London, UK - 18 January 2005, 9:00 GMT - Al-Jazeera, the at times controversial Arab news satellite channel, has had its computer network compromised by Trojans with built-in mail relay engines since the Arab weekend began on Friday 14th January. The mi2g Intelligence Unit has since then received reports and evidence from reliable sources that 100s of identical emails every hour have been sent from specific Al-Jazeera email accounts that have brought down normal business services at targeted internet accounts in the West as they have been overwhelmed by the Denial of Service (DoS) attacks.

Despite making contact with the individual email accounts at Al-Jazeera that appear to have been unknowingly originating the DoS attacks, no official response has been received to date. The problem has persisted on Saturday and Sunday but seemed to alleviate on Monday morning as email blocks were set-up downstream. The mi2g Intelligence Unit originally discovered the problem when one of its specific emails was not delivered to its regular business contacts on Friday morning because the corporate mail box in question was suspiciously designated "full". That source explained on the phone that they were under a DoS attack from Al-Jazeera's computers. Since then select sources have confirmed the problem in the US, UK and Australia through emails, internet-relay-chat and private bulletin boards. The governments of all three countries support the war on terrorism and the war in Iraq through a joint coalition.

The nearly 72 hours window during which the Denial of Service has been active is particularly worrisome because most corporations update their anti-virus tool kits every 24 hours at least and run scans. The more vigilant ones run the updates and scan regimes every six hours. Furthermore, corporate networks have extra layers of relay filtering and traffic monitoring which especially look out for repeat sends of identical messages and are programmed to stop such anomalous patterns from being executed. In the case of Al-Jazeera none of these preventative measures seem to be in place.

The events of the last three days are demonstrating that Al-Jazeera is running its computer network like a "match-box" organisation in comparison to its Western peer group. What has happened to certain Western businesses as a result of Al-Jazeera's denial of service attack is completely unthinkable in the context of reputable Western media organisations doing the same in 2005 such as Reuters, Bloomberg, Financial Times, CNN, News International etc. The mi2g Intelligence Unit has case history of similar recklessness and social irresponsibility originating from Western news agencies between 1997 and 1999, especially during the NATO-Serbia war and its cyber fallout. However, Western news agencies learnt very fast when they came under pressure from their customers and interlocutors in terms of law suit threats.

Given that Al-Jazeera is running corporate security policies for its network which are lagging behind the West by between six to eight years, it appears relatively easy to bring down their computer network at present or overwhelm their computing facilities. If certain political powers find Al-Jazeera to be a pain in their backside, and there are some who have gone on record to say that they do, there are clear ways as a result of observing the recent DoS attacks that can be utilised to quieten them easily and anonymously. If those ways have not been used to date and are now being tried and tested out, is this because Al-Jazeera is being targeted to serve a particular purpose, where its satellite network or website www.aljazeera.net may be commandeered in the near future to push out very specific messages with an agenda different from the journalists and editors who work at that news agency?

"A news agency's computer network is its printing press," said DK Matai, Executive Chairman, mi2g. "It would be unthinkable to have confidence in a news agency whose printing press or TV broadcasting service could be compromised because then one just would not know whether the news story one was reading or listening to was true or injected by a malicious third party."

During late March 2003, when Al-Jazeera had broadcast images of American soldiers captured by Iraqi forces during the early phase of the war, its website was brought down by a Distributed Denial of Service (DDoS) attack.

[ENDS]


mi2g is at the leading edge of building secure on-line banking, broking and trading architectures. The principal applications of our technology are:

1. D2-Banking;
2. Digital Risk Management; and
3. Bespoke Security Architecture.

mi2g pioneers enterprise-wide security practices and technology to save time and cut cost. We enhance comparative advantage within financial services and government agencies. Our real time intelligence is deployed worldwide for contingency capability, executive decision making and strategic threat assessment.

mi2g Research Methodology: The Frequently Asked Questions (FAQ) List is available from here in pdf. Please note terms and conditions of use listed on www.mi2g.net

Full details of the December 2004 report are available as of 1st January 2005 and can be ordered from here. (To view contents sample please click here).