Cyber hackers are posting instructions on how to hack Iranian websites including this GoogleDoc that has a list of URLs that will create Denial of Service Attacks against:
Governmental and HARDLINE NEWS:
OFFICE of AHMADINEJAD & KHAMENEIE:
STRATEGIC PLANNING:
POLICE,MINISTRY OF INTERIOR
CENTRAL BANK, COMMERCE BANKS:
OIL,GAS,PETOCHEMICAL
ECONOMY,TRADE,EXCHANGE:
JUDICIARY:
Transportation:
A Cyberwar Guide was reposted by BoingBoing which suffered a DDoS outage either through friendly fire or malicious. I will post updates as that story develops.
Update: Joel Johnson of BoingBoing had this to say:
It’s not a DDoS. It’s probably us being dumbf**ks.
Twitter has postponed a scheduled maintainence because its service is playing a vital role in facilitating communications in Iran right now.
The amount of traffic on Twitter and the number of people spreading the word about DDoS efforts points to a scenario that has not been explored before. Internet meltdown from social upheaval.
Street protests have played an important role in many regime changes. The French Revolution, the Boston Tea Party, Solidarnos, and the Orange Revolution in Ukraine come to mind.
As Twitter and other social networking services grow to double, triple or ten times their penetration today what are the implications for future turbulence? What would have happened if Twitter and the spread of DDoS guides was present during the “hanging chad” fiasco of the 2004 US Presidential elections?
What will happen during some future cause celebre? If one million Tweeple target one thousand sites with auto-refreshing browsers what happens to the Internet backbone?
Something to think about.
Updates on Iran-Twitter-US cyber war
The State Department for some reason is claiming that they were the ones to convince Twitter to delay a scheduled down time until today. (Which has been successfully completed.)
From the Twitter blog:
When we worked with our network provider yesterday to reschedule this planned maintenance, we did so because events in Iran were tied directly to the growing significance of Twitter as an important communication and information network.
They also verified that yes, they had talked to the State Dept.
It’s humbling to think that our two-year old company could be playing such a globally meaningful role that state officials find their way toward highlighting our significance. However, it’s important to note that the State Department does not have access to our decision making process.
In a press briefing early this morning Ian Kelly, spokesperson said:
“I began to recognize the importance of new social media as a vital tool for citizens’ empowerment and as a way for people to get their messages out.”
I am not sure why the State Department felt it was necessary to highlight their involvement with Twitter but Iran has taken notice. According to CBS Iran accused the US of “intolerable meddling in it’s internal affairs.”
So, unlike Russia, who to this day has successfully denied participation in cyber attacks on Estonia, Lithuanian, and Georgia; or China who vehemently denies their massive cyber espionage activities, the US has pretty much lent its support to a communication vehicle that is writing a new chapter in the history of cyber warfare. (Which I am recording by the way…)
As an example of the damage that can be caused using Twitter check out hxxp://greenmov.persiangig.com/green.html or rather, don’t check it out. As soon as you hit the page multiple frames open up and refresh continuously, causing a denial of service attack against their targets: Iranian media and government sites.
Twitter has an issue ahead of them. After this experience the general populace has learned how to participate in cyber civil unrest. Twitter will be used in the future for hacking attacks and the targets of attacks may find legal cause to complain.
The State Department has created a huge issue by supporting Twitter. I hope they know what they are doing.
Richard Stiennon, security expert and industry analyst, is known for shaking up the industry and providing actionable guidance to vendors and end users. He recently re-launched the security blog ThreatChaos.com and is the founder of IT-Harvest, an independent analyst firm that researches the 1,200 IT security vendors. He was Chief Marketing Officer for Fortinet, Inc. the leading UTM vendor. Prior to that he was VP Threat Research at Webroot Software. Before Webroot, Mr. Stiennon was VP Research at Gartner Inc. where he covered security topics including firewalls, intrusion detection, intrusion prevention, security consulting, and managed security services for the Security and Privacy group. He is a holder of Gartner’s Thought Leadership award and was named “One of the 50 most powerful people in Networking” by NetworkWorld Magazine.
* * *
Stay Informed With ISR News Feeds and Email Alerts Here:
The Publisher gives permission to link, post, distribute, or reference this article for any lawful purpose, provided attribution is made to the author and to Information-Security-Resources.com
