Thursday, December 18, 2008

News: Terrorist instructions hidden online

2001/02/05 Jack Kelley 接連在《 USA Today 》發表兩篇報導, 指出美國官方及專家認為賓拉登及其組織可能透過將恐怖攻擊計畫藏在色情網站的圖片之中,或是運動聊天室來傳遞攻擊指令。

原始新聞連結 / Original Link
Terror groups hide behind Web encryption



02/05/2001 - Updated 05:17 PM ET
By Jack Kelley

WASHINGTON — Hidden in the X-rated pictures on several pornographic Web sites and the posted comments on sports chat rooms may lie the encrypted blueprints of the next terrorist attack against the United States or its allies. It sounds farfetched, but U.S. officials and experts say it's the latest method of communication being used by Osama bin Laden and his associates to outfox law enforcement. Bin Laden, indicted in the bombing in 1998 of two U.S. embassies in East Africa, and others are hiding maps and photographs of terrorist targets and posting instructions for terrorist activities on sports chat rooms, pornographic bulletin boards and other Web sites, U.S. and foreign officials say.

"Uncrackable encryption is allowing terrorists — Hamas, Hezbollah, al-Qaida and others — to communicate about their criminal intentions without fear of outside intrusion," FBI Director Louis Freeh said last March during closed-door testimony on terrorism before a Senate panel. "They're thwarting the efforts of law enforcement to detect, prevent and investigate illegal activities."

A terrorist's tool

Once the exclusive domain of the National Security Agency, the super-secret U.S. agency responsible for developing and cracking electronic codes, encryption has become the everyday tool of Muslim extremists in Afghanistan, Albania, Britain, Kashmir, Kosovo, the Philippines, Syria, the USA, the West Bank and Gaza and Yemen, U.S. officials say.

It's become so fundamental to the operations of these groups that bin Laden and other Muslim extremists are teaching it at their camps in Afghanistan and Sudan, they add.

"There is a tendency out there to envision a stereotypical Muslim fighter standing with an AK-47 in barren Afghanistan," says Ben Venzke, director of special intelligence projects for iDEFENSE, a cyberintelligence and risk management company based in Fairfax, Va.

"But Hamas, Hezbollah and bin Laden's groups have very sophisticated, well-educated people. Their technical equipment is good, and they have the bright, young minds to operate them," he said.

U.S. officials say bin Laden's organization, al-Qaida, uses money from Muslim sympathizers to purchase computers from stores or by mail. Bin Laden's followers download easy-to-use encryption programs from the Web, officials say, and have used the programs to help plan or carry out three of their most recent plots:

  * Wadih El Hage, one of the suspects in the 1998 bombing of two U.S. embassies in East Africa, sent encrypted e-mails under various names, including "Norman" and "Abdus Sabbur," to "associates in al Qaida," according to the Oct. 25, 1998, U.S. indictment against him. Hage went on trial Monday in federal court in New York.

  * Khalil Deek, an alleged terrorist arrested in Pakistan in 1999, used encrypted computer files to plot bombings in Jordan at the turn of the millennium, U.S. officials say. Authorities found Deek's computer at his Peshawar, Pakistan, home and flew it to the National Security Agency in Fort Meade, Md. Mathematicians, using supercomputers, decoded the files, enabling the FBI to foil the plot.

  * Ramzi Yousef, the convicted mastermind of the World Trade Center bombing in 1993, used encrypted files to hide details of a plot to destroy 11 U.S. airliners. Philippines officials found the computer in Yousef's Manila apartment in 1995. U.S. officials broke the encryption and foiled the plot. Two of the files, FBI officials say, took more than a year to decrypt.

"All the Islamists and terrorist groups are now using the Internet to spread their messages," says Reuven Paz, academic director of the Institute for Counter-Terrorism, an independent Israeli think tank.

Messages in dots

U.S. officials and militant Muslim groups say terrorists began using encryption — which scrambles data and then hides the data in existing images — about five years ago.

But the groups recently increased its use after U.S. law enforcement authorities revealed they were tapping bin Laden's satellite telephone calls from his base in Afghanistan and tracking his activities.

"It's brilliant," says Ahmed Jabril, spokesman for the militant group Hezbollah in London. "Now it's possible to send a verse from the Koran, an appeal for charity and even a call for jihad and know it will not be seen by anyone hostile to our faith, like the Americans."

Extremist groups are not only using encryption to disguise their e-mails but their voices, too, Attorney General Janet Reno told a presidential panel on terrorism last year, headed by former CIA director John Deutsch. Encryption programs also can scramble telephone conversations when the phones are plugged into a computer.

"In the future, we may tap a conversation in which the terrorist discusses the location of a bomb soon to go off, but we will be unable to prevent the terrorist act when we cannot understand the conversation," Reno said.

Here's how it works: Each image, whether a picture or a map, is created by a series of dots. Inside the dots are a string of letters and numbers that computers read to create the image. A coded message or another image can be hidden in those letters and numbers.

They're hidden using free encryption Internet programs set up by privacy advocacy groups. The programs scramble the messages or pictures into existing images. The images can only be unlocked using a "private key," or code, selected by the recipient, experts add. Otherwise, they're impossible to see or read.

"You very well could have a photograph and image with the time and information of an attack sitting on your computer, and you would never know it," Venzke says. "It will look no different than a photograph exchanged between two friends or family members."

U.S. officials concede it's difficult to intercept, let alone find, encrypted messages and images on the Internet's estimated 28 billion images and 2 billion Web sites.

Even if they find it, the encrypted message or image is impossible to read without cracking the encryption's code. A senior Defense Department mathematician says cracking a code often requires lots of time and the use of a government supercomputer.

It's no wonder the FBI wants all encryption programs to file what amounts to a "master key" with a federal authority that would allow them, with a judge's permission, to decrypt a code in a case of national security. But civil liberties groups, which offer encryption programs on the Web to further privacy, have vowed to fight it.

Officials say the Internet has become the modern version of the "dead drop," a slang term describing the location where Cold War-era spies left maps, pictures and other information.

But unlike the "dead drop," the Internet, U.S. officials say, is proving to be a much more secure way to conduct clandestine warfare.

"Who ever thought that sending encrypted streams of data across the Internet could produce a map on the other end saying 'this is where your target is' or 'here's how to kill them'?" says Paul Beaver, spokesman for Jane's Defense Weekly in London, which reports on defense and cyberterrorism issues. "And who ever thought it could be done with near perfect security? The Internet has proven to be a boon for terrorists."


原始新聞連結 / Original Link
Terrorist instructions hidden online



02/05/2001 - Updated 05:22 PM ET
By Jack Kelley

WASHINGTON — Osama bin Laden and other Muslim extremists are posting encrypted, or scrambled, photographs and messages on popular Web sites and using them to plan terrorist activities against the United States and its allies, U.S. officials say. The officials say bin Laden and his associates are using the Internet to conduct what some are calling "e-jihad," or holy war. Bin Laden, a dissident Saudi businessman, has been indicted for the 1998 bombing of two U.S. embassies in East Africa and is believed to be responsible for last fall's bombing of the USS Cole in Yemen. Four alleged bin Laden associates went on trial Monday in federal court in New York for the embassy bombings. "To a greater and greater degree, terrorist groups, including Hezbollah, Hamas, and bin Laden's al Qaida group, are using computerized files, e-mail, and encryption to support their operations," CIA Director George Tenet wrote last March to the Senate Foreign Relations Committee. The testimony, at a closed-door hearing, was later made public.

Through weeks of interviews with U.S. law-enforcement officials and experts, USA TODAY has learned new details of how extremists hide maps and photographs of terrorist targets — and post instructions for terrorist activities — on sports chat rooms, pornographic bulletin boards and other popular Web sites. Citing security concerns, officials declined to name the sites. Experts say it's difficult for law enforcement to intercept the messages.

"It's something the intelligence, law-enforcement and military communities are really struggling to deal with," says Ben Venzke, special projects director for iDEFENSE, a cyberintelligence company.

Officials and experts say the Internet is a new form of the "dead drop," a Cold War-era term for where spies left information. Officials and experts say the messages are scrambled using free encryption programs set up by groups that advocate privacy on the Internet. Those same programs also can hide maps and photographs in an existing image on selected Web sites. The e-mails and images can only be decrypted using a "private key" or code, selected by the recipient .

"The operational details and future targets, in many cases, are hidden in plain view on the Internet," Venzke says. "Only the members of the terrorist organizations, knowing the hidden signals, are able to extract the information."

Officials say bin Laden began using encryption five years ago, but recently increased its use after U.S. officials revealed they were tapping his satellite telephone calls in Afghanistan and tracking his activities.

"We will use whatever tools we can — e-mails, the Internet — to facilitate jihad against the (Israeli) occupiers and their supporters," Sheik Ahmed Yassin, the founder of the militant Muslim group Hamas said in a recent interview in the Gaza Strip. "We have the best minds working with us."

No comments:

Post a Comment