Al-Qaida appears to have had its web communications hit by hackers, thwarting its continued effort at updating the world about its activities. It appears that a good portion of their global web presence has been affected. A year ago a similar style attack halted their web communications.
According to Evan Kohlmann from Flashpoint Global Partners, which monitors the group’s efforts, “My guess is that it will take them at least several days more to repair the damage and get their network up and functioning again.” He characterizes the attack as “well coordinated and involved the use of an unusual cocktail of relatively sophisticated techniques”, and said the latest incident “once again appears to bear the telltale fingerprints of government-sponsored hackers.” Last year British spies hacked into an al-Qaida website and replaced a recipe for making bombs with cupcake recipes.
This sort of activity raises the ire of some who say governments shouldn’t meddle, potentially provoking retaliation hacking. In the U.S., the Pentagon is raising the possibility of traditional military response to cyber terrorism if a hacking group attempts to gain access to critical infrastructure. If a government provokes a group and then experiences retaliation that qualifies for military force, questions may potentially be asked about the original provocation, in a situation that could potentially spiral out of control, left unchecked.
It is the age old question of what means should be allowed in the pursuit of “bad guys”, specifically should “grey area” methods be used to potentially stymie what are clearly seen as “bad guys.” Eventually someone will ask “who can be defined as ‘bad guys’”, thereby provoking such governmental activity? One could certainly argue that recipes for cupcakes are fairly innocuous to all but the calorie conscious, but exactly what other access has been attained by governments into other organizations, and what burden of proof does a government need to show in order to embark on such campaigns? Certainly this will vary by government, but we see increasing interest in methods by governments to hold their own in the new cyber arena, and wrestle with their own role in the process. Still, expect to hear more from civil rights groups if/when this type of activity becomes more visible and governments take an increasing role in carrying them out.