--- begin forwarded text To: "Bruce Tefft" Thread-Index: AcUQicQJIaX+jMBUTx2fNeBGtdezfw== From: "Bruce Tefft" Mailing-List: list osint@yahoogroups.com; contact osint-owner@yahoogroups.com Delivered-To: mailing list osint@yahoogroups.com Date: Fri, 11 Feb 2005 17:33:53 -0500 Subject: [osint] Terrorists' Tricks and Counter-Measures Reply-To: osint@yahoogroups.com http://www.pbs.org/wgbh/pages/frontline/shows/front/special/techsidebar.html The Terrorist's Tricks and Counter-Measures + Tricks + Two terrorists on opposite sides of the globe might agree to open 30 anonymous web-based e-mail accounts with 30 different passwords. On the first of the month the first account is used, on the second of the month the second account is used and so on, until each account is used once. "It's very difficult to catch, because there is no pattern of use," former U.S. counter-terrorism czar Richard Clarke says. "One-time anonymous accounts are extremely difficult to monitor." + One terrorist drafts a Web-based e-mail and instead of sending it, saves it to the draft folder, accessible online from anywhere in the world. The other terrorist can open the same account, read the message, and delete it. The e-mail has never been sent, and cannot be tracked. + Many e-mails are sent on public computers, for example in libraries or cyber cafis, making them even more difficult to trace. + The language in the e-mails can also be cloaked, says Dale Watson, a 24-year veteran of the FBI who served as the first executive assistant director for counterterrorism. In preparing for the Sept. 11 attacks, suspected hijacker and pilot Mohamed Atta and alleged 9/11 conspirator Ramzi bin al-Shibh pretended to be students as they exchanged e-mails, talking about "architecture" (the World Trade Center), "arts" (the Pentagon), "law" (the Capitol) and "politics" (the White House). + Counter-Measures + If a jihadist site hosted in another country is not taken down by the government in that country, the U.S. needs to hack the site and bring it down, Clarke says. + The U.S. can use active and passive attacks to disrupt terrorists' electronic networks. Active attacks include using computer viruses to infect enemy computers. Passive attacks monitor e-mails and transferred data, and watch traffic patterns. + The viruses used in active attacks wouldn't do damage or send mass mailings, but rather selectively collect data and discreetly send the e-mail back to U.S. intelligence. That could include getting address books, or collecting the "cookies" written to the computer's hard drive when the terrorist visits certain Web sites. There are also ways to monitor keystrokes, even if a terrorist uses encryption. Counterfeit e-mails can also used to confuse or subvert communications. "They certainly can be very effective," the University of Maryland's Lee Strickland says of active attacks. "To escape, [terrorists] have to be lucky every day. We only have to be lucky once." + Passive attacks aim to monitor the terrorists' information network, not overtly disrupt it. That includes watching electronic banking transactions, for example, and following e-mail traffic patterns and other data exchanges. Doing so may arouse suspicion and force terrorists to use less efficient modes of communication. "The goal is not only to acquire information in the terrorists' possession, but also to force them to use other forms of communication -- perhaps slower and less effective, or perhaps someone that may be easier to intercept or that may provide more information upon intercept," Strickland wrote in a 2002 report called "Fighting Terrorism with Information." [Non-text portions of this message have been removed] ------------------------ Yahoo! Groups Sponsor --------------------~--> Give underprivileged students the materials they need to learn. Bring education to life by funding a specific classroom project. http://us.click.yahoo.com/FHLuJD/_WnJAA/cUmLAA/TySplB/TM --------------------------------------------------------------------~-> -------------------------- Want to discuss this topic? Head on over to our discussion list, discuss-osint@yahoogroups.com. -------------------------- Brooks Isoldi, editor bisoldi@intellnet.org http://www.intellnet.org Post message: osint@yahoogroups.com Subscribe: osint-subscribe@yahoogroups.com Unsubscribe: osint-unsubscribe@yahoogroups.com *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> To unsubscribe from this group, send an email to: osint-unsubscribe@yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ --- end forwarded text -- ----------------- R. A. Hettinga The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'