Category Archives: terrorism

Terrorists embracing new Android crypto in wake of Snowden revelations

Security researchers announced Friday that they have found new evidence to bolster claims from the National Security Agency that terrorists have altered their countermeasures in the wake of the Edward Snowden revelations.

"Al-Fajr, one of Al-Qaeda’s media arms, released a new Android encryption application [in] early June 2014 on their website, referring to how it follows the “latest technological advancements” and provides '4096 bit public key' encryption," intelligence firm Recorded Future said in a Friday report.

The report added that Global Islamic Media Front, another arm of Al Qaeda, just released a "new version" of Android crypto software.

Read 9 remaining paragraphs | Comments

US State Department adopting social media to counter Al-Qaeda propaganda

The State Department unveiled Wednesday that it is widely employing social media as a method to counter online violent extremism from Al-Qaeda and others.

Buried in an intelligence report published Wednesday, the government said that the Center for Strategic Counterterrorism Communications (CSCC), established in 2011, last year produced more than 10,000 online postings globally, some of which included one of 138 government-produced videos.

"CSCC's programs draw on a full range of intelligence information and analysis for context and feedback. CSCC counters terrorist propaganda in the social media environment on a daily basis, contesting space where AQ and its supporters formerly had free rein. CSCC communications have provoked defensive responses from violent extremists on many of the 249 most popular extremist websites and forums as well as on social media," said the document, Country Reports on Terrorism 2013 (PDF).

Read 4 remaining paragraphs | Comments

In airport security scanning, ultra-rare items are harder to catch

In a simulation of airport luggage scanning, a team of researchers has found that the rarer an item is, the less likely a scanner operator is to spot it—that is, if fewer people come through with bomb materials or guns, it will be harder for the operator to spot them when they do.

The Duke University scientists set up the simulation in an “Airport Scanner” app where participants would check virtual suitcases for a set of 78 verboten items, like a stick of dynamite or a gun. Thirty of the items were “ultra rare,” appearing less than 0.15 percent of the time.

Drawing upon 20 million searches, the team found that these ultra-rare items were more difficult for participants to spot than more common things. The ultra-rare items were spotted only 27 percent of the time, while items that cropped up in one percent of suitcases were correctly spotted 92 percent of the time.

Read 3 remaining paragraphs | Comments

NSA director addresses Black Hat, says there have been “zero abuses” of data

NSA Director General Keith Alexander.

LAS VEGAS—At the Black Hat security conference today, National Security Agency (NSA) Director Keith Alexander defended the NSA's data collection programs and described at a high level what data is collected and how it's used.

His presentation covered two programs, both revealed by Edward Snowden: telephone metadata collection and a program of collecting from the computer industry data relating to foreign nationals, of which PRISM is a component. According to Alexander, the phone metadata collection, authorized under FISA section 215, was both limited and tightly controlled. The NSA collects only the time and date of a call, the phone numbers involved in a call, the duration of a call, and the service provider that captured the information. Notably, he said that names, address information, and location information were not captured. Nor was any conversation data collected, such as the contents of voice calls or text messages.

While this data was collected, Alexander said that access to the information was tightly restricted. Free-for-all queries weren't permitted. Instead, numbers had to be individually approved by one of 22 people at the NSA, and only 35 analysts within the agency were authorized to run queries on those numbers. In 2012, he said that fewer than 300 numbers were added to the list.

Read 7 remaining paragraphs | Comments


    


Mali Jihadists Support Their Struggle Online

Yesterday in Lille, the 5th CyberSecurity International Forum (FIC2013) ended with a speech by Manuel Valls, the French Minister of the Interior. Among the subjects, the Minister informed the audience about the increasing dangers of cyberjihad.

Since January 11, France has been engaged in Mali. The Africans had appealed for urgent military aid to halt the jihadist rebels advance in the northern part of the country. The conflict is taking place both on the ground as well as online, and terrorists are intensifying their activities in the latter area.

The jihadists are using the Internet for propaganda. Lots of pictures like the following are available for download and redistribution.

FP_BLOG_130129_1

Terrorists have also threatened France and its inhabitants. Their leaders–or people who say they represent them–have created videos like the one below that I discovered during my searches. (This is a “Message to France from a mujahideen.”)

FP_BLOG_130129_2

Like cybercriminals and many law-abiding people, jihadists use forums to communicate. In the past, these were publicly available. Today they are closed, and new members are now accepted only by invitation.

FP_BLOG_130129_4

The terrorists do not hesitate to spread offensive photographs. Some were distributed not so long ago via a Twitter account driven by Somali militants with links to al Qaeda. They showed a dead white man wearing military pants and a blood-soaked shirt surrounded by three guns, ammunition clips, and protective gear. The message claimed it was a French soldier killed in the failed January 12 rescue mission of a fellow countryman held hostage. (Out of respect for the families and at the request of French authorities, we will not post these pictures.)

FP_BLOG_130129_3

Defacing websites is another frequent activity. On January 16, cyberjihadists attacked the sites of some French socialist deputies, modifying the welcome pages with propaganda images. The jihadists claimed responsibility on their websites.

FP_BLOG_130129_5

They have also threatened distributed denial of service attacks. A DDoS attack on the French Defense Ministry website was announced on a private forum on January 17.

FP_BLOG_130129_6

The Internet is also a popular tool for collecting money and recruiting volunteers. The promise of entering paradise as a martyr appears to inspire recruits.

FP_BLOG_130129_7

These examples demonstrate that terrorists can use the Internet in their struggles. These efforts are not truly cyberterrorism, but they are apparently effective.

Osama Shoot down video scam spreads on Facebook

Facebook users are being tempted to click on links to what purports to be a video of Osama bin Laden being shot, in the latest scam to exploit the hot news story of the Al Qaeda leader’s death.

The messages appear as follows:

Osama shoot down video

Watch the Osama Shoot down video

Osama Dead - Censored Video Leaked
on.fb.me
Osama is dead, watch this exclusive CNN video which was censored by Obama Administration due to level of violence, a must watch. Leaked by Wikileaks.

Clicking on the link, however, will not instantly show you some sensational footage of US Navy Seals attacking Osama bin Laden’s compound in Pakistan.

Instead, you’re told you will have to take an online survey.

Osama shoot down video scam

That should be enough to set your alarm bells ringing – as survey scams are a persisting problem on Facebook, earning scammers commission with every survey they manage to trick users into completing.

What’s most interesting about this scam is that they trick you into cutting-and-pasting a line of JavaScript into your web browser’s address bar.

Not that you’ll realise that you’re doing that, of course. As far as you know all you’re doing is following a sequence of instructions and keyboard presses before you watch the video.

Osama shoot down video scam

But any time you paste a script into your browser’s address bar, you’re effectively running code written by the scammers without the safety net of protection.

Script

Before you know it, you’ll be sharing the news of the “Osama Shoot down video” with all of your Facebook friends, and the scam will be spreading virally.

My guess is that you don’t want to make it so easy for the scammers to run their scripts on your browser – so don’t fall for scams like this.

Be very careful not to be fooled by scams related to Osama Bin Laden’s death, not just on Facebook but on other parts of the internet too. Such a big news story always seems to attract the interest of fraudsters and malware authors.

If you want to keep up-to-date on the latest scams, and are a member of Facebook, don’t forget to join the Sophos Facebook page to keep informed about the latest security news.

Copyright © 2014. Powered by WordPress & Romangie Theme.