A coordinated attack against the Internet, dubbed an “electronic jihad,” may be as close as tomorrow, one security firm warned Wednesday. Other experts, however, were dubious.
According to a report on the Russian news service RIA Novosti, Eugene Kaspersky of the Moscow-based Kaspersky Labs has warned about a large-scale attack that might be delivered by Islamic terrorists.
Kaspersky and other security analysts have noted claims on Arabic-language Web sites that announced an attack will launch August 26. The main targets — no surprise — of the attack would be against political and financial Web sites in the U.S., Israel, and Western European nations, Kaspersky alleged.
“The hackers who have proclaimed ‘electronic jihad’ have enough experience and resources to paralyze the Internet for several hours at least,” Kaspersky was quoted as saying. “It is ghastly enough that these people have mentioned ‘electronic jihad’ for the first time.”
Executives at Kaspersky Labs were unavailable for comment, but as of mid-day Wednesday, the security company’s Web site rated virus activity as “green,” indicating that everything’s “normal.”
But since even Kaspersky has no firm details, other security professionals said it’s unlikely anything out of the ordinary would happen Thursday.
“We don’t think anything really major will happen,” said nearby F-Secure, an anti-virus firm based in Finland, in a statement on its Web site. “Why would anybody announce an attack like this beforehand?”
Cupertino, Calif.-based Symantec agreed. “We don’t see anything unusual developing,” said a Symantec spokesperson Wednesday. Symantec operates a global network of threat detection sensors, dubbed DeepSight Threat Network; DeepSight hasn’t spotted any evidence of an impending attack, the spokesperson added.
“We don’t see anything substantiated,” said Ken Dunham, the director of malicious code research for Reston, Va.-based iDefense. “We’re certainly not expecting any major global event that will affect the Internet as a whole.”
But while Dunham pooh-poohed the idea of a general strike against the Web on Thursday, he believes politically- and/or religiously-motivated attacks are a sure thing at some point.
“We’ve definitely seen an increase in hacker activism, and religious and politically-motivated attacks,” he said. More important, said Dunham, is the move by various groups toward hacking. “We’re beginning to see a shift toward a convergence of major motives,” he added, such as activist groups taking on some of the characteristics of organized crime gangs when it comes to hacking. But rather than after a financial windfall, these attackers are after disruption pure and simple.
“With the tools and abilities now circulating in the hacker community, the situation’s likely to be more disruptive and coordinated in 2004 and 2005. It’s a dangerous situation, like oil and fire.”
Attackers like the ones cited by Kaspersky, said Dunham, are likely “middle- to low-class hackers without the skills necessary to attack heavily guarded Web sites, such as financial services sites, but could hammer less well-defended servers.”
But even then Dunham’s hedging his bets. “The current situation is the most dangerous and difficult we’ve ever seen, what with the high number of zero-day attacks against Internet Explorer and the fact that some attacks have hit fully-patched computers at will.”
“There’s a lot out there to be concerned about,” he concluded.