"My first impression is high-tech terrorists don't exist," said Hypponen in a media briefing today. But after considerable online research, his opinion has changed. He has found evidence of a growing amount of interest in technology, encryption and hacking in online jihadist publications that now include topics such as an "Open Source Jihad" section to "Technical Mujahaden" which tells how to hide files using rootkits and steganography. He said he's also analyzed what he thinks is probably British intelligence counter-efforts to trojanize fake versions of these publications so that if they're downloaded, monitoring of possible terrorist activity could take place on whatever computer it's downloaded to.
One of the biggest cases linking Islamic terrorists to high-tech operations like stealing credit cards through botnets that controlled thousands of victims' computers was that of London-based Tariq Al-Daour, sentenced a number of years ago after his gang was caught playing at the Absolute Poker site with stolen credit cards, mainly to launder $3.5 million in poker games, says Hypponen. He spent the money he stole on satellite phones, sleeping bags and lot of other gear he sent to support terrorist activity connected to Al Qaeda. He paid a Russian to build his software, Hypponen noted.
The situation today with extremist groups using high-tech hacking and bots "isn't out of hand," Hyponnen says. But there's mounting evidence that extremist groups are increasingly interested in high-tech, writing in their slick multimedia online publications about Apache, PGP, NMAP, and creating their own public crypto keys, right alongside instructions for bomb-building. He says it may be time to pay more attention to it.
Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.
Read more about wide area network in Network World's Wide Area Network section.