Al Qaeda cyber attack video shows urgent need for protections, says Sen. Lieberman
An Al Qaeda-produced video uncovered by the FBI that calls for cyber attacks on U.S. infrastructure shows the urgent need for Cyber security standards, said the leaders of the Senate Homeland Security Committee.
The video calls for attacks on a range of online targets, from sophisticated attacks on the systems that run electrical grids to primitive distributed denial of service attacks on media Websites. Sen. Joseph Lieberman (I-CT), chairman of the Senate Homeland Security and Governmental Affairs Committee, released it widely on May 22.
The video, he said, was obtained by the FBI last year through open sources.
It calls on the “covert Mujahidin” to commit “electronic jihad,” and according to Lieberman, underscores the need for Cyber security standards for the nation’s most critical networks. Lieberman and Sen. Susan Collins (R-ME) authored the Cyber security Act which is backed by the White House, but contains provisions that face stiff opposition in Congress. It would draft the Department of Homeland Security to enforce Cyber security standards for critical infrastructure and ask corporations to share information on electronic attacks among themselves and with government authorities.
Cyber attacks on industrial control systems (ICS) at critical infrastructure facilities, particularly water and energy plants, have already skyrocketed in the last two years as attacks from state-sponsored, criminal and amateur hackers alike try to force their way in, said members of the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) at an April government security conference in Washington D.C. Kevin Helmsley, vulnerability handling lead for ICS-CERT said in a panel discussion at the event that ICS-CERT has recorded a 300 percent increase in vulnerability disclosure reports from water and power companies since 2008, from nine incidents then to 198 in 2011.
Lieberman said DHS received more than 50,000 reports of cyber intrusions or attempted intrusions since October last year, an increase of 10,000 reports over the same period the previous year. Recent attacks on natural gas pipelines also underscore the vulnerability of critical infrastructure, he said.
The video calls for cyber attacks against the networks of both government and critical infrastructure companies, including the electric grid, and compares vulnerabilities in U.S. critical cyber networks to the vulnerabilities in the aviation system before the 9/11 attacks. It notes previous attacks in 2000 by Canadian high school student Michael Calce, also known as“mafia boy,” and a 2007 attack on U.S. government sites as models for electronic mayhem.
Calce, a “script kiddie,” launched brute-force DDOS attacks on Yahoo, Amazon and Dell that showed commercial networks were largely unprepared to deal with electronic assaults. The more sophisticated attacks on U.S. government defense and high tech sites in 2007 resulted in the pilfering of Terabytes of information by unknown electronic assailants.
Lieberman said the video was the clearest evidence that Al Qaeda and other terror groups are taking aim at critical infrastructure targets and called for Congress to act on Cyber security standards.
|Event Details||Dates of Event|
|SANS Counter Hack 2013||Nov 7 - 14|
|SANS Pen Test Hackfest 2013||Nov 7 - 14|
|SANS Korea 2013||Nov 11 - 16|
|Military Exports & Compliance Asia||Nov 12 - 14|
|NCT: Counter IED Asia, 12 - 15 November 2013, Bangkok||Nov 12 - 15|
|School Safety Symposium||Nov 13 - 13|
|Southwest Microwave Perimeter Defense Seminar||Nov 13 - 13|
|OWASP AppSec USA 2013||Nov 18 - 21|
|GovSec West Conference & Expo 2013||Nov 19 - 20|
|Southwest Microwave Perimeter Defense Seminar||Nov 19 - 19|
|Oracle 7th Annual Federal Forum||Nov 20 - 20|
|World BORDERPOL Congress||Dec 3 - 4|
|Critical Infrastructure Protection and Resilience Europe||Feb 12 - 13|