built into the hardware. They’d have to eventually connect to the internet, so you’d have to have a system that would be compatible with ‘the internet’. It’s hard enough for private companies to create, develop, maintain and advance an embedded OS for phones, tablets, GPS systems, etc. With the amount of beauracracy and indecision in some of the government offices not to mention the oversight and BS that goes on, the systems would never get deployed.

      But that’s just my two cents worth.

      • blight

        Embedded OS is one of those “cost over run” things which would mean that word processing wouldn’t be implemented til 2020.

    • Scipio Africanus

      If you think owning a MACINTOSH makes you somehow immune to to a cyber attack… you better pay attention to the trends and stop believing the patently false claims of apple about how hacker proof they are…

      1) More and more MAC OS specific flaws are being found and reported.
      2) More and more MAC OS intrusions are being reported
      3) Most MAC owners are also in a higher tax bracket than the avg windows user… and the cyber criminals know it..

      Nothing is more secure over another to a determined assailant, there are just more tools for the script kiddies out there for windows at this time. Those with talent that matters, and not some piss ass worm like above… are versed in all OS’s…

      • Scipio Afticanus

        As for this article itself… its a joke…Cyber Jihadist? I know you tow the pro military line and all… but im getting sick and tired of terrorist this.. terrorist that.. jihadist… fanatic…zealot…DO you really expect me to care about someone in a foreign country screwing with the internet like thousands of americans kids do every hour from the US to foreign countries, and vice versa? Do any of our military personel have any concept of not opening attachments? How about anyone involved in the networks of these big companies that were ALLEGEDLY hit?

        Dont blame the kid.. blame the morons behind the keyboards and the beancounters who refuse to provide adequate security funding for their IT departments.

        • Tech

          I work at one of those companies that was “ALLEGEDLY” hit. I received an email from our Global Services Division about it. Now I’m not dumb enough to open emails like the one used to send the worm out, but there were definitely some stupid people who did as one of the secretaries got, as she put it, “weird emails.”

          So we weren’t “ALLEGEDLY” hit as you put it. And the security/funding has nothing to do with it – the file was sent as a screen saver file (.scr) which virus programs DO NOT scan for. The attack mimiced the “Anna Kournikova” virus from several years ago. This particular one accounted for 14% of spam emails at its peak. Its called “social engineering.”

          And when someone posts a YouTube video saying he/she was accountable for the attacks and represents a pro-Islam/Jihadist group, then yeah, it seems pretty reasonable that the person is or can be labeled a “cyber jihadist.”

          • Tech

            You SHOULD care. Its our country. Our national IT infrastructure has holes all over the place. The fact that this WASN’T sophisticated should be the concern – if a script kiddie can write some simple VB code that can cripple email servers, disable virus protection, etc in a company for a day or so, then an educated “hacker” can easily write something extremely malicious. Hell, I’m sure the compromised computers – without proper fixing – are now part of a zombie net.

            This stuff is real.

          • Scipio Afticanus

            A moron opened an attachment.
            Nuff said.

            As for the “Youtube” video… you have no idea if this guy in the video is CIA.. KGB.. or a script kiddie from OAKLAND… You and I do not have the ability to take apart the video and verify anything.. we are forced to believe what the news reports, or the government tells us as being the ACCURATE DATE.. PERIOD.. end of story… and anyone with a shred of commen sense knows better than that…

            Reality.. we just dont know who what where when why or even how… someone is telling us.. but is it accurate? Dont jump the gun man… wait…let it play out and come to your own conclusion based on DATA.. not a youtube video and a story you read..

  • Tony C

    The right thing to do is revise the law that prevents retaliation by the computers that are under attack, even when they know that there is a denial of service attack. So far,
    the hackers have the law on their side. I would love to see my antivirus return a retrovirus to an attacking machine.

    • blight

      Are you willing to trust that much autonomy to a software program? Some antiviruses have high false positive or false negative rates, which would bog down the internet in retaliatory attacks.

  • Musson

    I believe it is time to take the War to these Jihad geeks.

    Also, if the person is an American citizen, give the 30 days to surrender and
    return to the US for due process. After that – all bets are off.

  • Oblat

    The end is neigh send money to Kevin quickly !

  • roland

    These are Saudi radical islamist color and hand writings on the wall on the picture. Probably terrorist.

  • I know this if off topic but I’m looking into starting my own weblog and was
    curious what all is needed to get set up?
    I’m assuming having a blog like yours would cost a pretty penny?
    I’m not very internet savvy so I’m not 100% positive. Any suggestions or advice would be
    greatly appreciated. Many thanks