Time.com: How Hizballah Hijacks the Internet

How Hizballah Hijacks the Internet
The group pops up on unwitting Web sites around the world in
order to 
communicate, recruit and fundraise
By HILARY HYLTON/AUSTIN
Posted Tuesday, Aug. 08, 2006

What do a small south Texas cable company, a suburban
Virginia cable 
provider and Web-hosting servers in Delhi, Montreal,
Brooklyn and New Jersey 
have in common? Since fighting broke out in Lebanon, they
all have had their 
communications portals hijacked by Hizballah. Hackers from
the militant 
Lebanese group are trolling the Internet for vulnerable
sites to communicate 
with one another and to broadcast messages from Al-Manar
television, which 
is banned in the U.S. In the cyberterrorism trade it is
known as 
"whack-a-mole" — just like the old carnival
game, Hizballah sites pop up, 
get whacked down and then pop up again somewhere else on the
World Wide Web.

http://www.t
ime.com/time/world/article/0,8599,1224273,00.html?cnn=ye
s
or
http://tinyurl.com/m5tqb

-Daniel Jimenez

I think this is more or less a language battle. It is
considered
counterterrorism, but if you look at the media outlets
Hizbullah communicate
with, they have been banned entirely from the US citizens.
So by all rites,
what this article is referring to is no less a terrorist
activity than the
many other cases in which an exploit was used to convey a
specific message.
I think Hizbullah's message is pretty clear, they want
their own land and to
be left alone, nothing more than what Israel is claiming to
want. It can be
said the kidnapping of their soldiers somehow prompted this,
but a) this
isn't the appropriate forum and b) it's not the complete
truth. With regards
to hijacking a website for pop ups to convey the message,
this is the root
of our greatest threat: an enemy with motivation. It is
said, necessity is
the mother of invention, and this simply proves it. I
mentioned in other
locations, when we look at the importance of security we
must first look at
what value we have. Even if you're a company with 300k
subscribers, that's
an audience greater than the 0 Hizbullah would have gotten.
Consider your
fundamental assets with implementing security, and don't be
so narrowminded
as to assume because you're a small company you're less of
a target. From
this we can see, the only small target is the private
network, in world
events.

 

Regards,

 

AJ Rembert 

-----Original Message-----
From: Daniel Jimenez [mailto:dgj1menezhotmail.com] 
Sent: Saturday, August 12, 2006 9:36 AM
To: realcasessecurityfocus.com
Subject: Time.com: How Hizballah Hijacks the Internet

How Hizballah Hijacks the Internet
The group pops up on unwitting Web sites around the world in
order to 
communicate, recruit and fundraise
By HILARY HYLTON/AUSTIN
Posted Tuesday, Aug. 08, 2006

What do a small south Texas cable company, a suburban
Virginia cable 
provider and Web-hosting servers in Delhi, Montreal,
Brooklyn and New Jersey

have in common? Since fighting broke out in Lebanon, they
all have had their

communications portals hijacked by Hizballah. Hackers from
the militant 
Lebanese group are trolling the Internet for vulnerable
sites to communicate

with one another and to broadcast messages from Al-Manar
television, which 
is banned in the U.S. In the cyberterrorism trade it is
known as 
"whack-a-mole" - just like the old carnival
game, Hizballah sites pop up, 
get whacked down and then pop up again somewhere else on the
World Wide Web.

http://www.t
ime.com/time/world/article/0,8599,1224273,00.html?cnn=ye
s
or
http://tinyurl.com/m5tqb

-Daniel Jimenez

oh teh noes, terrorists can use the internet like every
other script
kiddie.. and because the popular enemy of the day is
hizballah.. it must
be their hackers doing  it!..


if they were smarter they would just setup a tor service..
oh.. wait..
maybe they already have.. ye gods!

i dunno man, im all down for "real cases" and
such.. but this is just
bullshit propaganda..


watch out.. i hear iran has some great hackers/terrorists
(its the same
school ya know)



On Sat, 2006-08-12 at 13:35 +0000, Daniel Jimenez wrote:
> http://www.t
ime.com/time/world/article/0,8599,1224273,00.html?cnn=ye
s

Hi,

Yeah, I hear what your saying, and I was wondering whether
or not I should 
even have posted it up.  I'm not too fond of the terroriste
du jour either.

But ultimately, it is a RealCase of a security breach.  I
don't consider a 
hacker as just a person who exploits security, and yes, any
script kiddie 
can run Metasploit and pwn an unpatched Win2k server running
IIS 5.5, but 
the point is, it was a security breach, and the place got
owned for a bit.

Personally, I don't care who it is, if someone even tries
to get close to my 
systems, some sort of security alert will go off.  Now, as
the case may be, 
since this is a "terrorist orgainization", I
don't want the equipment I am 
in charge of, being a part of a fight that a group of people
feel should be 
used to further their cause without expressed permission.  I
don't want the 
systems I'm in charge of being used for anything besides
their intended 
purposes, period.

So whether this is propaganda or not, will be left for the
reader to decide 
for themselves.  But, to reiterate I think this is a real
case of a security 
breach that should be looked at from a proactive security
perspective.  And 
measures should always be in place to deal with these kinds
of issues with 
respect to your systems.

Thanks,

-Daniel


>From: Mike Davis <mdavisimperfectnetworks.com>
>To: Daniel Jimenez <dgj1menezhotmail.com>
>CC: realcasessecurityfocus.com
>Subject: Re: Time.com: How Hizballah Hijacks the
Internet
>Date: Mon, 14 Aug 2006 12:24:05 -0400
>MIME-Version: 1.0
>Received: from server46.tchmachines.com
([63.247.85.218]) by 
>bay0-mc3-f9.bay0.hotmail.com with Microsoft
SMTPSVC(6.0.3790.2444); Mon, 14 
>Aug 2006 09:25:09 -0700
>Received: from
static-71-249-210-26.nycmny.east.verizon.net 
>([71.249.210.26] helo=[192.168.2.8])by
server46.tchmachines.com with esmtp 
>(Exim 4.52)id 1GCfFR-00069k-Dq; Mon, 14 Aug 2006
12:25:05 -0400
>X-Message-Info:
LsUYwwHHNt3660MmjhEvYg2f34OAemlKtU9j2Z7TuGo=
>References: <BAY107-F2232AD2A624EFD7D627917EE480phx.gbl>
>X-Mailer: Evolution 2.4.2.1 X-AntiAbuse: This header was
added to track 
>abuse, please include it with any abuse report
>X-AntiAbuse: Primary Hostname - server46.tchmachines.com
>X-AntiAbuse: Original Domain - hotmail.com
>X-AntiAbuse: Originator/Caller UID/GID - [0 0] / [47 12]
>X-AntiAbuse: Sender Address Domain -
imperfectnetworks.com
>X-Source: X-Source-Args: X-Source-Dir: Return-Path: 
>mdavisimperfectnetworks.com
>X-OriginalArrivalTime: 14 Aug 2006 16:25:10.0146 (UTC) 
>FILETIME=[363F7E20:01C6BFBE]
>
>oh teh noes, terrorists can use the internet like every
other script
>kiddie.. and because the popular enemy of the day is
hizballah.. it must
>be their hackers doing  it!..
>
>
>if they were smarter they would just setup a tor
service.. oh.. wait..
>maybe they already have.. ye gods!
>
>i dunno man, im all down for "real cases"
and such.. but this is just
>bullshit propaganda..
>
>
>watch out.. i hear iran has some great
hackers/terrorists (its the same
>school ya know)
>
>
>
>On Sat, 2006-08-12 at 13:35 +0000, Daniel Jimenez wrote:
> > http://www.t
ime.com/time/world/article/0,8599,1224273,00.html?cnn=ye
s
>