Weapon of Choice: How Terrorists
Use the Web
Source: News Factor
February 26, 2001
The same advantages the Internet and advanced technology
bring to the general public and to business -- speed, security and
global linkage -- are helping international terrorist groups organize
their deadly and disruptive activities.
"The Internet and e-mail provide the perfect vehicles
for these groups to communicate with each other, to spread their
message, to raise money and to launch cyberattacks," iDefense director
of intelligence for special projects Ben Venzke told NewsFactor
Network.
A recent report from U.S. officials indicates that
terrorists’ use of the Web for communication and coordination through
the use of encrypted messages is widespread, with numerous sites --
many of which are unaware of the use to which they are being put --
serving as conduits for terrorist conspiracies.
Government and private Internet security firms are doing
their best to keep up with the terrorists, but the task is made more
difficult by advancing technologies available to groups bent on
targeting the U.S. and its citizens, allies and businesses.
Terror Tool
Security officials in government and private industry
agree that the Web is heavily used by terrorists such as Osama bin
Laden and other extremist groups, including Middle East terror
organizations Hezbollah and Hamas.
"Terrorists use the Web mostly for propaganda and for
information exchange," said Matthew Devost, founding director of the
Terrorism Research Center. "If you move beyond the Web, terrorist
organizations do use information technology as a very viable and
secure communication mechanism."
Devost told NewsFactor that despite the Internet’s
viability as an economic medium, it has proven somewhat insecure for
commercial transactions.
He said the Web could help facilitate attacks by
terrorist groups on not only the Internet economy, but on power,
transportation and other systems that rely on information that is
linked to the Web.
’No Limit’
Terrorists are beginning to use the Web in interesting
ways, Vigilinx director of intelligence Jerry Freese told NewsFactor.
"There’s really no limit to it," Freese said. "Anywhere
you can send an e-mail with an audio or graphics file is fair game."
Freese, whose security company provides secure servers,
intruder detection and security audits, said terrorist cells around
the world use the Internet for scheduling, meeting and organizing.
"We see the Web as a terrorism-assistance tool that
allows them to do things in secrecy," he said, referring to encrypted
messages. "The thing is, it can originate from anywhere. The Web, of
course, is ubiquitous."
Freese said steganography -- putting encrypted messages
in electronic files -- is widely used by terrorist groups. A recent
government report indicated that terrorists have been hiding pictures
and maps of targets in sports chat rooms, on pornographic bulletin
boards and on Web sites.
Reliance on the Net
Despite their ongoing efforts to cripple parts of the
Web, disrupt infrastructure systems such as electrical power or steal
money and information from government and businesses, terrorists have
a vested interest in keeping the Internet working.
"It’s a very good tool for them," Freese told
NewsFactor, "so they don’t want to disrupt the flow of the Web;
rather, they’ll target specific companies that are working with or are
sympathetic to their enemies."
Rogue Rights
While law enforcement officials are aware of terrorists’
use of the Internet, they cannot monitor Web sites for both logistical
and legal reasons, according to spokesperson Steve Berry of the U.S.
Federal Bureau of Investigations’ National Infrastructure Protection
Center.
"However repugnant to our perception and to the general
public and law enforcement their Web site or use of it might be, that
does not give us the authority to block them," Berry told NewsFactor.
"That’s free speech. That’s the country we live in."
Venzke, whose company tracks Web-based threats for
Fortune 500 companies and government, said law enforcement is also
limited by national culture and geography. The Web offers entry into
any country from anywhere, and with so many points linked together,
terrorist activity is often impossible to track.
"How do you force an [Internet service provider] halfway
around the world, which may not be friendly to you to begin with, to
shut down a Web site?" Venzke asked.
Predicting Protection
The rapid advancement of technology makes it hard to
fight terrorists, who, experts agree, are adept at using the Internet
and other advanced technology. Bin Laden’s al Qaida and other
terrorist groups have reportedly used encryption programs available
free on the Web, as well more powerful anti-spy software purchased on
the open market.
The Terrorism Research Center’s Devost said that despite
a number of valid efforts to combat terrorists, targeted countries and
businesses are not prepared.
"Most nations, and most companies, are not being
diligent with regard to addressing information security concerns and
fortifying their security posture," said Devost.
Counter Strike
Security experts claim they are getting better at
detecting and decoding terrorist communiques, but more awareness and
information sharing is needed.
"Right now, it’s very hard to detect where these
messages are coming from and what their intent is," said Freese.
"Information exchange is a key issue here. We have a lot of
repositories of information, but it isn’t shared. The government is
trying to collate information from private and government sources to
coordinate defenses."
Devost agrees, adding that despite increased efforts to
keep tabs on terrorists, vulnerabilities are on the rise.
"Governments are making great progress in understanding
the way these groups are utilizing technology," Devost said, "[but]
while we are making progress, it is not enough."
by Jay Lyman
http://www.NewsFactor.com