Hackers attack Iraq's vulnerable computers

BAGHDAD -- Maj. Ahmed Khathem, the head of Iraq's newly formed cybercrimes division, sits in a borrowed office, at a borrowed desk, working on a laptop borrowed from one of his subordinates.

It is his unit's lone computer, highlighting the country's vulnerability to a community of Iraqi hackers defacing websites and attempting to hack into sensitive internal networks.

Iraq's government is engaged in a bloody struggle against al-Qaeda, and its computers make a prime target for global terror networks that have added hacking to their arsenal.

"We could have the most powerful anti-hacking force in the world, but we'd still have no computers, so we couldn't do anything," says Ali Hussein, one of 12 computer science graduates added to the cybercrime team last month. "The government thinks about guns, tanks and raiding houses. Hackers just aren't a priority."

Computer usage in Iraq has mushroomed since the U.S. invasion in 2003. During the Saddam Hussein era, Internet access was largely forbidden in the country, and economic sanctions made computers difficult to obtain. The Interior Ministry, which had no computers connected to the Internet in 2003, has 5,000 today.

"Now, the government is starting to use computers everywhere, but these computers aren't protected," Khathem says.

In May, an innocuous pop-up window flashed onto the screen of an employee at the Ministry of Interior, Khathem says. The window asked if he wanted to install updates to his computer.

Had he clicked "OK," he would have given a hacker who calls himself the "Iraqi Hacker" access to reams of sensitive data, including e-mails and addresses of the ministry's thousands of security officers.

"If that information had fallen into the hands of terrorists, it would have been a catastrophe," says Lt. Alaa Hussein, another member of the ministry's anti-hacking team.

Fortunately, the employee was savvy enough to alert the cybercrimes division.

The United States has seized hard drives in Afghanistan and Iraq with information on sabotaging oil pipelines through hacking, according to Paul Kurtz, a former member of President Bush's National Security Council and co-author of the national strategy for cybersecurity.

Iraq's most prolific hacker is known as the "Iraqi Diver," an unidentified resident of Wasit Province, south of Baghdad, who has hacked into nearly 1,500 websites since 2005, according to Zone-H.org, an independent website that tracks and verifies hacker activity worldwide.

To date, the Iraqi Diver has usually refrained from causing permanent damage to sites, defacing them instead by leaving behind messages insulting President Bush or calling on the United States to leave Iraq. The list of sites the Iraqi Diver has broken into include some of Iraq's most sensitive ministries, such as the ministries of Interior, Electricity and Communications, and a handful of Iraqi banks, according to Zone-H.

Though there is no evidence the Iraqi Diver seeks anything other than notoriety, the activity shows the Iraqi government's vulnerability to far more sinister attacks, according to Ivor Rankin, a security expert from Symantec, one of the world's leading computer security companies.

The activity in Iraq comes amid an exponential rise in hacking worldwide in recent months. Consequences have been more troubling than mere embarrassment for the victims, Rankin says. Some of the attacks have had connections to terror networks.

In February, a New York City bank approached cybersecurity expert Alan Paller for help after the FBI tracked money stolen from the bank back to terrorist organizations based in the Middle East, Paller says. He works for the Washington-based SANS Institute, which teaches banks, the FBI and other organizations how to protect their networks.

Imam Samudra, one of the convicted plotters of the Bali bombing in Indonesia in 2002, devoted a chapter of his recent autobiography to hacking.

"If the hacking is successful," Samudra wrote, "get ready to yield windfall income."

"The terrorists see this as a great money maker," Paller says.

For Iraq, there is perhaps a silver lining in this story, says Bruce Schneier, the head of IT security for British Telecom and the author of several books on cybercrime.

"There are hackers in Iraq. That's fantastic. It implies a level of normalcy I didn't know was there," Schneier says. "If Iraqis can be hackers, it means they have food, shelter and clothing, and they're not terrified for their lives."