[Dataloss] Fwd: [ISN] Online Stores Are Caught In Jihad Web

[blitz]

>http://news.tbo.com/news/metro/MGB47AQ4WJE.html
>
>By HOWARD ALTMAN
>haltman @ tampatrib.com
>Feb 20, 2006
>
>When Stacey Turmel placed an order online with Davida, an English
>motorcycle accessory company, she was looking for protective gear with
>style and comfort.
>
>But after plunking down $255 for a two-tone Deluxe Jet helmet, she
>found herself dragged into the shadowy world of global jihad.
>
>Turmel, a St. Petersburg lawyer, has learned that she was among
>several Davida customers whose personal and credit information was
>placed on a public Web site - 3asfh.net. The site, hosted temporarily
>by a Tampa-based Web-hosting company, has been used to exchange
>information on hacking by people waging war in the name of Islam.
>
>"It was scary to find out that jihadis had my personal information,"
>Turmel said.
>
>Her loss was modest. After checking records in the spring of 2002, she
>found several small charges she did not make - none more than $40, but
>other victims discovered attempts to charge more than $1,000.
>
>Investigators and Internet security experts say much more is at stake.
>
>Computer hackers - from wayward teens to organized crime syndicates to
>groups associated with al-Qaida - steal hundreds of billions of
>dollars every year. Hack attacks such as the one against Turmel are a
>key weapon of global jihad, experts say.
>
>One example is the 2002 explosion that killed more than 200 people at
>a nightclub in Bali, Indonesia. Computer security experts say Imam
>Samudra, the man behind the attack, financed it through credit card
>fraud.
>
>Turmel's experience tells the "central story" of jihadi hackers, said
>Alan Paller, director of research at the SANS Institute, a
>cybersecurity firm based near Washington that works with the National
>Security Agency, financial institutions and governments around the
>world.
>
>In a book Samudra wrote in jail, he "exhorts followers to 'learn to
>hack,'" Paller said.
>
>The book continues, "Not just because it makes more money in three to
>six hours than a policeman makes in six months, because it is how we
>can bring America and its cronies to its knees."
>
>
>Fragile Web
>
>Like Turmel and other customers, Davida's owner, David Fiddaman, was
>unaware of the jihadi activity.
>
>Sellers and buyers need to be more vigilant, say those charged with
>securing the Internet.
>
>Realizing the scope of the problem, the U.S. government is scrambling
>to catch up. The 2003 Information Operations Roadmap, a recently
>declassified, 74-page Department of Defense report, outlines methods
>for government agencies and military units - including Special
>Operations Command in Tampa - to attack enemy computer networks and
>deal with hacking attempts on U.S. systems.
>
>The Slammer worm, an intrusive computer program introduced in 2003 by
>unknown hackers, is an example of the Internet's vulnerability,
>according to a 2004 World Bank report.
>
>The report says, "Within 15 minutes after the Slammer was introduced,
>27 million people in South Korea were left without cell phone or
>Internet access, five of the Internet's 13 root servers crashed,
>300,000 cables in Portugal went dark, Continental Airlines had to
>cancel flights because it had no Internet access, the world's largest
>telecommunications provider was shut off, and 911 service in Seattle"
>was disrupted.
>
>The convenience of the Internet makes consumers prime targets, experts
>say.
>
>"Because of the porous nature of security in commerce and finance, and
>the prevalence of anonymity, it is very easy to siphon and steal
>funds," said Tom Kellerman, former senior risk management specialist
>for the World Bank and author of the 2004 report.
>
>Kellerman rattles off statistics driving home his point: $400 billion
>in losses around the world last year from cybercrime, nine out of 10
>businesses affected, identity theft hitting 19.3 million people in the
>United States.
>
>A good chunk of that theft - though no one knows how much - is by
>jihadi hackers, said Kellerman, who is chief knowledge officer and
>co-founder of the cybersecurity firm Cybrith LLC.
>
>Cybercrime is safer and easier than selling drugs, dealing in black
>market diamonds or robbing banks, he said.
>
>"In the underground and in chat rooms, these people are sharing
>information," Kellerman said. "The Internet is the wild, wild West.
>There is a community that shares tricks of the trade very freely."
>
>The Internet is "almost like a giant arms bazaar," said Kellerman,
>where users can download weapons to hack into financial institutions.
>
>"In this unregulated and wide-open space, they are facilitating the
>financing of terrorist acts," he said.
>
>The government and business communities are aware of the problems, but
>their solutions are lacking, Kellerman said.
>
>"A lot of people don't realize that until we build better castles and
>control cyberspace in a better fashion, we are not going to defeat
>terrorists' financing," he said. "The lack of security contributes to
>cybercrime, which contributes to terrorism. There is a direct link."
>
>
>Emotional Toll
>
>Kellerman's dour assessment is bad news for potential hacking victims.
>So, too, is a January report from the Javelin Strategy and Research
>firm, which concludes that although federal laws and credit card
>companies have done a good job of protecting consumers for
>out-of-pocket losses, it takes about 40 hours to clear up credit
>problems after they are discovered.
>
>"I don't think there is any question that we all lose when there is
>fraudulent use of this information," said Gerri Detwiler, president of
>the Sarasota-based Ultimate Credit Solutions Inc. "The new Harrison
>Ford movie, 'Firewall,' about a guy whose identity is stolen by
>thieves, will only add to the concern."
>
>Cybercrime is the FBI's third priority, behind counterterrorism and
>counterintelligence.
>
>"The network of cyberhackers is extensive, and we are working with our
>partners, international, state and local, every day," said FBI
>spokeswoman Cathy Milhoan, who could not comment specifically about
>problems faced by Turmel and other victims of 3asfh.
>
>Echoing advice from credit experts, Turmel urged consumer caution.
>
>"Look at your balances," she said. "Check those statements on a
>monthly basis. If there is anything you don't recognize, you need to
>follow up on it right away."
>

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://attrition.org/pipermail/dataloss/attachments/20060221/3b0acc17/attachment.html