By Kevin Coleman — Defense Tech Cyber Warfare contributor
Last week’s rapidly spreading computer virus has been traced back to a cyber-jihad group called Tariq ibn Ziyad. Information security company SecureWorks was able to link this cyber jihad group to the ‘Here you have’ malicious worm. The worm was able to crash systems, computer networks and bring down email servers. IDG reported the worm was able to disrupt large U.S. organizations including Disney, Proctor and Gamble, AIG, Wells Fargo, Comcast and NASA.
Analysis indicated a back-door established by the worm that could be used by the cyber terrorists to remotely log into any infected system. The worm also has functionality that attempts to disable anti-virus and security software that is installed and operational on the infected computer. In addition, the worm tries to establish a connection to a computer that uses the Tariq ibn Ziyad name. Further analysis focusing on the worm’s Digital DNA indicates it is identical to a piece of malicious code released last month. This analysis indicates that both pieces of code refers to a Libyan hacker who is said to use the name Iraq Resistance. This name has also been associated with efforts that are trying to form a hacking group called Brigades of Tariq ibn Ziyad, according to cyber intelligence provided by SecureWorks.
Further intelligence indicates Tariq ibn Ziyad’s objective is to “penetrate U.S. agencies belonging to the U.S. Army.” All of this taking place as the United Nation’s Telecommunications chief issues a warning and calls for nations to join together in developing a coherent global cyber security peace treaty or face the very real possibility of an all-out cyber war.