Social networks link terrorists

[Eugen Leitl]

(suuure)

http://www.pcworld.idg.com.au/article/272364

Social networks link terrorists

A new breed of cyberterrorists are using online forums to recruit people who
support Al-Qaeda, creating global networks of would-be terrorists.

Elizabeth Montalbano (IDG News Service) 08/01/2009 09:17:00

A new breed of terrorists are using online forums to recruit people who align
themselves with the mission of Al Qaeda, creating global networks of would-be
terrorists who pose a growing threat, a senior cyberterrorist researcher
warned this week.

Cyberterrorists are using a series of online forums and at least one
social-networking site, PalTalk, to recruit people to their cause, Evan
Kohlmann, a senior investigator and private consultant for Global Terror
Alert, said at the International Conference on Cyber Security 2009 in New
York. Many of these people never actually meet in person, but conspire online
to launch both cyberterrorist and physical terrorist attacks such as suicide
bombings, he said.

Global Terror Alert is an online clearinghouse of information for
counter-terrorist researchers, analysts and policymakers. Kohlmann also acts
as a consultant to law-enforcement agencies on terrorist cases.

At the conference, Kohlmann outlined Operation Praline, a sting operation in
the U.K. that ultimately uncovered a would-be terrorist network in three
countries led by Aabid Khan, a then-19-year-old Briton.

Khan, who was arrested in June 2006 when he was returning from a trip to
Pakistan, used online forums and chat rooms to "meet" people and essentially
became "a terrorist recruiter using the Internet," Kohlmann said. When he was
apprehended, law-enforcement officials had reason to believe he was planning
to set off bombs in Washington, D.C., and New York.

Khan, who promoted a "worldwide" war against people who did not support Al
Qaeda, also was the ring-leader for other terrorist plots hatched in the U.K.
and Canada; the perpetrators of those -- most notably a group of 17 men
arrested in Toronto just before Khan's own arrest -- were apprehended before
the acts were carried out.

Khan used a series of so-called jihadi online forums where people who support
Al Qaeda and aim to wage terrorist attacks share their ideas, Kohlmann said,
calling these sites the "Facebook and MySpace" of cyberterrorists. Khan also
encouraged mounting cyberattacks on people who did not support his viewpoint,
he said.

While his reference to social networks was meant as a comparison, people have
actually used PalTalk, a chat-room hosting site, to host a live
question-and-answer with people they alleged to be Al-Qaeda leaders, Kohlmann
said. He said that he's not sure if the company "actually realizes what is
going on with their chat rooms," but that the chat room in question is well
known among members of jihadi forums.

"In this case, we are particularly talking about a single chat room, with a
slightly-changing-but-mostly-static identifiable name, accessible via the
official PalTalk chat room index," he said via e-mail a day after his
presentation in New York. "This chat room has been routinely advertised on
jihadi Web forums, and it is used on a day-to-day basis to trade download
links for Al Qaeda propaganda videos [and] terrorist instructional manuals
... If the company hasn't gotten a hint of any of this by now, then they
really need to start re-considering their security policies."

Judy Shapiro, vice president of marketing for New York-based PalTalk, said
the company is aware that there are Al Qaeda-focused rooms on its site, but
if the chat occurring within those rooms does not violate the company's terms
of service for troublesome language, freedom of speech applies.

"We absolutely shouldn't discriminate," she said. "We can't constrain
people's ability to say what they want. If someone says, I am the head of Al
Qaeda, come talk to me, that's perfectly legal."

In its terms of service, PalTalk lists "unacceptable conduct" that would
violate those terms as "threatening, harassing, or intimidating another user"
or "transmitting any unlawful, threatening, abusive, profane, offensive,
defamatory, or hateful text or voice communication or images or other
material, or any racially, ethnically or otherwise objectionable material, or
any material that violates or infringes the intellectual property or privacy
or publicity or other rights of any other party," among other kinds of
behavior.

PalTalk will take down a chat room with no warning if users report trouble to
its moderators. "If someone said, how do I create a bomb I can [detonate] in
Times Square," that would obviously raise a red flag, Shapiro said.

In cases where "the level of language" would warrant an investigation,
PalTalk would take whatever steps necessary to cooperate with law-enforcement
officials or take down the site or both if there is good reason, she said.

In the meantime, others are doing their own part to take down jihadi Web
forums, Kohlmann said. More than five of the top jihadi Web forums --
including ones called Al-Ekhlaas, Al-Hesbah, Al-Firdaws and Al-Boraq -- have
been knocked offline since September, and several others that are still live
such as Al-Shamikh, Majahden, and Al-Faloja "are suffering periodic blackouts
which can last anywhere from several hours to a week in length," he said in
the e-mail.

However, "you knock one out, another one pops up the next day," Kohlmann said
at the conference, so just taking down the sites is not an effective way to
stop cyberterrorists and would-be accomplices from meeting via online forums.

He thinks the real way for law-enforcement officials to hamper
cyberterrorists and would-be accomplices using these sites is to join them
and cause confusion and mistrust among their ranks.

"Infiltrating the system is most effective," he said. "People don't know if
you're a real jihadi or an agent. These people have never met each other and
if you give them a reason not to trust each other, that's all it takes" to
disrupt their activities.