According to Dr. Magnus Ranstorp, the Director of Centre for the Study of Terrorism and Political Violence at the University of St. Andrews, Scotland, and a CNN consultant, Al Qaeda is very involved in the use of computers and the internet to promote its cause. In his published report "Al-Qaeda in cyberspace: terrorism challenges in the information era" he describes some of Al Qaedas cyber activities. Al Qaeda uses the internet as one of it primary methods of communication, recruitment, mobilization, and propaganda. It is also used for theological teaching, and hidden communication between its covert cells. It is well known in security circles that Al Queda uses the free email services of Yahoo and Microsofts Hotmail to communicate using a variety of innocuous user names, and apparently non-sensitive emails. Al Queda uses common vernacular as disguised code words, often with pre-arranged meanings, as well as the practice of steganography, or hiding messages in plain sight, typically in an image that would not otherwise attract any attention. By remaining in open sight, and without any unusual content that would attract attention, Al Queda can exchange information that is nearly impossible to identify in a timely fashion.

According to John Hamre, Deputy Secretary of Defense under President Clinton, many of the notebook computers belonging to Al Queda operatives captured or otherwise seized, has significant information about the programming and operation of supervisory control and data acquisition (SCADA) systems commonly used in industry to control electrical, pipeline, refinery, power company, and other automated systems. By cracking into these often under-protected systems, a potential terrorist can effectively take control of those systems. The implications of this vulnerability are enormous, and the potential for economic and other damage is incalculable.

Osama bin Laden is no stranger to computer security, and is personally well educated and experienced in dealing with computer security issues. Osama is reported to have a hacker school involving the faculty in the electronics department during his university education. He was also instrumental in creating a cyber university in Pakistan with an emphasis on SCADA systems controlling water utilities, pipelines, nuclear power plants and dams, according to John Hamre.

The infamous terrorist group Hezbollah also has contemporary information and the talents and abilities to launch electronic attacks against the soft American and European infrastructure; Israeli infrastructure has already been hardened making such attacks there much more difficult by Hezbollah, according to Dr. Ranstorp. He also states that Al Qaeda will likely coordinate a cyber attack with a conventional terrorist attack, enhancing the economic damage, resulting in crippling losses.

Professor Yonah Alexander, director of International Center for Terrorism Studies, a recognized leading expert on terrorism stated, We can expect to see an escalation in terrorism on a global scale with a continuation of conventional acts of terror There will also be a move towards the use of non-conventional weapons and cyber-terrorism, whereby perpetrators will try to disrupt power supplies and air traffic, for example, at the touch of a button."

I am not disclosing anything here that is not already well known in security circles, and that has not already been widely disseminated on the internet and in written form in the various Al Qaeda and other terrorist training manuals.

We, as businesses, government, consumers and citizens, need to be aware of the threats we face to our sensitive and often soft target infrastructure, and take necessary and appropriate steps to harden our systems. From an individuals viewpoint, we all must be certain to have current and frequently updated antivirus, firewall, and anti-spyware software installed on our computers, and verify that it is properly functioning. Our personal computers can be taken over by zombies placed on our machines by viruses and Trojans, and used to launch distributed denial of service (DDOS) attacks, where millions of computers simultaneously launch an attack against countless servers, websites, governmental entities, and other such facilities, effectively shutting them down. Similar attacks can also be launched from personal computers against some of the SCADA systems controlling our vital systems.

Information on protecting our systems is readily available and often free on the internet. There are many websites on the so-called info war and what we can do about it. One excellent site is the British Information Warfare site at www.iwar.org.uk, which has hundreds of links to American, British, Canadian, Australian, and other resources, including many free government produced booklets, and information from private businesses and other organizations. The left column on the site has a directory of topics that covers these critical areas, ranging from home computer security, to hardening corporate SCADA systems.

Regardless of our personal political beliefs, it appears that terrorism is a fact, and cyber terrorism is a very real threat. Using a now common clich, it is not a matter of ?if, but a matter of when.

For more information on the Tulsa Computer Society click here