A Sunni-Shiite battle of the website hackers
While some Middle East experts say tit-for-tat cyberattacks on Islamic websites amounts to a virtual sectarian battle, others suspect third-party agitators could be the culprits.
http://www.saifoali.org
Riyadh, Saudi Arabia
Sunni-Shiite tensions have been on vivid display in cyberspace as hundreds of religiously oriented websites on both sides have fallen prey to retaliatory hacking raids.
The cyberassaults temporarily defaced websites of prominent Muslim clerics, including those of Iraqi Shiite Grand Ayatollah Ali al-Sistani and the late Sunni mufti of Saudi Arabia, Abdulaziz Abdullah bin Baz.
More recently, Shiite hackers attacked the website of Al Arabiya, the Saudi-owned channel based in Dubai, United Arab Emirates. For hours, site visitors were redirected to a page where, beneath an image of a burning Israeli flag, large red letters in English and Arabic declared: "Serious Warning. If attacks on Shia WebSites Continue, none of your WebSites Will be SAFE."
Middle East experts say that this online psychological battle should be seen in the context of Sunni dismay over what they see as Iran's strategic gains in Arab nations, especially Iraq.
Although it's hard to show any direct connection in the cloaked world of Web sabotage, the interreligious hacking really took off after prominent Sunni cleric Yousef al-Qaradawi called Shiites "heretics" and accused them of trying to "invade" Sunni communities in a Sept. 9 interview.
His remarks were "a green light" for Sunnis to go on the offensive against Shiite sites, says Ali Ahmed, director of the Washington-based Gulf Institute, a Saudi opposition think tank.
A couple of weeks later, an Iranian news agency claimed that 300 Shiite websites had been defaced by Wahhabis, as the austere Sunni Muslims in Saudi Arabia are known, including that of Mr. Sistani, Iraq's top Shiite cleric.
Then came attacks on scores of Sunni websites. Shiite hackers often left the same calling card: a face painted with the colors of the Iranian flag, and a map of the Arabian Gulf labeled "The Persian Gulf."
Hacking Al Qaeda
Meanwhile, another noteworthy cyber-event occurred in early September, when several online forums affiliated with Al Qaeda were knocked out of commission. So far, they have not been revived.
"It's unprecedented, because before they've been able to come back [within] a few days," says William McCants, a Washington area-based analyst of militant Islam and founder of jihadica.com, which monitors Al Qaeda Web activity.
Mr. McCants says that in June, he noticed that a prominent Al Qaeda forum had disappeared. It came back in a few days but then shortly before Sept. 11, it and several other forums went down. "It seemed like June was a test run."
As for who is responsible, it is "a bit of a mystery," says Evan Kohlmann, who also monitors Al Qaeda online at the NEFA Foundation in Charleston, S.C.
Private groups involved in countering online terrorist activity have denied responsibility and US intelligence agencies declined to comment, Kohlmann says in an e-mail, adding, "I would say this much: It certainly does not appear to be a coincidence that the forums encountered these technical problems on September 10."
Both Kohlmann and McCants say they see no connection between Al Qaeda's online problems and the Sunni-Shiite tit-for-tat hacking.
Some observers say this latest online duel, although not new, has been going on longer and seems more professional than earlier bouts.
Third-party meddling?
Some observers raise the prospect that the attacks are the work of a mischievous third party.
"Someone from Alaska can say, 'I'm Sunni,' or 'I'm Shiite,' " says Ali Jomaa, an IT expert in Riyadh. "It could be outside intervention trying to ignite fury between two religious organizations."
But most observers believe that the hackers are Iranian Shiites and Sunni Arabs.
One well-placed Saudi source says the Sunni hackers were from different countries and primarily Salafis, conservative Sunni Muslims, most of whom view Shiites with disdain. "What was interesting," he says, "is that [the hacking] came from all over the Arab world."
That supports the view of some observers that the Sunni-Shiite cyberwar is being orchestrated to an extent.
"There's no way to walk the cat back, in terms of identifying who's hacking," says Kamran Bokhari, a senior analyst for the Middle East with Stratfor, an Austin, Tex.-based private intelligence agency [Editor's note: The original version misidentified senior analyst for the Middle East with Stratfor].
"But these are not individuals with a lot of time on their hands" to spend on hacking, he adds. "It seems like a concerted effort, and intelligence agencies on both sides have to be involved. [The hackers are] definitely being encouraged, to say the least."
Mustafa Alani, director of the Center for Counter-Terrorism at the Dubai-based Gulf Research Council, agrees, saying, "There is a lot of effort – official and unofficial – in this cyberwar."
Iran's "Revolutionary Guard have their own group of hackers," he notes.
Sophisticated attacks
During the religious holiday of Eid-al-Fitr that marks the end of Ramadan, some of the hackers, apparently Shiite, offered a truce of sorts on a Web page featuring a bouquet of flowers and two clasped hands. The olive branch did not last long.
A little over a week later, Al Arabiya's website was hacked in what station spokesman Nasser Al Sarami called "a complicated, well-organized attack" by "extremists."
He said the hackers broke into the database of the US company, Network Solutions, and captured Al Arabiya's domain name, forcing the channel's website to move to a temporary location.
Network Solutions said in an e-mail that it cannot comment on "details pertaining to specific customers."
Al Arabiya website editorial manager, Anas Fouda, suggested in an online statement that the attacks were because the Saudi-owned station is "unbiased" in its reporting. Because of that, "we are constantly accused of backing the opposite side."
Mr. Fouda adds that though the hackers claim to be Shiite, there is no proof of this.