Assessing and Combating the Hacker Potential of Al-Qaeda by Christopher McComas, April 2002

What role does technology play in Islamic countries, and how are terror groups around the world using technology today?İ As a systems engineer, security expert and anti-hacker par excellence, I am increasingly concerned about the ways that terrorists could and do use Western technology to help plan and execute acts. For example the planes in the September 11 attack on the World Trade Center were used as guided missiles to take down the towers.İ If the terrorists did not have prior knowledge of avionics and basic flight training they would not have been able to execute their plan.İ Throughout this paper, technologies will be identified that might be used to aid terrorists in the present and future, focusing, in particular, on the hacker potential of Al-Qaeda and their encrypted use of the internet to organize their Holy War, Inc. as Peter Bergen so aptly coined their operations.

The Encyclopedia Britannica defines terrorism as ìthe systematic use of violence to create a general climate of fear in a population and thereby to bring about a particular political objective. Terrorism involves the use or threat of violence and seeks to create fear, not just within the direct victims but also among a wide audience.î (Encyclopedia Britannica) We must also realize that terrorism can have many motives.İ Terrorism can be used to bring about social, religious or economic changes.İ The September 11 terrorist bombings had many motives, and while the political motive was the primary one, the acts had an economic undertone as well.İ Why else would they destroy one of the icons of U.S. economic power?İ Did Bin Laden gain his objective of ridding the Middle East of foreigners?İ I believe that his plan backfired and brought even more foreigners into the Middle East.İ Now that Americans are waging war in Afghanistan, more people and equipment have arrived and will be staying for an indeterminate amount of time. Bin Laden also has caused the downfall of his only ally the Taliban, because they refused to hand him over for the September 11 bombings.

ìCyberterrorism is the convergence of terrorism and cyberspace. It is generally understood to mean unlawful attacks and threats of attack against computers, networks, and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.î (The Terror Research Center)

With American as well as Western allies on the ground in the Middle East, planes, vehicles and troops need a way to easily navigate the surrounding area.İ The U.S. government has a technology called the global positioning system (GPS), which allows people to know exactly where they are on earth.İİİ It works much like a compass and sextant but uses a constellation of satellites instead of stars for navigation. This technology could be used to help terrorists move around the desert and avoid capture in the mountainous regions of Afghanistan and Pakistan. On the other side of the story the GPS system is also a very dangerous technology for terrorists. Many smart bombs like the tomahawk missile use the GPS constellations in the sky to home in on and destroy caves and bunkers.İ

What might happen if a Bin Laden- or Taliban- sponsored hacker were able to somehow hack into the computer systems controlling the GPS network?İ Terrorists could send bombs to the wrong locations or cause friendly fire accidents.İ Would it be possible to break into the government and gain access to the satellites, which provide GPS functions?İ I think the answer is yes, because if terrorists have the money to purchase small amounts of weapons-grade uranium and plutonium, they should have more than enough money to convince a small-time hacker to do the dirty work for them.İ One million dollars is not a lot for weapons but it is a fortune to a hacker, almost too good to resist.İ Yet another possibility is that terrorists could take up hacking themselves.İ Instead of remote training camps in the desert teaching bomb-making and survival skills, new camps can be based in office buildings teaching the basics of cyber terrorism and hacking.İ The money needed to start such schools would be almost negligible and the effects on the digital economy would be profound.İ One such camp could theoretically turn out a class of hackers once every three to six months.İ Then the new hackers could be spread around the world to cause chaos or funnel money to the cause.

Terrorists with weapons in hand need a way to communicate with each other.İ This is where Western technology really comes into play. The Afghan Wireless Communications Company has recently finished construction of a 3.7-meter satellite antenna and all associated switching equipment to bring Afghanistan on to the international telephone system. (Afghan Wireless Communication Company) With telephone conductivity the terrorists now have a medium to communicate with each other over long distances.İ With a phone system in place it is now possible for terrorist leaders to reach out and touch operatives in enemy states.İ With this type of communication coordination, attacks such as those on the World Trade Center and the Pentagon can take place.İ It also allows the leaders of the terrorist organization to remotely activate and control sleeper operatives.İİİ

Once terrorists have access to phone lines it's only natural to assume that they would have Internet connectivity. With access to the World Wide Web whole new worlds of possibility would open up to them.İ For instance, terrorists could conduct easy covert communications via e-mail and chat software, establish repositories for information regarding plans and possible attacks, distribute propaganda to get more support and money for their cause, and even find information how to build and detonate bombs.İİ ìThe terrorists did research on the Internet to find out about the construction of the World Trade Center, the layout of the Pentagon, the volatility of jet fuel, and more. Technology, which has enabled American culture to spread throughout the world, is now allowing that world to strike back at us.î (Dylan Tweney)İ We live in a free information society, where information such as building plans are freely available and not guarded secrets; it would be relatively easy for a terrorist to use the Internet to find information on building methods and strength of materials.İ As most of the terrorists had advanced degrees it is possible that they would be able to calculate the proper amount of explosives or fuel to bring down a building.İ ìOther sites actually provide information on how to build bombs as well as instructions for making dangerous chemical and explosive weapons. Many of these sites post the Terrorist's Handbook and The Anarchist Cookbook which offer detailed instructions of how to construct a wide range of bombs.î(Anti-Defamation League)

İİİİİİİİİİİ What if a terrorist group was able to figure out how to take control of the phone system in the U.S. or Europe?İ With the phone system down most commerce as we know it would stop.İ Stock could not be traded, e-commerce would grind to a halt and you would not be able to call a cab to pick you up from the airport.İ Companies would not be able to function, and economic markets would stop: the whole Western world would be thrown into chaos until the system was restored and fixed.İ All it would take is one or two good hackers and such a plan could be put in place.İ With Bin Ladenís money it should be easy to find people willing to perform such a task.

As we can now see ìThe world is a smaller, more terrifying place, and much of that is thanks to technology. It's frighteningly easy for one person, or a relatively small group of people, to cause destruction, chaos, misery, and confusion from ten thousand miles away. The terrorists involved almost certainly used email and cell phones extensively; they may also have used instant messaging, faxes, and even messages hidden in pornographic images posted on Usenet.î( Dylan Tweney)İ As with any new technology if it falls into the wrong hands it can cause harm.İ The use of digital communications has made it far quicker for terrorists to send messages back and forth.İ It has also made the communications far more secure and harder for lawmakers to detect and decipher. Things that might seem innocent from the outside such as a chat room can become a menacing tool in the arsenal of terroristsí worldwide.İ

The use of hidden messages in images is another relatively new technology. Itís almost impossible to detect and can be posted right in front of the lawmakersí noses.İ This technology is called steganography. ìSteganography is, in broad terms, embedding covert communications within seemingly innocuous communications. Only persons who have knowledge of the embedded information and possess a ëkeyí will be able to decode and view the information.î (Stephen Lau) ìİ It might even be possible for the videos released from Bin Laden and the Taliban to have been run through a computer, thus encoding information into the frames of the video.İ Video cameras film at 24 or more frames a second; imagine the sheer amounts of data that could be stored in just a minute of footage. The distribution channels would also be free and widespread as well.İ All terrorists would need is a computer with the proper equipment and the key to unlock the encrypted data in the frames.İ This might be a stretch for todayís technology but it is not out of the possibility for the near future.İ This might also be why Washington studies all propaganda and videos released before public airing.İİİ

Though this technology is new, itís more than reasonable to think that terrorists are using it.İ Itís the next level of encryption, with pretty good protection (pgp) encryption you know a document is encrypted but with steganography you do not really know if a document exists within the picture.İ This makes it harder to detect, and if for some reason they do detect it, law enforcement would have a hard time decoding it.İ With the thousands of image archival sites on the Internet terrorists have thousands of places to secretly dump the plans for their next attack, and law enforcement would be none the wiser.

ìWe do know that Osama Bin Laden, who has been invoked as a suspect, was a sophisticated consumer of crypto technology. In the recent trial over the bombing of the Libyan embassy, prosecutors introduced evidence that Bin Laden had mobile satellite phones that used strong crypto.î (Steven Levy)

İİİİİİİİİİİ Terrorists could have also benefited from off-the-shelf planning and simulation software.İ Programs that could keep track of events and timelines would surely have made planning such acts much easier.İ "They benefited clearly from these technologies, such as simulation tools that allowed them to learn how to fly an airplane.İ Their training could have been as simple as using commercially available game simulations, which would have been chancy but would have provided some level of expertise, to actually having been trained on full-scale simulators."î(Dan Verton)İ It is clear that the terrorists had to use flight simulation programs ìpossibly Microsoft Flight Simulator, which includes detailed cockpit mockups as well as the exact latitude and longitude of the World Trade Center.î (Dylan Tweney) The terrorists of the September 11 bombing also had formal training at flight schools and on school simulators.İ This would have given them the feel of the actual plane and controls while the cheaper flight simulators could have been used for navigation practice.

One technology that terrorists are using quite extensively is encryption.İ Encryption is a way of coding messages so that only the intended reader can open the message.İ The computer will use special algorithms and keys known by both the sender and receiver to scramble the message.İ If someone intercepts the message, it will take lots of computing power to break the encryption and read the message.İ Terrorists surely use this to protect themselves on the Internet.İ Encryption used in business is getting stronger and stronger and its availability is very widespread.İ Western governments have put export restrictions on most forms of encryption, but most can be had from a pirate site without signing waivers stating that you are from an ìallowedî country.

ìExperts say that terrorists have made a practice of putting encrypted messages, including maps of targets, inside seemingly innocent Internet chat rooms, bulletin boards and other Web sites. The same advantages the Internet and advanced technology bring to the general public and to business speed, security and global linkage are helping international terrorist groups organize their deadly and disruptive activities.İ The Internet and e-mail provide the perfect vehicles for these groups to communicate with each other, to spread their message, to raise money and to launch cyber attacks.î( Jay Lyman)

It would be a trivial matter for a well funded terrorist group to set up a website to recruit new operatives as well as collect funds via an online credit card system.İ Such a site would be able to reach a much larger audience and spread the word faster and far cheaper then the methods of the past.İ It could also be a place to dump images with hidden messages in plain sight.İ With freedom of speech laws, it would be almost impossible to force removal of such a site.İ It would be even harder to disable if it was physically located outside the U.S.

Just as instant messaging is popular with the everyday person here in America, it can be just as popular and even more important for terrorists.İ Terrorists can secure a private chat room and plan attacks around the world.İ Many different terror cells can plan a joint strike with ease and all be located physically in different countries.İ Americans were stunned with the planning of the September 11 tragedy, but in the future we could have multiple targets in multiple countries being hit in rapid succession.

ìIf you move beyond the Web, terrorist organizations do use information technology as a very viable and secure communication mechanism. The Web could help facilitate attacks by terrorist groups on not only the Internet economy, but on power, transportation and other systems that rely on information that is linked to the Web. Despite their ongoing efforts to cripple parts of the Web, disrupt infrastructure systems such as electrical power or steal money and information from government and businesses, terrorists have a vested interest in keeping the Internet working.î (Jay Lyman) Terrorists have more to gain from the Internet so I do not think it will be a target.İ Specific sites might be ruled out but the backbone as a whole will be left untouched.İ The security, speed and convenience of communication far outweigh the gains of bringing the Internet down.İ Technology will play a vital role in the terrorist networks of the future.

ìTerrorists are using the Internet more than they are attacking it. At least 12 of the 30 groups on the State Department's list of designated foreign terrorist organizations maintain Web sites on the Internet. While U.S. officials believe that some terrorists use encrypted e-mail to plan acts of terrorism, most groups appear to use the Internet to spread their propaganda.î(Anti-Defamation League)

The Internet is just the door to private networks where the real trouble can begin.İ Companies or governments that do not take security measures are very vulnerable to attack.İ If the defenses of a company are broken and a terrorist does happen to gain access.İ Then the company is at the mercy of the terrorist.İ Suppose a large drug company is compromised, the hacker goes unnoticed and learns the companyís system.İ He or she finds the systems that control the chemical reactors that are used in the production of a popular over-the-counter drug.İ The hacker then changes the ingredients so that the final product is toxic and deadly.İ Now the terrorist has used the company to further its terror.İ The product will be sold through its normal distribution channels and people will consume the drug thinking itís safe.İ After people start dying the group reveals that it is responsible and claims a small victory for their cause.İ ìThe fear surrounding cyberterrorism is that terrorists and other criminals could attack and penetrate our nation's critical infrastructure computer systems and endanger human lives by disrupting military networks, emergency medical services, land and air transportation systems, telecommunications and utilities. Cyberterrorists could also cause chaos and anarchy by attacking banking and other financial computer networks.î(Anti-Defamation League)

ììWhile law enforcement officials are aware of terrorists' use of the Internet, they cannot monitor Web sites for both logistical and legal reasons,î according to spokesperson Steve Berry of the U.S. Federal Bureau of Investigations' National Infrastructure Protection Center.İ The rapid advancement of technology makes it hard to fight terrorists, who, experts agree, are adept at using the Internet and other advanced technology. Bin Laden's al Qaieda and other terrorist groups have reportedly used encryption programs that are available free on the Web, as well more powerful anti-spy software purchased on the open market.î( Jay Lyman)

ìTerrorism and the Internet are related in two ways. First, the Internet has become a forum for terrorist groups and individual terrorists both to spread their messages of hate and violence and to communicate with one another and with sympathizers. (Anti-Defamation League)

We have no real way of enforcing law on the Internet because obviously it has no borders.İ We can, however, make systems more secure and force the removal of pages that have content that could be dangerous to national security.İ The government could also ask the popular Internet providers to filter out certain sites that support terrorists or their cause.İ It would require people giving up some freedom of speech but most would agree that national security is more important than having access to The Anarchistís Cookbook. It would be a simple matter to block the international sites that support terrorism, raise money for terrorism or recruit members.İ This could be as simple as changing a rule set on a firewall.

ììAl-Qaida terrorists may have been using data gleaned from the Internet about insecticides and pest-control products to prepare for new attacks involving American dams and water-supply systems,î the FBI said. Investigators said law-enforcement and intelligence agencies also received indications that al-Qaida terrorists have sought information on automated systems, called supervisory control and data acquisition networks, controlling water supplies and wastewater facilities in the United States and overseas.î (Ted Bridis)İ Think of the chaos that could be caused if a terrorist group seized control of an air traffic control system or some type of system at an automated food processing plant.İ The risks are real and out there, we have to prepare ourselves and implement technologies such as intrusion detection systems and hardened firewalls. An intrusion detection system is a device on a computer network that actively monitors the entire network and looks for suspicious activities.İ Activity that would only take place if the network or machines were compromised by some outside person. An example of this would be a port scan of a machine, this is when a hacker scans to see if certain ports on a machine are open for attack.İ An Intrusion detection system would recognize the port scan as malicious activity and notify an administrator or take some type of counter measure. A firewall is a companyís first defense against cyber break-ins.İ It is a device that only allows ìgoodî traffic on the network

İİİİİİİİİİİ Technology is used by Bin Ladenís forces but Bin Laden himself uses very little of it. ìInstead, he has fallen back on ancient methods of communication, denying U.S. and its allies the chance to track electronic footprints, satellite signals or even the radiation emissions from cellular phones.î (Sharon Gaudin) It is possible for the U.S. to triangulate the location of any transmitter used by Bin Laden and send a bomb or missile to that location.İ This is why Bin Laden himself does not use cell phone or satellite phone technology.İ ìU.S. forces have not yet ferreted Bin Laden and some of his lieutenants out of hiding. Security analysts and former military personnel say the top members of Al Qaeda, who are well-educated and skilled, know where high-tech tools will help the cause and are paranoid enough to distance themselves personally.î(Sharon Gaudin) This is because most terrorists know the capabilities of the U.S. military.İ They know the use of a cell phone or satellite phone can be used to guide a bomb right to them.İİ

İìFor years, experts have been warning of the increased threat from terrorists' use of commercial IT tools, such as powerful encryption software, cell phones, Web pages and steganographic images. However, experts also say that the events of September 11 point to a combination of traditional, non technical coordination and detailed knowledge of how to avoid detection by U.S. intelligence surveillance systems.î (Dan Verton)İ With Web anonomizers and other similar technologies terrorists can plan and browse suspicious sites without fear of detection. A Web anonomiser is a site that will allow you to browse other sites without fear of detection or being watched.İ The technology was originally for people that wanted to browse sites in the office that were of a risquÈ nature, but the technology can be used for other, more sinister purposes.

İİİİİİİİİİİ ìAttacking computer systems rather than physical targets has several advantages for terrorist groups, These attacks would cause economic damage while allowing less chance of capture than planting a bomb, they could generate good publicity, the skills needed for the attack can be bought from hackers, and the threat of these attacks could be used to extort money from potential victims,î(Douglas Hayward) Hacking into a system is much cheaper then a conventional war, with much less loss of life for the terrorists.İ It is cheap to get started and can have a devastating effect on the enemy.İ Another advantage is that the terrorists do not even have to be in the country when they execute the attack.İ The attack can take place next-door or around the world.İ Most of the time it will be days or weeks until the administrators at an attacked site know the system has been compromised.İ Once in the terrorists can snoop and learn about the systems or technologies they are interested in.İ All that a terrorist would need is a hacker willing to work for money and a plan.İ With enough money a hacker would be more than willing to risk imprisonment and a sentence of treason to pull off a job.

ìIslamic militant organizations also use the Internet to disseminate their anti-Western, anti-Israel propaganda. Several Internet sites created by Hamas supporters, for example, carry the organization's charter and its political and military communiquÈs, some of which openly call for and extol the murder of Jews. Still others use the Internet to raise funds; Hezbollah, for example, the pro-Iranian Shiite terrorist organization based in south Lebanon, sells books and publications through its Web site.î(Anti-Defamation League)İ The message of hate can be spread electronically with an ease that was never before possible.İ Money can be collected from sites setup to take donations to support the terroristsí cause.İ Plans can be made on-line and sent to operatives around the world in e-mail or pictures.İ The Internet has many roles in terrorism today and getting the word out to people is just one of them.

It is quite clear from recent events that terrorists are using Western technology to help plan and implement many of their attacks.İ Looking at September 11 alone we can see just how much technology was used.İ From the aircraft to the communication network needed to plan and coordinate actions from different locations around the country simultaneously.İ If we do not start protecting our vital government and commercial links the western world will have a long and hard fight ahead.İ It has become clear that even though most Middle Eastern terrorists do not like technology, they do in fact use it with frightening efficiency.İ In the future as more companies go on-line, opportunities will open up for all new terrorist attacks.İ The companies of the future will need to be ever vigilant when it comes to network and computer security, because no one who knows what could think up next.İİ

References

 

 

 

Afghan Wireless Communication Company ‚ Main page, (n.d.)
İİİİİİİİİİİ Retrieved March 1, 2002, from http://www.afghanwireless.com/

 

Anti-Defamation League, (1998) Terrorist Activities on the Internet
İİİİİİİİİİİ Retrieved March 1, 2002, from http://www.adl.org/Terror/focus/16_focus_a.html

 

Ted Bridis, (2002) Terrorists used Interned to research new attacks, FBI says
İİİİİİİİİİİ Retrievec March 1, 2002, from http://www.nando.net/technology/story/234164p-2247860c.html

 

Center For Nonproliferation Studies ‚ Afganistan. (n.d.)
İİİİİİİİİİİ Retrieved March 1, 2002, from http://cns.miis.edu/research/wtc01/afghan.htm

 

Chapman, Brent and Zwicky, Elizabeth

İİİİİİİİİİİ Building Internet Firewalls.

İİİİİİİİİİİ New York: OíReilly. 1995.

 

Costello, Andrea. Personal interview. Apr. 2002.

 

"Terrorism" EncyclopÊdia Britannica
İİİİİİİİİİİ Retrieved March 1, 2002, fromİİİİ <http://www.britannica.com/eb/article?query=terrorism&eu=73664&tocid=217761

 

Frankel Lory. Personal interview. Apr. 2002.

 

Sharon Gaudin, (2001) The terrorist network
İİİİİİİİİİİ Retrieved March 1, 2002, from http://www.nwfusion.com/research/2001/1126featside4.html

 

Douglas Hayward, (1997) Terrorists Target The Net
İİİİİİİİİİİ Retrieved March 1, 2002, from http://content.techweb.com/wire/news/may/0508terror.html

 

Hunt, Craig

İİİİİİİİİİİ TCP/IP Network Administration

İİİİİİİİİİİ New York: OíReilly. 1998.

 

Stephen Lau, (2001) An Analysis of Terrorist Groupsí Potential Use of Electronic Steganography
İİİİİİİİİİİ Retrieved March 1, 2002, from http://rr.sans.org/steg/terrorist.php

 

Steven Levy,(2001) Did Encryption Empower These Terrorists?
İİİİİİİİİİİ Retrieved March 1, 2002, from http://www.msnbc.com/news/627390.asp?0si=-&cp1=1#BODY

 

Jay Lyman, (2001) How Terrorists Use the Internet
İİİİİİİİİİİ Retrieved March 1, 2002, from http://www.newsfactor.com/perl/story/7731.html

 

Maneely Ken. Personal interview.İ Apr. 2002.

 

The Terror Research Center

İİİİİİİİİİİ Retrieved March 1, 2002, from http://www.terrorism.com/index.shtml

 

Thor, Joseph. Personal interview.İ Apr. 2002.

 

Dylan Tweney,(2001). Terror Technology
İİİİİİİİİİİ Retrieved March 1, 2002, from http://www.tweney.com/2001/0918terror.htm

 

Dan Verton,(2001) Terrorists use high-tech tools, low-tech tactics
İİİİİİİİİİİ Computerworld, Retrieved March, 1, 2002, from http://www.computerworld.com/cwi/story/0,1199,NAV47_STO63768,00.html

 

Ziegler, Robert

İİİİİİİİİİİ Linux Firewalls

İİİİİİİİİİİ Indiana: New Riders. 2000.