Krypt3ia

The SANS Report: The Jester: A Lesson In Asymmetric Warfare

Post: The Jester Dynamic: A Lesson In Asymmetric Warfare

This report made its way to my desktop last night via a tweet and I just had to read it. Of course after I had read it I felt dirty from the tugjob that SAN’s basically put together on Th3j35t3r and his crusade to annoy the Jihobbyists and Jihadi’s offline by DoS’ing them offline for half an hour at a time. So, I just felt compelled to respond to this report and the inevitable sausage love fest that it portrays Jester’s “work” in the light of reality instead of fanboi love.

First off, let me say that Jester and I have history. Back in the day, when he first started his campaign he/they decided to hit my personal box because it had “jihadist” materials on it. What Jester mentions and is not elaborated on in the report is that his “mistake” was “blue on blue” as he calls it, meaning that he hit me without really doing any kind of preliminary foot-printing as to who I was and what I do. Instead he just decided to mouth off playing up that I had been compromised and that I hosted materials, thus “TANGO DOWN”

After exchanges with me, as ever my diplomatic self 😉 he decided I needed more attention and DDoS, which was all well and good because I was the first to have traffic to give to others to look at for his modus operandi. Anyway, suffice to say that eventually there was a detente between us, but my opinions stand as to his campaigns real uselessness to the real operators out there working to defeat jihad online. In short, I think its a futile exercise and in the end, more of a publicity stunt than anything substantial in the war on terror.

SANS just doesn’t seem to really touch on the facts of how many sites are out there and how much still goes on even with Jester’s dos campaigns… Nor do they really have any substantial backing to some of the claims they allude to with regard to party van’s being sent out for Anon players.

SANS, bad journalism should be left to journalists.

Asymmetric Warfare Or Annoyance?

So, a lone commando goes on a crusade to drive the jihadi’s into the shadows online. He’s a one man cyber army, en-wrapped in the flag, DDoS software in hand.

Umm.. Just what will all this DDoS accomplish? Jester seems to think it will put a stop to radicalizing online, but the reality is that they will just go get another domain or start a new paltalk session. Asymmetric warfare is defined as the following:

“Asymmetric warfare” can describe a conflict in which the resources of two belligerents differ in essence and in the struggle, interact and attempt to exploit each other’s characteristic weaknesses. Such struggles often involve strategies and tactics of unconventional warfare, the “weaker” combatants attempting to use strategy to offset deficiencies in quantity or quality.^[1] Such strategies may not necessarily be militarized.^[2] This is in contrast to symmetric warfare, where two powers have similar military power and resources and rely on tactics that are similar overall, differing only in details and execution.

From Wikipedia

So, just who is the weaker here? The jihadi’s insofar as strength were never an existential threat in my book online. They have been up until recently, fairly unsophisticated in their communications and their internet skills. The fact is, they were talking pretty much in the open and then comes along Jester and he DoS’s them offline for a little while. They get annoyed and yell, but then they go back to doing what they are doing. There is no net effect here. Even I thought that they might pull back a bit after his campaign started, but nope, they just kept on going because it was easy enough to just go play X-Box until the site was back online.

Frankly, I see nothing in the anti-jihad campaign by jester as being worth the time. He frankly did much more with the LOIC poisoning than anywhere else, but that is another story…

So, in classical definition of asymmetric warfare, this idea that jester was carrying out one, is false. Neither party was particularly well equipped or strategically effective to merit the term.

Cause and Effect In Jester’s War

As I said above, the jihadi’s went on at a pace even with Jester’s DDoS attacks. If anything, Jester just forced them to become more sophisticated and obtain backup sites and mirror their content even more than they already were before he came along. In my experience, it has not been the acts of a lone commando DoS’ing sites offline that has affected jihadi websites and radicalization, it has been instead the death of OBL and the campaign against jihad that the US has been waging by killing or capturing AQ leaders and foot soldiers ( making them think twice). The online portion of this scenario though, is more about the arrests of would be jihobbyists who spoke to the wrong people online and eventually were arrested from good police work than anything else.

I would also add that the killing of Samir Khan and Al-Alawki as well had a much greater effect on online jihad than anything else because they were the thought leaders and the creators/editors/creatives behind Inspire Magazine. I have written much in the past about Inspire and how they were trying to re-kindle the embers in many, but also reach out in new ways to the “western” jihobbyists to get them to do more than just talk online about jihad. You see, that’s pretty much all that has been happening, they talk a good game, but then they go offline and go about their business.

Once again, this makes jester’s campaign moot.

… And so it goes on. The jihadi’s/jihobbyists are still online, they have been quieter since OBL and Samir/Al-Awlaki died because the wind was taken out of their sails really.. Not because they got Dos’d. The sites are alive and well and being used today….

Asymmetric War Or Media Campaign?

Meanwhile, the fact that jester came out of the closet with his rhetoric and his IRC/Twitter/Blog only says to me that there was a need for a media campaign. Why the media campaign? Attention. It’s purely for attention unless there is some other means to an end that he had in mind. Of course at the time there was talk by the DoD/DC3 circles how we needed a “patriot hacker” movement, so, could this be a part of that picture? As the paper states, jester has 28K followers on his twitter and many many fanbois. Oddly enough, all of this started just around the time as Anonymous did as well, it almost seems like one may have created the spark for the other no?

So, Jester paints himself as the Dick Marcenko of the internet and the kiddies flock. People are saying he is a hero and many aspire to the same type of fame and attention. Jester’s IRC channel was flooded with people and he spent time in and out of there getting attention. Attention I think he really just wanted, maybe needed. In his first tangle with me, there seemed to be more than one personality at work and in fact the one that I pissed off seemed to have a lack of self control as well as a juvenile manner. Since then, he/they have matured somewhat but overall has been relegated to not being online as much and not acting out by attacking jihadi’s or Anonymous.

Why?

But then he came back. Just recently he began his DDoS campaign again. Why? Well, one of the first things he did was open the IRC again to all comers and now we have the SANS report.

Attention level achieved.

So, in the end I feel its more about attention than it is about gallantry or being an effective “operator” against Jihad.

Just my opinion.

The Rise of Anonymous and Jester’s Part in It

Meanwhile, in between battling the Jihadi’s jester also took on Anonymous because they “doxed active operators in the field” etc. While I can empathize with the sentiment, the follow through was hit and miss in his campaign to out Sabu and others. The SANS reports uses innuendo that says he may in fact have been the one to out Ryan Cleary. In fact, I am not sure about that, because inside sources in Anonymous have said that he was outed by someone on Xbox because he as an asshole to them. This is also the case for many others in the Anon infrastructure, they too were outed by others within the collective because they had a falling out.

So, really SANS, unless you have hard data, please stop.

In fact, Jester had had several misses on Sabu and in fact had to apologize to the players he fingered incorrectly. Oh, and by the way, all of this was done publicly and not just data given to authorities to follow up on. Which should have been the real aegis of doing any kind of investigative work on them to start with. After all, if you put dox out there in the public, even wrongly, you are just giving time to those who may or may not be involved to burn their data and make other means to keep on attacking. Tactically this is just poor operational behaviour.

Perhaps Jester has done things in the background we all do not know about and he has not reported to the media… Perhaps not. Overall though, the most creative thing he has done is to poison the LOIC. THIS was a real coup and I do appreciate that one. Hopefully that at least put some fear into the LOIC skiddies.

In the end though, the kids just kept on coming and now we have AntiSec to contend with as well.

The war is not won.

COIN and Digital Asymmetric Warfare (i.e. Failure)

So, in the end, I don’t think that generally the attention is warranted for the campaigns Jester has carried out that are known to us. SANS seems to be all over him and Sam Bowne as well as Rjack as modern folk heroes in a way. They do not even cover the fact that Anonymous uses the same tactics and methods as well, but, then where would the folk tale really go huh? In my opinion both of these groups/individuals fail at their final goal though. If Anonymous wants to effect change, then they need to stop just wildly doxing people and dumping data that really is not cogent to the issues at hand. Jester needs to have more than just a DDoS to drive the jihadi’s anywhere and in fact, the notion of breaking their C&C by DDoS is not functionally feasible.

If you are driving them.. You have to drive them somewhere you want them.. Not just back into the shadows where the analysts can’t see them.

All of this is not COIN and it’s not asymmetric warfare with digital tools.

It’s just a game and attention seeking behavior.

K.

*Side Note* The book and the picture above are there because even Lawrence, who won great victories by using asymmetric warfare, lost the overall war in Arabia because of the personalities involved.

Just sayin…