IDG News Service - Terror group al-Qaida has been left without a trusted operational channel on the Internet for distributing its media and propaganda, according to a terrorism expert.
"I really can't say for certain how or why this happened, other than that it involved apparently separate attacks on both the domain name and data server used by al-Qaida's trusted forum, Al-Shamukh," Evan Kohlmann of Flashpoint Partners said in an e-mail late Wednesday. That kind of coordinated event doesn't typically occur by happenstance, he added.
Other jihadi forums left online still allow "the rabble" to communicate with others, but none of them are fully trusted by al-Qaida, said Kohlmann who has spent over a decade tracking al-Qaida and other terrorist organizations.
The incident began in earnest about 72 hours ago, he said.
Kohlmann reported earlier this week in a message on Twitter that hackers hijacked the primary web domain used by the Shamukh chat forum, which disseminates propaganda on behalf of al-Qaida. He later reported that the entire website was unavailable, and two more top-tier jihadi web forums had also been mysteriously knocked offline, including the Arabic-language Ansar al-Mujahideen Network.
Kohlmann said on Wednesday that he was certain that al-Qaida has backup copies of the forum database, and there are various mirrors of their material still available online, such as aljahad.com/vb. But there is no other trusted channel left for al-Qaida to release new material through. Either Shamukh must be resurrected, or else al-Qaida must establish a direct relationship with a new forum, he added.
Shamukh is at present the critical linchpin in the network, Kohlmann said. "I'm sure that Shamukh will eventually be replaced by another forum, just as it replaced the former top-tier "al Faloja" forum last year," he added.
The list of potential suspects who may have brought down al-Qaida's online communications channels includes both government-sponsored hackers from the U.S. and the U.K., as well as independent cyber vigilantes, Kohlmann said. One frequent hacktivist who launches these types of attacks is known as th3j35t3r, he said.
Known as the Jester, th3j35t3r describes himself on his Twitter account as a "Hacktivist for good. Obstructing the lines of communication for terrorists, sympathizers, fixers, facilitators, and other general bad guys". Jester did not claim credit for the Shamukh hack on either the Twitter account or on his blog.
- EndPoint Interactive eGuide In this eGuide, Network World, Computerworld, and CIO examine two endpoint trends - BYOD and collaboration - and offer tips and advice on...
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!