Darkreading reports a story it picked up from the Israeli news organisation, DEBKAfile, claiming that western intelligence sources have intercepted a message calling for a “Cyber Jihad” against selected western targets on the 11th of November. As of yet these reports have not been substantiated and the only source for the story is DEBKAfile. Despite this numerous other news sources, such as Wired, are also publishing the story.
Now this leads to an interesting situation. If there is no attack on November 11th, does this mean the source for the story was incorrect or does it mean that the publicity generated forced the attackers to postpone the attack? What do we surmise if there is a marked increase in attacks that day. Can we really say that the attacks are the result of cyber terrorists or perhaps, and more likely, will the attacks be carried out by non-terrorist sympathisers and script kiddies?
November 11th also happens to be a Sunday. So not a prime day to target online commerce in the western world. If you wanted to disrupt systems then a weekday would be more suitable. Although attacking at the weekend has some merit as it means that most system admin and other support personnel will not be working at the time of the attack.
Terrorists’ goals are to disrupt our normal lives and to instill fear and uncertainty to such an extent that we change our way of doing things. I suggest that the above story is something to simply use as a reminder that you should check your key systems and perimeter defences and ensure that they are operating as they should and also review your incident response plan to see if there are any gaps in it.
This is something you should be doing on a regular basis anyway and the “threat” of a cyber jihad should not be a driver to conduct this exercise.
Update 8th November 2007
The Register is reporting that a new version of the “Electronic Program of Jihad” has been discovered. This new version has been dubbed version 3.0. It is speculated that this program is the version that will be used during the above reported threat of attack on November 11th. McAfee provide more details on their Avert Labs Blog.