Skip to main content

Threat of Future Cyber Attacks by Al Qaeda Remains Low

This article was published in Scientific American’s former blog network and reflects the views of the author, not necessarily those of Scientific American


Will Al Qaeda respond to the death of Osama bin Laden with serious cyber attacks?

The short answer is, no. There could be some denial-of-service attacks on U.S. government Web sites, but these would probably be only a minor nuisance. And if they do happen, they might not be acknowledged or even noticed.


On supporting science journalism

If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.


Despite an interest in cyber attacks that dates back at least to 2001, al Qaeda has never managed any successful cyber attacks other than some posting of propaganda, ATM milking and credit card fraud.

 

This is partly because most of the al Qaeda leaders who advocated cyber attacks were either captured or killed. There is some reason to believe that al Qaeda attempted some ambitious cyber attacks, especially during 2005 and 2007, but they seem to have found these harder to bring off than they had expected.  Mostly, they have been too busy with bombs to give cyber attacks much attention.

Cyber attacks by Pakistani al Qaeda sympathizers are a bigger worry, but most Pakistani hackers are not actually very sympathetic to al Qaeda. They are much more interested in attacking India.

Here’s a brief account of al Qaeda's involvement with cyber attacks:

 

Throughout its history, al Qaeda operatives have regularly used laptop computers and the Internet for communications, fund raising, recruitment, training, financial management, researching targets, propaganda and monitoring news stories. Hence, computers and the Internet have never been far from their minds.

A number of the terrorist leaders associated with al Qaeda were actually computer experts, including Khalid Shaikh Mohammed, Abu Anas al Liby and Fazul Abdullah Mohammed. Mustafa Setmariam Nasar was a mechanical engineer, but urged his followers to study computer science.

 

Cyber conflicts between Hamas and Israel, beginning in 1999, and between Hezbollah and Israel, beginning in 2000, made virtually all political activists in the Middle East very aware of the potential of cyber attacks.

 

Starting in 2001, senior al Qaeda leaders regularly said they would turn the Western superiority in information technology into a tool to bring down the West.

In October 2001, an alleged al Qaeda operative, arrested in India, claimed that other members of the terrorist network had managed to get hired by Microsoft, so that they could build backdoors and bugs into the company’s new XP operating system. There is no evidence that al Qaeda operatives were actually able to do this.  But after this news story was picked up by the international press, al Qaeda leaders and other ideological militants would certainly have been thinking about the possibilities.

Beginning in early 2002, American intelligence officials repeatedly warned that computers belonging to al Qaeda associates had been used to access Web sites offering hacker tools and instructions. Imam Samudra, organizer of the 2002 Bali nightclub bombings, urged Muslim militants to start hacking into U.S. computers, both to steal money and to do damage.

 

Starting in 2002, however, government forces were very successful in hunting down potential al Qaeda cyber attack leaders. Imam Samudra was arrested in Indonesia in 2002 and eventually executed for his terrorist acts. Abu Anas al Liby was reported captured in Sudan in 2002, although American officials have since said that his whereabouts is still unknown. Khalid Shaikh Mohammed was captured in Pakistan in 2003 and is currently being held at Guantanamo Bay. Depriving al Qaeda of these leaders seems to have been a big setback to their cyber efforts.

 

A group associated with al Qaeda tried to claim responsibility for causing the August 2003 American electric power outage. Again, although there is no reason to believe they had any role in this event, this is a sign that they were thinking along those lines.

Captured laptop computers belonging to associates of al Qaeda revealed that they were researching American police communications and 911 systems in 2003. A number of these systems were subsequently disrupted, and at least some of the attackers were apparently based in the Middle East, but it does not appear that people associated with al Qaeda were involved.

An al Qaeda computer expert named Younis Tsouli became active in 2003, operating under the name Irhabi. He posted a 20-page "Seminar on Hacking Websites" on a Web site used by Islamic terrorists. This document is still circulating, but its contents are not very sophisticated. Tsouli regularly hid al Qaeda propaganda on Web sites that were unaware they were being used for this. Tsouli and his associates were also very successful in stealing money using stolen credit card information. Their efforts represent the most successful al Qaeda-linked cyber attacks to date.

 

In March of 2005, Sir David Omand announced that British intelligence had surveillance reports indicating al Qaeda affiliates were preparing to use the internet and other electronic communication systems to cripple economic, medical, and transport networks. These attacks were either never launched or, more likely, were unsuccessful.

Government forces had another round of successes in capturing al Qaeda cyber attack advocates in 2005. Younis Tsouli was arrested in the U.K. in 2005 and convicted of incitement to acts of terrorism in 2007. Mustafa Setmariam Nasar was captured in Pakistan in 2005.

In 2006, many cyber attackers in the Arab world got caught up in a cyber campaign against Denmark, prompted by the Danish cartoon of Mohammed. This effort seems to have temporarily reduced other cyber attack activity originating from the Middle East.

 

In December of 2006 and again in October of 2007, Web sites associated with al Qaeda announced the beginning of a "cyber Jihad," directed against Western banks and other important institutions. There were rumors and circumstantial signs of ambitious cyber attacks being mounted by al Qaeda during this period, but they don't seem to have gotten very far.

Since early 2008, there has been no sign of any sustained or sizeable effort on the part of al Qaeda to assemble a serious cyber-attack force. This suggests, at minimum, that they have not been recruiting cyber attackers very widely or aggressively. It is possible the al Qaeda has been developing cyber-attack teams from within its own ranks, but bringing them to a very high level of capabilities without interaction with the wider hacker world would be difficult.

Altogether, given its history and the lack of outward signs, it seems unlikely that al Qaeda has developed significant cyber attack capabilities.

 

About the Author: Scott Borg is the Director and Chief Economist of the U.S. Cyber Consequences Unit, an independent, non-profit research institute that investigates the economic and strategic consequences of possible cyber attacks and monitors cyber attack trends.

The views expressed are those of the author and are not necessarily those of Scientific American.