[osint] Technology and Terror: The New Modus Operandi
--- begin forwarded text To: "Bruce Tefft" <btefft@community-research.com> Thread-Index: AcUQiaDiEfkM6EBiRXa/4exIK6zyqQ== From: "Bruce Tefft" <btefft@community-research.com> Mailing-List: list osint@yahoogroups.com; contact osint-owner@yahoogroups.com Delivered-To: mailing list osint@yahoogroups.com Date: Fri, 11 Feb 2005 17:32:54 -0500 Subject: [osint] Technology and Terror: The New Modus Operandi Reply-To: osint@yahoogroups.com http://www.pbs.org/wgbh/pages/frontline/shows/front/special/tech.html Technology and Terror: The New Modus Operandi By Andrew Becker For all the fear that cyber terrorists will turn the Internet into a weapon of mass disruption, many intelligence experts contend the Web is most effective (or detrimental) as it was designed to be -- as a way to communicate and create community. This essay explores how jihadis are using the Web, plus some of the cyber "tricks" used by terrorists to avoid detection and how the authorities can respond. It was all laid out in a polished, 25-minute training video: how to make an explosive belt to blow yourself up and kill as many people as possible. This particular video, first posted on a jihadist message board in December 2004, presented the necessary explosives, shrapnel and vest for a suicide bomber. It demonstrated how to assemble the materials and wear the belt. And then the video showed a test of the explosive belt, with a simulated detonation aboard a crowded bus. As translated on a Web site <http://siteinstitute.org/bin/articles.cgi?ID=publications13804&Category=pub lications&Subcategory=0> that tracks Islamic terrorist organizations, the producers analyzed the bomb's impact on the mock victims: We notice that the following 2 seats were not directly hit. This is due to the fact that, when the person who will be wearing this explosive vest goes on the bus, and wants to blow himself up, he must be facing the front with his back towards the back. There is a possibility that the 2 seats on his right and his left might not be hit with the shrapnel, however, the explosion will surely kill the passengers in those seats. Such Web sites and training videos, which are often posted then quickly removed to avoid detection, have multiplied after Sept. 11. In doing so, they opened perhaps the widest front in the war on terror: cyberspace. In essence, the Internet is the perfect communication tool for terrorists, and it mirrors the framework of their operations: decentralized, anonymous, and offering fast communication to a potentially large audience. The Internet is used to plot and claim responsibility for terrorist acts, to address sympathizers and enemies alike, and to raise money and attract new recruits. It has created a virtual "umma" -- Arabic for the larger Muslim community as a whole -- and like the actual umma, the cyber umma encompasses both moderate Muslims and Islamic fundamentalists. For all the fear that cyber terrorists will turn the Internet into a weapon of mass disruption, many intelligence experts contend the Web is most effective (or detrimental) as it was designed to be -- as a way to communicate and to create community. In a keynote speech at a security conference for government agencies in Washington, retired CIA director George Tenet called for tightening security of the Internet, which he said was "a potential Achilles' heel." Tenet acknowledged that it would be "controversial in this age when we still think the Internet is a free and open society," but "ultimately the Wild West must give way to governance and control." But, as Gabriel Weimann writes in the United States Institute of Peace report "How <http://www.usip.org/pubs/specialreports/sr116.html> Modern Terrorism Uses the Internet," the restriction of the Internet under the guise of counterterrorism measures, particularly by authoritarian governments, can infringe on privacy, limit freedom of speech, and impede the free flow of information, in turn placing restrictions on the open society that makes the Western world strong. "There's just no question that if the Internet wasn't there, the terrorists would have loved to invent it," says Jeffrey Simon, a former terrorism analyst for the RAND Corp., author of The Terrorist Trap and a consultant who has studied terrorism for 20 years. "It's always a technological battle with terrorists. The technology is always out there for everyone to take advantage of." + Hosting terror at home Although a number of extremist sites are located abroad, in many cases, terrorists take advantage of the technology inside the U.S. Recently, more jihadist Web sites in Europe have switched to U.S. computer servers -- mostly because they can, says Rita Katz, director of the Washington-based Search for International <http://www.siteinstitute.org/> Terrorist Entities (SITE) Institute. American Web hosting is cheap, easy to access and U.S. servers are technologically among the best in the world. To avoid detection, terrorists frequently change Web addresses and often squat undetected on other Web sites or Internet servers. Katz believes the most hard-core Al Qaeda and jihadist Web sites are hosted in the U.S. because of freedom of speech protections. Katz points to the August 2004 arrest of Babar Ahmad, a British citizen charged in the U.S. with providing material support to terrorists, conspiring to kill people in a foreign country, and money laundering, because Web sites that he ran from the U.K. were hosted by an Internet service provider in Connecticut. The indictment alleges that through the Web sites and other means, Ahmad provided "expert advice and assistance, communications equipment, military items, lodging, training, false documentation, transportation, funding, personnel and other support designed to assist the Chechen mujahideen, the Taliban and associated groups." "The Internet today is really 'command central' for all terrorist organizations," says Katz, who wrote a memoir The Terrorist Hunter and has tracked international terrorists since the 1990s. "You don't really need to be in Afghanistan anymore. It's all on the Internet." She keeps edited examples of terrorist training manuals, videos, newsletters and communiquis on the SITE Institute's subscriber-based Web site, including the suicide bomber instructional video. The information on these Web sites can vary from how to set up a safehouse to instructions for using rocket-propelled grenades. "If you know where to look, [they're] not difficult to find. Not for an Arabic speaker," she says. The Internet is "something we set up for our use to make our life better, but terrorists have hijacked the Internet literally." + Increasing sophistication In the summer of 2004, Lee S. Strickland, director of the Center for Information Policy at the University of Maryland and a career senior intelligence officer and computer specialist, oversaw a study that examined terrorists' use of the Internet. The study found that the terrorist sites tend to be as sophisticated and efficacious as many mainstream Western corporate sites. The researchers used 26 variables of highly effective Web sites including design, content and how often they are updated. "You're really seeing a growing sophistication of video and the Web," Strickland says. The study examined a number of terrorist linked sites, ranging from Al Qaeda and Hamas to the Tamil Tigers. When compared with Microsoft.com, Hamas' site, for instance, shared 23 of these 26 highly valuable design features, such as search engines, mission statements, a "what's new" section and a frequently asked questions page. There were even job boards, online applications for recruitment, testimonials, an online store and chat rooms. If the sites aren't directly recruiting, many solicit funds. Strickland says these sites employ an effective array of interactive games, cartoons, jokes, and even bedtime stories that appeal to children. They recruit young adults ages 14 to 24 with videos and music: For example, in early 2004, a Muslim rapper in Great Britain named Sheik Terra released a video for his song "Dirty Kuffar" (Infidel) in which he carries a copy of the Quran and a pistol and calls for the death of all non-Muslims. + Reconnaissance With the abundance of information available on the Internet, terrorists also use the Web for reconnaissance, especially with the availability of public information on things like electrical grids and other infrastructure -- a problem highlighted by George Tenet late last year. Terrorists regularly search the Internet for data mining purposes to facilitate financial transactions and crime, according to former counterterrorism czar Richard Clarke. Clarke says the government should limit what information is available by first examining the content on government Web sites. If they don't, reconnaissance of potential targets by terrorists will continue. "The Pentagon has done this. It's generally a good idea for any company or government to do," he says. "There's way too much information available." An Al Qaeda training manual recovered in Afghanistan confirms that the group researched critical infrastructure online. The manual explained that at least 80 percent of the information gathered on the enemy was done through open and legal methods. Whether it's GIS mapping of the electrical and cyberoptic infrastructure of New York City or major dams, much of the information is still openly available, according to Strickland. "You can get information anonymously, store it in a database and apply data mining tools to it," he says. "And the tools to exploit are commercial tools!" + Avoiding detection For years intelligence experts and officials have suspected that some Al Qaeda operatives are technological whizzes who use espionage tools like encryption or the practice of hiding messages within other messages known as steganography. Encryption works by altering letters or numbers with software. It is illegal to export encryption software to certain countries overseas, but the programs can be easily downloaded. Arrests of Al Qaeda members and computers captured in U.S. raids have turned up evidence of encrypted e-mails dating to the 1990s, including the 1998 bombings of U.S. embassies in East Africa. Wadih <http://www.pbs.org/wgbh/pages/frontline/shows/binladen/upclose/elhage.html> El Hage, an associate of Osama bin Laden who was convicted for his role in the 1998 bombing of U.S. embassies in Kenya and Tanzania, encrypted e-mails while plotting the attacks. Ramzi Yousef, the mastermind behind the 1993 World Trade Center attack, used encryption from his base in the Philippines in the mid-1990s when he plotted to blow up 11 U.S. airplanes over the Pacific. More recently, U.S. officials believe the Al Qaeda Web site www.alneda.com used encrypted information to link Al Qaeda members to more secure sites, according to Weimann's report. Steganography dates to ancient Greece and was widely used by Allies and the Axis during World War II. Russ Rogers, a security researcher and CEO of security services company Security Horizon, Inc., says there are more than 100 tools readily available on the Web that can help hide information inside documents such as JPEG image files using algorithms to modify the pixels in a file without altering the visible image. There are even Web sites and programs that can transform a message to make it look like spam e-mail or a play script. + The virtual politics of violence The Web's use as a propaganda and political tool may be its biggest asset to terrorists. An intelligence aide to a U.S. senator, who spoke on condition of anonymity says, "The Internet is the poor man's television network. Buy a $300 video camera and a PC and you're in business. You can communicate in a very powerful medium almost instantaneously, almost undetectable and free." One of the more striking examples of terrorists' political use of the Internet involves a document that argued for an attack against Spanish forces months before March 11. Written in early December 2003, the document titled "Jihadi Iraq, Hopes and Dangers" called for attacks in order to influence the parliamentary elections. A few weeks after the document was published, Brynjar Lia, senior analyst at the Norwegian Defense Research Establishment, found the document on a jihadist Web site while making his usual rounds on the Internet. "It was interesting to me for two reasons -- the document's sophisticated strategic analysis and its specific recommendations," Lia says. "Many of the documents are religious and propagandist in tone and entirely devoted to providing justifications for jihad. If you've read one or two, you've read them all." But this document was different. It mentioned the Spanish elections, which were four months away, and recommended "painful strikes" in the run-up to the election in order to influence its outcome. The author lays out the argument as for why an attack against Spain would be most effective. There wasn't a specific call for an attack in Europe, Lia says, but rather the terms called for an attack against Spanish forces. As translated <http://www.mil.no/felles/ffi/start/article.jhtml?articleID=71589> by Lia and his colleague Thomas Hegghammer, the document contends: We think that the Spanish government could not tolerate more than two, maximum three blows, after which it will have to withdraw as a result of popular pressure. If its troops still remain in Iraq after these blows, then the victory of the Socialist Party is almost secured, and the withdrawal of the Spanish forces will be on its electoral programme. "Like everyone else, I assumed all the intelligence agencies in the world were monitoring these Web sites and checking them out," Lia says. "I didn't think to alert anyone. It seemed obvious. I thought they must have been read." + Monitoring Web sites The U.S. government doesn't actively monitor Web sites, according to Richard Clarke. Some ISPs and Web hosts might, although currently there is no legal obligation to do so. "You're treading on dangerous ground when you start limiting content, unless the site is clearly linked to a violation of the law," he says. But while First Amendment concerns exist, it is the sheer volume of Web sites and e-mail traffic that mostly hampers monitoring. "Unless there is a specific complaint, [Web hosting companies] don't have the wherewithal to monitor the content or the responsibility," says FBI agent Mike Rolince, of the Washington, D.C. field office. The same issue of resources prohibits the Department of Justice from monitoring Web sites says Department of Justice spokesman Bryan Sierra. "We don't have the manpower or the desire to sit around and monitor the Web 24-7," Sierra says. "We're not the guys out there trying to determine what is on the Internet. That's not our goal. Our goal is to determine what is illegal." California-based Yahoo! spokeswoman Mary Osako would not comment on how aggressively Yahoo! monitors the content of the Web sites it hosts, but the company investigates every complaint it receives. She says that the company has the "ability across languages" to scrutinize sites but for the most part Yahoo! relies on its members to report any inappropriate use. Osako would not disclose how many reports the company has received regarding terrorist-related material. In the end, taking down a Web site isn't going to solve the problem. "The opposition sees that as nothing more than a temporary inconvenience," according to Rolince. Going forward, Dale Watson, former special agent in charge of counter-terrorism in the Washington bureau of the FBI, expects the bureau to continue to use the e-mail equivalent of telephone wiretaps as a surveillance tool. Since March 2004, the European Union has discussed imposing requirements on Internet service providers (ISPs) and cell phone companies to keep permanent records accessible to law enforcement. The European Council will vote on the matter in June 2005. For the Department of Justice, the main obstacle and main challenge will be keeping up with the emerging technologies terrorists use, Sierra says. But the intelligence aide to the U.S. senator believes that the cyber age and "all the cool tools" shouldn't dazzle law enforcement. "There is an increasing need for old-fashioned, shoe-leather spying, human intelligence and agents who will tell us things about the bad guys," he says. "It's face-to-face where we can really make strides against terrorism." Andrew Becker is a student at the Graduate School of Journalism at University of California, Berkeley. His articles have appeared in the Boston Globe, the San Francisco Chronicle, and FRONTLINE. [Non-text portions of this message have been removed] ------------------------ Yahoo! Groups Sponsor --------------------~--> DonorsChoose. A simple way to provide underprivileged children resources often lacking in public schools. Fund a student project in NYC/NC today! http://us.click.yahoo.com/EHLuJD/.WnJAA/cUmLAA/TySplB/TM --------------------------------------------------------------------~-> -------------------------- Want to discuss this topic? Head on over to our discussion list, discuss-osint@yahoogroups.com. -------------------------- Brooks Isoldi, editor bisoldi@intellnet.org http://www.intellnet.org Post message: osint@yahoogroups.com Subscribe: osint-subscribe@yahoogroups.com Unsubscribe: osint-unsubscribe@yahoogroups.com *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> To unsubscribe from this group, send an email to: osint-unsubscribe@yahoogroups.com <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/ --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
participants (1)
-
R.A. Hettinga