<html>
<body>
<font size=3><br><br>
<br>
<blockquote type=cite class=cite cite="">
<a href="http://news.tbo.com/news/metro/MGB47AQ4WJE.html" eudora="autourl">
http://news.tbo.com/news/metro/MGB47AQ4WJE.html</a><br><br>
By HOWARD ALTMAN <br>
haltman @ tampatrib.com<br>
Feb 20, 2006<br><br>
When Stacey Turmel placed an order online with Davida, an English<br>
motorcycle accessory company, she was looking for protective gear
with<br>
style and comfort.<br><br>
But after plunking down $255 for a two-tone Deluxe Jet helmet, she<br>
found herself dragged into the shadowy world of global jihad.<br><br>
Turmel, a St. Petersburg lawyer, has learned that she was among<br>
several Davida customers whose personal and credit information was<br>
placed on a public Web site - 3asfh.net. The site, hosted
temporarily<br>
by a Tampa-based Web-hosting company, has been used to exchange<br>
information on hacking by people waging war in the name of
Islam.<br><br>
"It was scary to find out that jihadis had my personal
information," <br>
Turmel said.<br><br>
Her loss was modest. After checking records in the spring of 2002,
she<br>
found several small charges she did not make - none more than $40,
but<br>
other victims discovered attempts to charge more than $1,000.<br><br>
Investigators and Internet security experts say much more is at
stake.<br><br>
Computer hackers - from wayward teens to organized crime syndicates
to<br>
groups associated with al-Qaida - steal hundreds of billions of<br>
dollars every year. Hack attacks such as the one against Turmel are
a<br>
key weapon of global jihad, experts say.<br><br>
One example is the 2002 explosion that killed more than 200 people
at<br>
a nightclub in Bali, Indonesia. Computer security experts say Imam<br>
Samudra, the man behind the attack, financed it through credit card<br>
fraud.<br><br>
Turmel's experience tells the "central story" of jihadi
hackers, said<br>
Alan Paller, director of research at the SANS Institute, a<br>
cybersecurity firm based near Washington that works with the
National<br>
Security Agency, financial institutions and governments around the<br>
world.<br><br>
In a book Samudra wrote in jail, he "exhorts followers to 'learn
to<br>
hack,'" Paller said.<br><br>
The book continues, "Not just because it makes more money in three
to<br>
six hours than a policeman makes in six months, because it is how we<br>
can bring America and its cronies to its knees."<br><br>
<br>
Fragile Web<br><br>
Like Turmel and other customers, Davida's owner, David Fiddaman, was<br>
unaware of the jihadi activity.<br><br>
Sellers and buyers need to be more vigilant, say those charged with<br>
securing the Internet.<br><br>
Realizing the scope of the problem, the U.S. government is
scrambling<br>
to catch up. The 2003 Information Operations Roadmap, a recently<br>
declassified, 74-page Department of Defense report, outlines methods<br>
for government agencies and military units - including Special<br>
Operations Command in Tampa - to attack enemy computer networks and<br>
deal with hacking attempts on U.S. systems.<br><br>
The Slammer worm, an intrusive computer program introduced in 2003
by<br>
unknown hackers, is an example of the Internet's vulnerability,<br>
according to a 2004 World Bank report.<br><br>
The report says, "Within 15 minutes after the Slammer was
introduced,<br>
27 million people in South Korea were left without cell phone or<br>
Internet access, five of the Internet's 13 root servers crashed,<br>
300,000 cables in Portugal went dark, Continental Airlines had to<br>
cancel flights because it had no Internet access, the world's
largest<br>
telecommunications provider was shut off, and 911 service in
Seattle" <br>
was disrupted.<br><br>
The convenience of the Internet makes consumers prime targets,
experts<br>
say.<br><br>
"Because of the porous nature of security in commerce and finance,
and<br>
the prevalence of anonymity, it is very easy to siphon and steal<br>
funds," said Tom Kellerman, former senior risk management
specialist<br>
for the World Bank and author of the 2004 report.<br><br>
Kellerman rattles off statistics driving home his point: $400
billion<br>
in losses around the world last year from cybercrime, nine out of 10<br>
businesses affected, identity theft hitting 19.3 million people in
the<br>
United States.<br><br>
A good chunk of that theft - though no one knows how much - is by<br>
jihadi hackers, said Kellerman, who is chief knowledge officer and<br>
co-founder of the cybersecurity firm Cybrith LLC.<br><br>
Cybercrime is safer and easier than selling drugs, dealing in black<br>
market diamonds or robbing banks, he said.<br><br>
"In the underground and in chat rooms, these people are sharing<br>
information," Kellerman said. "The Internet is the wild, wild
West. <br>
There is a community that shares tricks of the trade very
freely."<br><br>
The Internet is "almost like a giant arms bazaar," said
Kellerman,<br>
where users can download weapons to hack into financial
institutions.<br><br>
"In this unregulated and wide-open space, they are facilitating
the<br>
financing of terrorist acts," he said.<br><br>
The government and business communities are aware of the problems,
but<br>
their solutions are lacking, Kellerman said.<br><br>
"A lot of people don't realize that until we build better castles
and<br>
control cyberspace in a better fashion, we are not going to defeat<br>
terrorists' financing," he said. "The lack of security
contributes to<br>
cybercrime, which contributes to terrorism. There is a direct
link."<br><br>
<br>
Emotional Toll<br><br>
Kellerman's dour assessment is bad news for potential hacking
victims. <br>
So, too, is a January report from the Javelin Strategy and Research<br>
firm, which concludes that although federal laws and credit card<br>
companies have done a good job of protecting consumers for<br>
out-of-pocket losses, it takes about 40 hours to clear up credit<br>
problems after they are discovered.<br><br>
"I don't think there is any question that we all lose when there
is<br>
fraudulent use of this information," said Gerri Detwiler, president
of<br>
the Sarasota-based Ultimate Credit Solutions Inc. "The new
Harrison<br>
Ford movie, 'Firewall,' about a guy whose identity is stolen by<br>
thieves, will only add to the concern."<br><br>
Cybercrime is the FBI's third priority, behind counterterrorism and<br>
counterintelligence.<br><br>
"The network of cyberhackers is extensive, and we are working with
our<br>
partners, international, state and local, every day," said FBI<br>
spokeswoman Cathy Milhoan, who could not comment specifically about<br>
problems faced by Turmel and other victims of 3asfh.<br><br>
Echoing advice from credit experts, Turmel urged consumer
caution.<br><br>
"Look at your balances," she said. "Check those statements
on a<br>
monthly basis. If there is anything you don't recognize, you need to<br>
follow up on it right away."<br><br>
</font></blockquote></body>
<br />--
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.
</html>