An al Qaeda-linked website, apparently based in the United States, is distributing formidable encryption software – a sign that the group could be improving other technological capabilities, researchers have warned.
Although extremist groups largely use outdated software to communicate via the web, a website is disseminating "Mujahideen Secrets 2," a mainstream encryption program, according to researchers at Secure Computing, an enterprise security vendor.
Paul Henry, vice president of technology evangelism at Secure Computing, told SCMagazineUS.com today that the most alarming aspect of the website is that it is hosted in the United States.
“[The website] went forward to note that the new version improved upon a weak key issue and also offered a higher level of encryption,” he said. “What really shook me on this was when we did a simple WHOIS [domain name] search, it showed up as a Tampa Bay server.”
Henry said he and his colleagues notified the FBI after he found a link to the website posted to a research newsgroup page.
Henry said that he is “not trying to make this into a FUD (fear, uncertainty and doubt) issue,” but cautioned that security professionals and the federal government should keep an eye on al Qaeda's technological growth.
“If they're upgrading their encryption, they're probably upgrading their technology in other areas,” he said.
Israeli military and intelligence website DEBKAfile had warned in October that al Qaeda's cyber-brigades were threatening to launch an “electronic jihad” against Western financial websites.
The cyberjihad turned out to be a dud, as numerous security experts had predicted.
The federal government issued a warning in November 2006 that al Qaeda could attack financial websites.
See original article on scmagazineus.com
U.S.-based website distributing powerful encryption software for al Qaeda
By Frank Washkuch on Jan 24, 2008 10:11AM