(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for March 2010

How To’s on

leave a comment »

Social Engineering and Phishing attacks agsinst nuclear facilities and networks. It seems like something that you really only lately heard of in regard to “cyberwar and APT” Well, I have news for you, the Jihadis are looking at the same problem and trying to use our own RSA conference data to do it.

One has to wonder at times about the findings and vulnerabilities that are published out in the world. Can they, or will they, be used against you before they are fixed? And in the case of such things as nuclear facilities, will the fixes be made any time soon? I mean, how many times have we read that the government and private sectors are, shall we say “lacking” in information security areas?

These guys have been thinking about this at least since 2008/2009…


What are the potentially devastating effects of electronic attack against a nuclear reactor? و هل يمكن حقا اختراق النظام الإلكتوني لمفاعل نووي بعملية social engineering ؟ And you can really penetrate the system for a nuclear reactor Aliketoni process of social engineering?

البارحة في مؤتمر RSA 2008 تمت مناقشة هذا الموضوع تحديدا! Yesterday at the RSA 2008 conference was specifically on the topic!

و مداخلة أحد أبرز الخبراء في الميدان سلطت الضوء على أحد المشاكل الساخنة في عصر الإنترنت : الحماية الإلكترونية للمنشآت الصناعية! Intervention and one of the leading experts in the field highlighted the hot one of the problems in the Internet age: Protection of electronic industrial facilities!
Ira Winkler المدير العام لشركة ISAG Ira Winkler, general manager of ISAG

أبرز البارحة لجمهور San Francisco كيفية اختراق النظام الإلكتروني لمفاعل نووي! Highlighted the public yesterday to San Francisco how to penetrate the electronic system for a nuclear reactor!

حسب الخبير فإنه من السهولة “المرعبة” إمكانية اختراق سيرفرات التحكم و السيطرة لمفاعل نووي عبر خطوات و مراحل قليلة! According to the expert, it is easy “dreadful” the possibility of piercing servers control and control for a nuclear reactor through the steps and through a few stages!

Full page captured and translated HERE

As you can get the gist here, the jihadists have been paying attention to the RSA conferences and especially thinking on how they can attack a nuclear facility. Oddly enough, a recent capture of an American “jihobbyist” made the news because he had worked at five nuclear sites as an employee. It seems that they really want to make a nuclear dirty bomb happen at the very least. At the very most, they want to get their hands on some fissile material.

This is something that OBL has wanted and made no bones about since the beginning. So, anyone thinking that these guys are backward and incompetent might want to re-think this. Imagine a hack attack against a nuclear facility for whatever ends they have in mind. By using the social engineering skills and the technical skills to craft some malware laced emails, they could indeed cause some problems at a nuclear facility. At the very least, they could sow the seeds of doubt about the security of the plants as well as the nations huh?

Meanwhile, the guy who brought you the nuclear material also posted the following treatise on:

Choosing Mujahid Warriors

The second interesting find on the M3 site was a recruiting psychology and preparation tutorial. This little tutorial and links were put up to teach others how to recruit shahid into jihad.

First: How to choose who you want to invite him to be a draft Mujahid

Full translated text HERE

This of course is prescient today as we have seen the recruitment efforts going up on the jihadist boards. They have been making all attempts to bring in non Muslim looking shahid as well as women so this article gives them the psychological tools to choose them. Obviously they have been thinking about this a bit. Welcome to Jihadi psy-ops kids.

What this tutorial seems to be lacking is the psychological aspects of getting the “loner misfit” to come to Jihad and become a shahid. I am sure though that that lesson is in the links that were provided by this user at El-Eklass. The site seems to be missing but can be found in cached forms out on the web. As well the links to megashare and the like too, have either been moved or taken down, but, with a little looking I am sure you can locate the full documents.

Full How To Links Translated HERE

OSINT Material from

By taking clipboard captures of the users names in Arabic, I was able to Maltego them and see where they had been posting as well as mentioned.

User: The Son’s of Al-Qaeda.png

User: Palestinian Abu Malik.png

User: Lion of Jihad.png

The Lion of Jihad has been a very busy boy indeed. I will be following those links later on and see what I can get at. I also noticed some new sites in there that I will be archiving and testing in the near future.

The site is surprisingly not mirrored like the other sites I usually see and as you can see from the picture at the top of this post, sits in Malaysia. So, not much can be done in the way of taking this site down, but I am sure is watched regularly by the authorities.

Just as an aside: In this case a Jokey attack would actually bring down the site for.. 30 minutes.. Of course, that still would be useless and hapless, but that’s Jokey… but I digress…

In the end, I have begun some more technical assessments of M3 as well as Al-Faloja and will be posting those findings once I have them all done. Inasmuch as I have looked, they are running some insecure protocols and might be exploitable.


Written by Krypt3ia

2010/03/14 at 00:13

Al-Qaida Goes “Old School” With Tradecraft and Steganography

with 3 comments

al-Qaida: Shifting into the spy shadows

12 March 2010

When couriers get caught, so do key al-Qaida documents, plans and key communications. Shaffer says now al-Qaida is hiding their communications on the Internet. It’s not a new concept, but certainly one that’s gaining a lot of momentum since a growing number of critical commanders and operators have either been killed or arrested. How are these dead drops happening? “Steganography in photographs is a good example of a dead drop,” says Shaffer. In a nutshell, a dead drop in a photo involves embedding a message in a picture. .

WTOP, 12 March 2010: A growing list of terror suspects nurtured by al-Qaida is emerging. Former military interrogator Dave Gabutz informed WTOP Radio of this notion in June 2009 after he had spent years tracking al-Qaida sleeper units and recruiters. “We came across the first one in Falls Church, Va.,” Gabutz says. This “first one” was controversial Imam Anwar al-Awlaki, who worked at a location watched by Gabutz and his team. . . .

. . . Gabutz says the recruiters are spreading out. “Michigan, Florida, Texas, Nashville, Richmond, Knoxville, and California,” are prime locations, according to Gabutz. There are indications terrorist recruiters are using every available opportunity and option to lure more people into their world and plan attacks against the United States.

Hezbollah sympathizer Mahmoud Kourani was doing just that before his arrest near Detroit in 2002. “Kourani’s specialties appeared to be weaponry, spycraft, counterintelligence,” according to Tom Diaz, a former Congressional Crime Subcommittee staffer. Diaz says Khourani was recruiting people for training. Recruits were to be trained “to make things go bang, to attack, military type training, terror type training,” Diaz says. . . . .

. . . .One question that is puzzling investigators is how al-Qaida communicates with its foot soldiers and recruiters, some of whom may be embedded in the fabric of the U.S. military. With the almost daily capture and killing of key handlers in Pakistan, it seems al-Qaida is being forced to communicate in a completely different way. Since so many couriers and foot soldiers are being rolled up, al-Qaida is relying on “electronic dead-drops,” says Army Reserve Lt. Col. Tony Shaffer, a former Defense Intelligence Agency officer.

When couriers get caught, so do key al-Qaida documents, plans and key communications. Shaffer says now al-Qaida is hiding their communications on the Internet. It’s not a new concept, but certainly one that’s gaining a lot of momentum since a growing number of critical commanders and operators have either been killed or arrested. How are these dead drops happening? “Steganography in photographs is a good example of a dead drop,” says Shaffer. In a nutshell, a dead drop in a photo involves embedding a message in a picture. .

I have been seeing some hits these last couple days on my “Leggo My Steggo” post from a while back. The post covered some of what I had been finding on jihadist sites with regard to alleged “Stegged Images” that I had been testing to see if they were indeed hiding data.

Thus far I have found images that seem to be stegged but I have yet to actually crack an image open and see the data hidden within. So, it’s kind of up in the air if any of the images I have found are in fact stegged. Anyone who wants to give it a shot feel free to copy the files out of the share in the link above.

Of course this whole article and the premise that the jihadis have had to change their methods of command and control is on the whole correct I think. However, I believe that they have been using dead drops for some time and not only because of the roll ups recently. This is just a good standard “tradecraft” practice that should be used when waging such campaigns. Hell, they probably learned it from us or the Brits in the first place… Well maybe the KGB too.

Now that they have also made much more of their online persona, I am also sure that they have been maximizing this type of technique not only with steg, but also with dead drop email accounts. All one has to do is create an account, share the password, and then just talk amongst yourselves with draft emails. No need to hit the send button there huh. Add to that the use of TOR and you have a pretty safe way to communicate.

What’d be even more secure would be a one time pad.. But, I really don’t see them passing out OTP’s to each jiahdi cell.

This reminds me of “Hacking A Terror Network” which has a story line based approach talking about this very scenario of Steg use. I have talked to the author online and shared my data. The problem of how to prove these methods of communication are myriad. So, it may be hard to prove this theory…

I guess I am gonna have to wash some more pictures, video, and audio through the steg detection software and see what I get…


Information handcuffs: Counterterrorism IT needs support from the top, Congress told

leave a comment »

Information handcuffs: Counterterrorism IT needs support from the top, Congress told

There is no technological silver bullet for identifying would-be terrorists in the terabytes of information the National Counterterrorism Center receives each day, a deputy director for that center said today.

Russell Travers, NCTC’s deputy director for information sharing and knowledge development, said the center has many technological tools that sort, sift and cull through the swaths of information it receives each day from some 30 networks that feed the center. But privacy and policy considerations put boundaries on what officials can do with the data.

“The further you move in the direction of comingling foreign and domestic data in a single enclave where you can effectively apply tools, the harder the legal and policy and privacy issues become,” Travers told the Senate Homeland Security and Governmental Affairs Committee.

Travers testimony comes as intelligence agencies work to remedy problems exposed by Umar Farouk Abdulmutallab’s alleged attempt to blow up an airplane en route to Detroit on Dec. 25. Officials have said the inability to foil the plot was a failure of integration and analysis rather than a problem of information hoarding.

Travers said the failure to thwart the attack wasn’t due to a lack of information sharing, but rather the longstanding problem of identifying and integrating fragmented information in absence of an obvious threat.

“Notions of a Google-like search or a federated search are actually of relatively limited value,” Travers added. “We actually have significant Google-like searches that will go across many message-handling systems and we still would not have come across” Abdulutallab. Even with search capabilities, Travers said a challenge was conducting a precise query.

Speaking of jihadi sites and OSINT, here we have a peek at the NCTC’s problems where data is concerned. It seems that they have a fire hose to gulp from at times and at other no one is talking to one another.

So what can be done?

This article and the testimony clearly point out a basic premise.

“They need support from the top”

This is the only way things will hppen. Its the same with infosec in the private sector. If you don’t have buy in from the top, nothing will actually be enforceable below. So, what needs to happen for these folks and frankly, in my opinion, the private sector are the creation and enforcement of some rules.

In the case of the spook “community” and military, they need to be able to share what they know. This especially goes for the federal entities like the FBI who are known to be pricks about jurisdiction and need to know. If they can’t get this stuff straight we will have another 9/11 situation where you had the 19 living just down the road a piece from Ft. Meade and memos on Arab men taking flying lessons who were not interested in landing, on the desk of some SAC with his finger in his ass.

In the private sector, we need some laws and rules as well as real honest to goodness repercussions if you are not compliant. This whole HIPAA and SOX game today just does nothing for security really.

I have little hope of change though.


Written by Krypt3ia

2010/03/11 at 23:28

“Jihobbyists” No More: English-Speaking Western Jihadists Coming of Age

leave a comment »

“We were ordinary members at the al-Ekhlaas forum and we learned a lot from the brothers who took charge of jihadi media work before us—and it is only normal for us to start our own active campaign at the first chance we got. And that’s what we did, so we established this site, and told everyone we knew from the al-Ekhlaas network about this forum…We went outside the usual jihadi media route, but we terrorize in the real world as much as we terrorize online, so whoever wishes to join is welcome, and those who don’t should hold their tongues about us and go away. And although low in number, we are strong in determination, and anyone who joins us will realize that immediately.. say, if any of the brothers at al-Fajr Media wishes to receive assurances about us and if you are in communication with them, then inform them that we would like to meet with them. We ask them to come here and distribute a bulletin outlining the action plan for the al-Ansar network—and we are willing to blow ourselves up near the infidels at any moment, and if they have enough resources to provide us with the necessary financing, then a terrorist is ready.”

Full post HERE

CTC Sentinel Report on Al-Ansar Network

My report on Al-Ansar Network Map

“Hapless wannabe’s” is the term used for the likes of Jihad Jane before her little trip to Europe to attempt to assassinate a cartoonist. Or, maybe you would like to talk about Nidal, and his spree shooting incident instead. Both have touches of being spurred on to committing these crimes by the online jihadist networks as “lone wolf” actors.

Who or what are these jihadist networks online?




… and the list goes on. Many of them now customed out with English mirror content (almost mirrored, sometimes the translations differ) to make it easier for the non Arab US/UK Muslim or in the case of Jane, Nidal, and Abdumutallab, mentally unbalanced individual to wage jihad.

English however, is just a subset now and these sites are popping up in German as well as Malay, Thai, etc. The jihadists are branching out with franchise opportunities. Many of these sites you may have seen here on this blog of late as I have been mapping them and writing about these changes.

So how do we police this? Obviously in the case of Nidal and Jane, they were known to have ties and or conversations online with known actors. Yet, they were allowed to walk about until they finally “went off” Why is that? Perhaps they weren’t being tailed online as well as they could be? Perhaps they were just deemed to be “hapless” and non threats?

*scratches head*

I dunno.

What I do know though is that Jane is just one in perhaps many more to follow on the Muslima jihadi path. These sites have been lately developing a content area(s) for muslim women to become shahid.

It’s the next wave.

What I want to know is: “How is this news to anyone in the CT arena?” This has been going on for months now. I can see the media just picking up on this, but the CT folks should be up on this.

Anyway, what needs to happen here? These sites to be taken down permanently by governments? Used for surveillance and capture? Perhaps a little agent provocateur action?


We can just DoS them for 30 minutes at a time… Oh, wait, that’s useless.

It’s an interesting question and I don’t have the full answer. I believe though that they should be used against them. These sites should be p0wn3d and all data harvested. Agent provocateurs inserted into each and every one of them and arrests made. Not just one’sy two-sy arrests either. For that matter get the intel and send in the predators.

In short use them as the OSINT/INTEL sources that they are.

Keep your eyes on the news people. I expect to see more women and lone wolf actors to come.


Written by Krypt3ia

2010/03/11 at 20:01

New Email Exploit “Scan upon download” 03.08.10

leave a comment »

The email reads:

Dear Sirs,
We have prepared a contract and added the paragraphs that you wanted to see in it. Our lawyers made alterations on the last page. If you agree with all the provisions we are ready to make the payment on Friday for the first consignment. We are enclosing the file with the prepared contract.

The email has the ZIP archive attached named, a 202 kB large file, and once extracted an executable file named Contract.exe appears.

After being clicked on and run, the following files are created:



A new process is created:


You’ve just been p0wned. Of course the hook here is the social bits. First off, the admonishment of the subject line:

“scan upon download”

Nice touch really.. As not many vendors can see this yet, I am sure this will work pretty well for the mass clickers out there.

My virus scanner said it was ok! CLICK CLICK CLICK!

Second, the whole contract angle. Now, if you are not a sir, and you know nothing of any contracts you might be recieving, why would you click on this? Mostly I think it is because people are generally curious and want to know things that they “shouldn’t” have access to. So they will click on the zip or the “contract” to get the dirt.

Human nature…

The trojan that has just been installed  is named Suspicious:W32/Malware!Gemini by F-Secure or Mal/TibsPk-D by Sophos and is able to create malicious executable files on the infected system for you the end user to handily execute later on! YAY!

So far this was seen in the wild today at 1220 EST and only has been picked up by a scant few virus scanners. I expect there to be many more self p0wnings in the next few hours.

Here’s the hint people… If you don’t have business dealings with contracts DONT CLICK and for heavens sake DO NOT CLICK ON AN EXE!


Written by Krypt3ia

2010/03/09 at 19:16

PLA officer urges challenging U.S. dominance

with one comment

(Reuters) – China should build the world’s strongest military and move swiftly to topple the United States as the global “champion,” a senior Chinese PLA officer says in a new book reflecting swelling nationalist ambitions.


The call for China to abandon modesty about its global goals and “sprint to become world number one” comes from a People’s Liberation Army (PLA) Senior Colonel, Liu Mingfu, who warns that his nation’s ascent will alarm Washington, risking war despite Beijing’s hopes for a “peaceful rise.”

“China’s big goal in the 21st century is to become world number one, the top power,” Liu writes in his newly published Chinese-language book, “The China Dream.”

“If China in the 21st century cannot become world number one, cannot become the top power, then inevitably it will become a straggler that is cast aside,” writes Liu, a professor at the elite National Defense University, which trains rising officers.

Full article HERE

Why do I feel like I have suddenly found myself in the plot of “The Bear and the Dragon” by Tom Clancy? Except instead of oil and gold deposits in Siberia we are waging battle for the gold of IP in the digital void?

This is a very important piece to pay attention to though. This Colonel really does have a contingent of the populace (the younger set) who would love nothing more than to just let the “Dragon” out of the cage to wreak havoc on us. The PLA has become strong and I am sure that some of the hard liners in power think that the “Thousand Grains of sand” approach has about run out of sand.

Look at it this way:

  • Our economy is in the worst place its been since the great depression
  • Our government is completely ossified and unable to do anything
  • Our economic engine has been stalled out and outsourced
  • Our schools are turning out less and less qualified technical people
  • We are a nation divided
  • Our debt is pretty much wholly owned by China
  • We are in a three front war with terrorism
  • Our forces are overstressed and dispersed
  • We have been terrible at securing our digital infrastructure

I could go on, but this was likely ponderous enough for you all. Look, what I am saying is this guy’s right. We are easy pickins really at this moment in time. We are down on the ground and they are the cobra kai.. And we ain’t no “Daniel San” to mix movie cultural references.

Either way I look at it I see some real problems. I know I know, you are thinking that they (China) need us as a trading partner. Yes, yes they do. However, I do not think that they need us “that much” that they would not consider at the very least pulling the plug on us.

There is a growing contingent of ultra national followers in China and they want to be “THE” superpower… And I think that they see their chance now. What would it take to trip the switch?

A blended Cyberwar attack with physical and economic contingent.

Like they say “May you live in interesting times”


Ni Hao Chairman Meow REDUX

leave a comment »

No Time Name Source
1 3/8/2010 14:59 SCAN nmap TCP
2 3/8/2010 14:58 SCAN nmap TCP
3 3/8/2010 14:39 SCAN nmap TCP
4 3/8/2010 14:39 SCAN nmap TCP
10 3/8/2010 14:19 SCAN nmap TCP
11 3/8/2010 14:19 SCAN nmap TCP
14 3/8/2010 13:19 SCAN nmap TCP
15 3/8/2010 13:19 SCAN nmap TCP
17 3/8/2010 10:38 SCAN nmap TCP
18 3/8/2010 10:38 SCAN nmap TCP
21 3/8/2010 9:38 SCAN nmap TCP
22 3/8/2010 9:38 SCAN nmap TCP
24 3/8/2010 8:18 SCAN nmap TCP
25 3/8/2010 8:18 SCAN nmap TCP
29 3/8/2010 7:37 SCAN nmap TCP
30 3/8/2010 7:37 SCAN nmap TCP
31 3/8/2010 7:18 SCAN nmap TCP
32 3/8/2010 7:18 SCAN nmap TCP
33 3/8/2010 7:17 SCAN nmap TCP
34 3/8/2010 7:17 SCAN nmap TCP
35 3/8/2010 6:38 SCAN nmap TCP
36 3/8/2010 6:38 SCAN nmap TCP
37 3/8/2010 6:26 SCAN nmap TCP
38 3/8/2010 6:20 SCAN nmap TCP
39 3/8/2010 6:20 SCAN nmap TCP
42 3/8/2010 3:18 SCAN nmap TCP
43 3/8/2010 3:18 SCAN nmap TCP
44 3/8/2010 2:58 SCAN nmap TCP
45 3/8/2010 2:58 SCAN nmap TCP
46 3/8/2010 2:33 SCAN nmap TCP
47 3/8/2010 2:18 SCAN nmap TCP
48 3/8/2010 2:18 SCAN nmap TCP
49 3/8/2010 2:10 SCAN nmap TCP
50 3/8/2010 2:09 SCAN nmap TCP
51 3/8/2010 1:57 SCAN nmap TCP
52 3/8/2010 1:57 SCAN nmap TCP
54 3/7/2010 22:57 SCAN nmap TCP
55 3/7/2010 22:57 SCAN nmap TCP
56 3/7/2010 22:37 SCAN nmap TCP
57 3/7/2010 22:37 SCAN nmap TCP
585 3/3/2010 5:07 SCAN nmap TCP
586 3/3/2010 5:07 SCAN nmap TCP
587 3/3/2010 4:39 SCAN nmap TCP
588 3/3/2010 4:38 SCAN nmap TCP
589 3/3/2010 4:31 SCAN nmap TCP
590 3/3/2010 4:30 SCAN nmap TCP
623 3/2/2010 14:54 SCAN nmap TCP

The Chairman has been busy lately hitting my IP address. I have to wonder how many other systems they are just scanning out there every second of the day. I think the greatest one was the “Peoples Party School” that was a knocking.

Of course these could just be systems that have been compromised and used to bounce these scans…

Either way, interesting traffic… Inscrutable.

Written by Krypt3ia

2010/03/08 at 20:46

Movie Review: Alice In Wonderland 3D 2010

with 3 comments

Alice In Wonderland by Tim Burton came out this weekend and we decided to check it out. K wasn’t so sure after some initial reviews that it was going to be worth seeing, but, she is a BIG fan of the Cheshire Cat. My hesitation as you might know from previous reviews of 3D movies was that usually the 3D sucks and it gives me a headache.

Happily though, this was not the case in either of those categories.

Burton’s usual darker spin and use of a particular visual style really won the day for me on this film as well as the new adaptation of the classic story. Of course, this adaptation was only slightly different from the most recent SCIFI version that came out last year which I also liked. However, Burton’s take on this story was closer to the original created by Carroll.

So from this part on, if you haven’t seen the film and do not want to know more, surf away gentle reader.




Story Line

The new story line adds a dimension of empowerment for Alice and a touch of “Joan de Arc” but, what I really liked was the cyclical nature to the story that was added. The idea that Alice is but the bearer of the Vorpal sword and akin to the idea of “The One” in “The Matrix” was an approach that I first saw in the SCIFI version last year. The idea that there are successive “Alice’s” that must save Wonderland is kinda neat.

Of course, this would be a way into a sequel huh… Go figure.

Overall, the story line that was cooked up for this screenplay makes more sense than the original story ever did at least linearly. This is something that appeals to me greatly even though I did like the book as a child. There is just enough nonsense in this film to carry the old story and blend it with the new.

Finally, the slaying of the addition of the Jabberwocky to the story line of Alice, the bearer of the Vorpal Sword was very well done. This is not only from a CG perspective but also as a key point to the story line. Of course the battle on a vast chess board helped a bit there too. However the choice of Christopher Lee as the voice for the dread Jabberwocky helped a bit too.

I think that the meshing of the story and the poem gives the story much more depth.


On the whole 3D thing, this film really did a great job at presenting a 3D universe that did not jump out at you too too much in a hokey 3D way. It was just enough to give you the dimensionality to all the characters and scenery as they did in Avatar. However, in this case the effects did not give me the usual 3D headache. Perhaps it was the scaled back wayfarer style glasses instead of those Terminator shades that Avatar used. Perhaps instead this was just a bit better done. I am usually loathe to all this 3D stuff now because it is just there as a hook and not so much integral to the story. Here it was complimentary.


The casting for this film was very well done. I have to say though, that the casting of Johnny Depp as Hatter had me wondering at first. I have to say now that he was great. His mania and use of the Scottish accent really added a new dimension to the character for me.

As for the other characters, they were well played but generally pale to some of the CG and voice over work that was done. Perhaps it was just the story line, but the only ones to have more growth were Alice of course, and Hatter. Which is just fine I think.

The most fanciful character though was Cheshire Cat. This film gave me a new appreciation for the cat. I had always been a little put off by him in the book. Now though, I am liking this version as voiced by Stephen Fry. Fry lends a certain stability to the character that I liked.


Great CG

Well done 3D

Great score by Danny Elfman (listening to it now)

Well acted

Interesting screenplay

Go see it.

Written by Krypt3ia

2010/03/08 at 18:44

Posted in Movie Reviews, Movies

Mapping Internet Jihad:Hani Al-Sibai Jihadist Mouthpiece or Double Agent?

with 2 comments

Meet Hani Al-Sibai: (Arabic: هاني السباعي‎), also known as Hani Mohammed Yusuf al-Siba’i ( هاني محمد يوسف السباعي ) and Hani al-Said al-Siba’i Yusuf ( هاني السيد السباعي يوسف ) (b. 1961) is an Islamist Egyptian Sunni scholar and lawyer who lives in London with the status of a political refugee.

As a lawyer in Egypt, he was a defense attorney.

Current location:

Maqrizi Center for Historical Studies London

المدير العام : الشيخ د. General Manager: Sh. هاني السباعي Hani Al-Sibai

Dr. Dr. Hani Sybaee Hani Sybaee

ايميل: Email:

المدير الاداري والعلاقات : ابو عز Managing Director and relationships: Abu Ezz المهندس Engineer

ايميل: Email:

فاكس: 00448712638636 Fax Fax: 00448712638636 Fax

ايميل: Email:

Wiki on Sibai

Article on his being allowed to stay in the UK

So you may asking yourself a couple questions here. First off, “Why is this guy still loose and living in London?” and secondly, “Just how involved is Hani in todays jihad?”

Well those are the questions that came to mind for me as I saw his email postings to pretty much ALL of the jihadist websites that I monitor and more. By doing a quick Google search of his email addresses above:

You get a plethora of hits to all of the sites that mirror jihad. Many of these sites are posts directly from him using his addresses or mirrors/mentions of his Al Jazeera appearances etc. So he is still quite active out there and in fact has been known to consort with terrorists of higher order. So, again, why is he still rattling around in London and spewing this crap?

I also ran some Maltego Searches of the addresses HERE that show you the interconnections he has to other addresses and sites. He has been quite the busy boy all these years. I have been digging into his persona online and have found not only his main site but also a Facebook profile and other extraneous ways for him to communicate Jihadist precepts and propaganda. is hosted in the US and is regularly updated. One has to wonder why this just hasn’t been yanked offline due to content and his connections to known jihadist sites. Perhaps its just that the providers and the feds have no idea? Or perhaps its his free speech that they seem to be protecting?

I first came across Hani while looking into the following site: which is a site that is hosted at:

IP Location: United States United States Columbus Columbus Network Access Point Inc
Resolve Host:
IP Address:
Reverse IP: 1,662 other sites hosted on this server.
Blacklist Status: Clear

OrgName:    Columbus Network Access Point, Inc.
OrgID:      CNAP
Address:    50 W, Broad St, Suite 627
City:       Columbus
StateProv:  OH
PostalCode: 43215
Country:    US (an obvious homage to OBL) in fact has the usual pictures of OBL on it with scrolling feeds etc. One has to wonder if the local provider has a clue that its there to start… Soon they will though when they get the email that has been cc’d to the Feds. Hani has posted to this site and or has been cited/credited.

It seems that often the map of internet jihad often contains the US as its terrain. So why is it that these sites still exist of they reside in the US? Could they all be being watched? I seriously doubt that with my last interactions with the authorities. Suffice to say, I am unimpressed with them.

In any case, back to Hani. Why would Hani be allowed to pollute the internet and the airwaves with his diatribes on jihad, post on all of these jihadist sites that recruit, and prepare shahidi’s? Why would he not be locked up?

Perhaps because he is in fact an asset?

Stranger things have happened no?

If you read the wiki you will see that the US and the UN has placed his name on the list of people banned individuals and as a financial supporter of Al Qaeda. So, why still would he be allowed to run free?

Odd eh?

My mind just keeps coming back to “asset”

So, I have done all the digging I can do at present on him. I have tried to locate any more articles that date to 2010 but so far nothing shows up. If his site is any indication nothing has happened to him and he is going about his normal business.

Of course, according to his CV we have his phone and fax number….

Shall we call him? Maybe drop him an email missive? Of course if he’s an asset this article might get him burned huh….


He’s still a pustule on the collective ass of society. Lets see what happens.


Written by Krypt3ia

2010/03/07 at 21:50

The Real Meaning Of Cyberwarfare

with one comment

Andy Greenberg, 03.03.10, 06:00 PM EST

Author Jeffrey Carr says we need to take a more measured approach to a new age of digital combat.


Jeffrey Carr

Connect the dots between reports of Chinese cyberspying, crippling network attacks in South Korea and Estonia and the U.S. military’s ramping up of cyber capabilities, and it would seem that a third World War is underway on the Internet.

Not so fast, says Jeffrey Carr, author of Inside Cyberwarfare, a plainspoken guide to cyber threats that was published by O’Reilly Media earlier this year. Carr, the chief executive of cybersecurity consultancy Grey Logic, takes a more measured approach to the new age of digital defense, starting with the definition of so-called “cyberwar.” In Carr’s view a war hasn’t begun until metal is flying through the air. That means the real threat to U.S. networks comes not from sleeper software planted by state-sponsored cyberspies, but from a combined attack of atoms and bits, or from cyber-enabled radical groups or criminals engaged in what’s more properly called “cyberterrorism.”

The rest HERE

I disagree with Mr. Carr. It’s exactly those sleeper software pieces and other cyberterror events that ARE cyberwar. War, as Sun Tzu framed it, is not only outright battle, but also the use of spies, understanding yourself and your enemy, and the terrain.

Mr. Carr lacks this perspective. I suggest he read The Art of War sometime.

The Chinese have been using the “Thousand Grains of Sand” approach to cyber affairs for some time now. They are patient, and they are methodical. Thus, we will be seeing the day perhaps that all of these precepts culminate in a battle won without  “metal flying through the air” as Mr. Carr puts it. This is the essence of Sun Tzu.

So Mr. Carr, just wanted to say; “You’re doing it wrong”


Written by Krypt3ia

2010/03/05 at 15:01