[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Re: Terroristische Gruppe erklärt sich verantwortlich für SQL-Slammer Wurm
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
Mal was Neues zum Thema Medien-Hype:
Die ganze Geschichte war von einem Journalisten ausgedacht worden, der
für Recherchen eine falsche Jihad-Seite betrieb.
RB
<http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,78238,00.html>
Journalist perpetrates online terror hoax
By DAN VERTON
FEBRUARY 06, 2003
Editor's note: An online story yesterday by Computerworld
reporting on terrorist claims of responsibility for having authored
the Slammer worm was based on a hoax. The security reporter who
wrote
the story, Dan Verton, explains in this first-person account how he
and others were misled by a U.S. journalist who pretended to be
someone named "Abu Mujahid." The original story has been removed
from
Computerworld's Web site.
---
There's an old Italian proverb that says, "Those who sleep with dogs
will rise with fleas." That's the situation in which I now find myself.
While catching a few fleas isn't unusual in the murky, dog-eat-dog world
of reporting on hackers and terrorists, this hoax is different. Had it
been a simple scam, I might be embarrassed. But in this case, the
scammer is Brian McWilliams, a former reporter for Newsbytes.com, which
is now owned by The Washington Post Co.
For the past 11 months, McWilliams has operated a Web site,
www.harkatulmujahideen.org, which once belonged to a real terrorist
organization based in Pakistan. It was during legitimate research into
pro-terrorist Web sites that I first came across the
Harkat-ul-Mujahideen site and McWilliams.
In an elaborate scheme to dupe security companies and journalists,
McWilliams acknowledged last night that he purchased the domain name
last March and registered it under the name of "Abdul Mujahid of
Karachi." He also left a legitimate mirror site in place on a server in
Pakistan and by his own admission has been receiving e-mails from people
looking to join the actual terrorist group. He then posed as Abdul
Mujahid in his communications with people and the news media.
McWilliams' hoax, which he described as an effort to surreptitiously
obtain information that he might be able to turn into a good news story,
came to my attention after I reported being contacted by Abdul Mujahid.
In a series of e-mails spanning several weeks, McWilliams, a.k.a.
"Mujahid," claimed responsibility for the Slammer Internet worm late
last month. Although my story noted that claims of responsibility for
Slammer couldn't be verified, I, along with journalists in India,
several computer security firms and even law enforcement experts, didn't
see through McWilliams' hoax.
"I worked hard to make the illusion look real," he said in an e-mail to
me last night, after the hoax had been exposed. McWilliams also
expressed regret for having allowed the hoax to go so far. "But the
Internet gives those who want to spread misinformation a big advantage.
It's so easy to conceal ... the ownership of a domain."
McWilliams' efforts misled journalists in a foreign country now living
with the real-world threat from a very real group, Harkat-ul-Mujahideen
(HUM), a group linked not only to Osama bin Laden, but also to the
abductors and murderers of Wall Street Journal reporter Daniel Pearl.
The Web site still in place in Pakistan, www.ummah.net.pk/harkat/,
refers to a radical Islamic group on the State Department's list of
designated terrorist groups. Once known as Harkat-ul-Ansar, the group
changed its name to Harkat-ul-Mujahideen in an effort to avoid problems
stemming from the U.S. terrorist designation. Contact information on
that site goes to harkatulmujahideen.org, which is McWilliams' domain.
"I've been secretly receiving lots of interesting e-mails apparently
intended for HUM," said McWilliams. "I was hoping I might get a story
out of some of the stuff that came in to the site. Most of the messages
have been from people in the Middle East who wanted to join jihad. I've
forwarded some to the FBI."
As part of this scam, McWilliams contacted a journalist in India and
then defaced his own phony Web site, posting one of my earlier e-mails
as part of the defacement by a bogus hacker group. That "hacking" was
one reason that at least one security vendor, Mi2g.com, initially
considered the Web site to be genuine.
That authenticity unraveled late yesterday, after my story had been
posted, when members of an e-mail list that focuses on security topics
contacted Computerworld and informed me that McWilliams had been
bragging about the success of his hoax and how simple it would have been
to uncover. He did not, however, acknowledge then that he had registered
the domain using a fictitious name. After the hoax was revealed, the
story was removed from Computerworld's Web site. By then, it had been
picked up by other Web sites.
This isn't the first time McWilliams has relied on questionable
reporting procedures to obtain information for a story, according to
government intelligence and industry sources, who requested anonymity.
These sources confirmed that in September 2001, at the height of the
Nimda worm, McWilliams obtained the telephone number for conference
calls held by the National Security Council, the National Security
Agency and private companies, and listened in surreptitiously to the
conversations. He then used the information from the conference calls in
news reports he filed.
"Just as that group was hitting its stride, the trust relationship was
fractured," said a source who took part in the conference calls. "Since
we couldn't know which participant compromised the trust, [McWilliams']
efforts actually damaged the effectiveness of the defensive action."
McWilliams confirmed today that he did listen in on the conference call.
Although the hoax this week taught me a valuable lesson about the nature
of information on the Internet, it's less clear whether McWilliams'
scheme has done anything to advance the understanding of cyberterrorism
-- one of his stated reasons for conducting the hoax in the first place.
The fact is that real terrorist organizations around the world do run
Web sites. The Palestinian terrorist group Hamas is a prime example of a
terrorist group on the Web. There are many others, including, until last
March, Harkat-ul-Mujahideen.
This experience has been a particularly difficult one for me. I feel
like I've been had, and that's never an easy thing to swallow. I got
burned. So, I'm left here scratching fleas as the price you sometimes
pay for sleeping with dogs.
---------------------------------------------------------------
Liste verlassen:
Mail an infowar -
de-request -!
- infopeace -
de mit "unsubscribe" im Text.