Al-Qaeda Not Seen as a Cyberthreat

Federal IT Security Level Remains Unchanged Despite Bin Laden Death
Al-Qaeda Not Seen as a Cyberthreat
The federal government isn't taking any extraordinary measures to defend government and critical information networks following the killing Sunday by American forces of al-Qaeda leader Osama bin Laden.

"Our efforts to combat terrorism, however, do not fixate on one individual, and we remain completely focused on protecting our nation against violent extremism of all kinds," Homeland Security Secretary Janet Napolitano said in a statement.

Napolitano's statement wasn't directly focused on cybersecurity, though the safeguarding of critical digital assets was among the areas the secretary's statement addressed.

"We remain at a heightened state of vigilance, but ... our security posture, which always includes a number of measures both seen and unseen, will continue to respond appropriately to protect the American people from an evolving threat picture both in the coming days and beyond."

Paul Rosenzweig, a former DHS deputy assistant secretary for policy, said the relative cyberthreat remains unchanged after bin Laden's death. "Overall, we can expect a rise in the general threat level and anticipate an effort by al-Qaeda to retaliate, so the alert levels will increase across the board," he said. "A cyberattack remains a comparatively low probability overall."

Experts in and out of government who track al-Qaeda don't see the terrorist organization as a cyberthreat. Jim Harper, director of information policy studies at The Cato Institute, a libertarian think tank, said he has seen little evidence that terrorists are a significant threat to cybersecurity.

"Osama bin Laden's killing will help strip away the veneer of invulnerability that he has helped create around terrorism. With that veneer gone, people will be less likely to imagine super-genius terrorists with access to cyberweapons," Harper said. "People will be less likely to indulge the extravagant threat claims of the cybersecurity lobby. This is all good news: We don't need to waste a single dime on cyberterrorism, which has never actually existed."

Harper said there could be some ingenious phishing attacks based on the latest news. "Topical phishing is just the latest in a series of evolutionary cyberthreats, which our society is fully capable of handling," he said.

Indeed, a blog posted on the website of data protection provider Imperva cites comments of hacker on a black hat search engine optimization forum, who encourages the creation of Osama bin Laden is dead fan pages on social networks. "This is one of those rare opportunities that can build you a great list and a couple of zeros in your profit," the blog quotes the hacker. "Use it while the news of bin Laden killed by U.S. forces is hot. I just started one and it had 600 likes in two minutes."

In an interview with last summer (see Are D.C. Insiders Stoking Cyber Fears?), Harper contended that cyberterrorism does not exists, believing it's a creation of politicians, government contractors and pundits who try to make the problem of securing government IT bigger than it really is. Simply, he said, it's a scare tactic.

Late Sunday night in a televised address, President Obama announced the United States had conducted an operation that killed bin Laden, whose al Qaeda network is responsible for the murder of thousands of people, including those in the Sept. 11, 2001, terrorist attacks.

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.