February 01, 2010

Q & A With Anti-Jihadi Hacker The Jester

January 27, 2010 by ADMIN
By Anthony M. Freed, Director of Business Development, InfosecIsland.com

Recently we have witnessed the emergence of international hactivist and vigilante The Jester through his crusade against jihadi and militant Islamic networks, and some third party networks that contain evidence of having been infiltrated by rogue elements.

Jester’s activities raise an important question: Where do cyber vigilantes fall on the infosec ethics spectrum?

That is the issue my fellow editors and I have been wrestling with while considering our options for covering the Jester’s exploits – on the one hand, he is acting against some very unsympathetic targets, including the website of the Iranian president.

But on the other hand, he is employing what would be considered Black Hat tactics which violate multiple international and domestic laws, as well as possibly interfering with covert intelligence operations.

Since the publication of Richard Stiennon’s article (http://information-security-resources.com/2010/01/27/2010/01/07/patriot-hacker-hits-jihad-with-ddos-attacks/) which introduced most of us to the Jester and his cause, there have been a flurry of opinions offered in multiple threads that both praise and denounce Jester’s conduct.

Stiennon asks and answers the question for himself near the conclusion of his article:

In the absence of a lawful society is vigilantism wrong? Certainly there are many players on both sides of cyber conflicts that feel strongly about their purpose. But in the final analysis I have to say that taking down websites is unlawful and wrong. And, in this case, taking down Jihadist sites may hurt The Jester’s cause.

I for the most part personally agree with Richard’s assessment.

But in the absence of context, if the only real ethical measure is the lawfulness of an action, we would never have seen progress in society’s evolution away from institutions like slavery or child labor.

Lawfulness seems an inadequate assessment method.

Subsequent to Richard’s article, I began a series of IM chats with Jester in an effort to uncover more about his methods and motivations.

Obfuscation for security reasons aside, the Jester seems to be a sincere, impassioned individual who genuinely believes his efforts are noble and justified by the barbarism of the terrorist tactics he witnessed as a soldier.

On multiple occasions now, Jester has made reference to the horror of watching his friends and fellow soldiers be “murdered” by jihadi operatives who have long been exploiting the internet and its accessibility to coordinate terrorist operations.

The feeling I get from our conversations is that the Jester is on a very personal mission to inflict some semblance of pain of on those who are actively working to harm and kill… well, you and me.

Jester also claims to be sharing the location of secret deposits of information he has found planted on legitimate sites in the US, unbeknownst to the site owners, by jihadi hackers.

Some of these hidden files contain information on everything from how to produce an improvised explosive device (IED) to long anti-western rants said to possibly have phrasing combinations used to prompt sleeper cells into action.

The bad guy’s bad is definitely much worse that the good guy’s bad here, and that does play awfully well for the Jester.

Also, the unique methods the Jester is using could more than theoretically be employed by our foes to wreak havoc on our own systems, and so there may be much to learn from this character that can employed for our own best defenses.

And so, after much consideration, we decided that we should indeed pursue this story and our regular contact with the Jester, as the news value of the information provided far outweighs any risk of somehow seeming to improperly glorify taboo infosec practices.

The following is the first installment of my conversations with the Jester.

Q: Who are you targeting with your DoS attacks and why?

Targets are rife, but I vet every single one. I am tipped off via various channels. But I verify all targets. What constitutes a target?

I ‘target’ known sites that recruit and co-ordinate attacks. They can’t use cell phones anymore - they use the web - it’s the anonymous playground.

You can have sleeper cell operative who is watching a jihad forum for a certain phrase. That phrase activates him to do whatever his task is.

Q: Why take them down and up, why not just knock them out?

These ops are time sensitive. My task is to make their chosen communication method unreliable.

By taking them down at random intervals, for random intervals, they can’t rely on them -they become unreliable and useless.

Because they never know when or where I strike from, and because it’s random, the intel agencies can still gather their (questionable) intel.

Q: Critics say you do more harm than good – your reply?

Some critics have said that I will only drive them underground, Well is that not the best thing to do for recruiters?

If you take the position that online jihadi propaganda, proselytization, and interaction is increasingly important in jihadi recruitment, then why is it bad to drive them back into the shadows online? That’s a key principle of COIN.

Underground they can’t reach the masses; therefore they are less effective at recruiting. An underground recruiter is less dangerous than an overground one.

Q: You are all over Twitter - what about an Islamic group’s right to free speech?

Well the internet is all about freedom of speech, which is a concept I support.

Freedom of speech is one thing, but when bad dudes use our internet, on servers hosted in our country, or continent - because they have no infrastructure of their own to do it - that’s a different matter

As for their freedom of speech, if that’s all they want, then please speak freely

Just make sure there is no recruiting or co-ordination going on. Now do you see my point?

Q: Where do you see yourself from an ethical perspective?

This the first time I have really quantified my reasoning - to anyone.

My plan is to disrupt, not destroy – to make their methods unreliable, make them not trust the only medium left to them.

I do wrestle with whether what I am doing is right, but figure if I can make their communications unreliable for them, all the better.

Now a question for the readers: What do you think? Is Jester to be characterized as the cliché outlaw hero who dishes out his own personal brand of justice on the bad guys?

Or is he – as some critics have labeled him – just a miscreant with script-kiddy tactics, meddling where he has no business to meddle?

Submit your comments or questions for Jester below, and stay tuned for more installments of my IM chats on Information-Security-Resources.com, now part of the InfosecIsland.com Network.

About Infosec Island

Infosec Island is a new type of online community designed specifically for IT professionals at small-to-medium businesses and other organizations who manage security, risk and compliance.

Unlike other infosec portals, it combines the benefits of IT security portals and social networking into a single, vendor-neutral community.

Infosec Island members improve their organization’s security, save time and reduce their costs by taking advantage of a unique set of benefits, including infosec news and information, built-in social networking capabilities, relevant content based on personalized organizational views, free security tools and premium Web-based security services.

Infosec Island is the first secure infosec community featuring not only SSL-based security, but additional options for higher security levels.
Read more:

Reblog this post [with Zemanta]