What role does technology play in Islamic countries, and how
are terror groups around the world using technology today?İ As a systems engineer, security expert and
anti-hacker par excellence, I am increasingly concerned about the ways that
terrorists could and do use Western technology to help plan and execute acts.
For example the planes in the September 11 attack on the World Trade Center
were used as guided missiles to take down the towers.İ If the terrorists did not have prior knowledge
of avionics and basic flight training they would not have been able to execute
their plan.İ Throughout this paper,
technologies will be identified that might be used to aid terrorists in the
present and future, focusing, in particular, on the hacker potential of Al-Qaeda
and their encrypted use of the internet to organize their Holy War, Inc. as
Peter Bergen so aptly coined their operations.
The Encyclopedia
Britannica defines terrorism as ìthe
systematic use of violence to create a general climate of fear in a population
and thereby to bring about a particular political objective. Terrorism involves
the use or threat of violence and seeks to create fear, not just within the
direct victims but also among a wide audience.î (Encyclopedia Britannica) We must also realize that terrorism
can have many motives.İ Terrorism can
be used to bring about social, religious or economic changes.İ
The September 11 terrorist bombings had many motives, and while the
political motive was the primary one, the acts had an economic undertone as
well.İ Why else would they destroy
one of the icons of U.S. economic power?İ
Did Bin Laden gain his objective of ridding the Middle East of foreigners?İ
I believe that his plan backfired and brought even more foreigners
into the Middle East.İ Now that Americans
are waging war in Afghanistan, more people and equipment have arrived and
will be staying for an indeterminate amount of time. Bin Laden also has caused
the downfall of his only ally the Taliban, because they refused to hand him
over for the September 11 bombings.
ìCyberterrorism
is the convergence of terrorism and cyberspace. It is generally understood
to mean unlawful attacks and threats of attack against computers, networks,
and the information stored therein when done to intimidate or coerce a government
or its people in furtherance of political or social objectives.î (The Terror Research Center)
With American as well as Western allies on the ground in the
Middle East, planes, vehicles and troops
need a way to easily navigate the surrounding area.İ The U.S. government has a technology called the global positioning
system (GPS), which allows people to know exactly where they are on earth.İİİ
It works much like a compass and sextant but uses a constellation of satellites instead
of stars for navigation. This technology could be used to help terrorists
move around the desert and avoid capture in the mountainous regions of Afghanistan
and Pakistan. On the other side of the story the GPS system is also a very
dangerous technology for terrorists. Many smart bombs like the tomahawk missile
use the GPS constellations in the sky to home in on and destroy caves and
bunkers.İ
What might happen if a Bin Laden- or Taliban- sponsored hacker were able to somehow hack into the computer systems controlling the GPS network?İ Terrorists could send bombs to the wrong locations or cause friendly fire accidents.İ Would it be possible to break into the government and gain access to the satellites, which provide GPS functions?İ I think the answer is yes, because if terrorists have the money to purchase small amounts of weapons-grade uranium and plutonium, they should have more than enough money to convince a small-time hacker to do the dirty work for them.İ One million dollars is not a lot for weapons but it is a fortune to a hacker, almost too good to resist.İ Yet another possibility is that terrorists could take up hacking themselves.İ Instead of remote training camps in the desert teaching bomb-making and survival skills, new camps can be based in office buildings teaching the basics of cyber terrorism and hacking.İ The money needed to start such schools would be almost negligible and the effects on the digital economy would be profound.İ One such camp could theoretically turn out a class of hackers once every three to six months.İ Then the new hackers could be spread around the world to cause chaos or funnel money to the cause.
Terrorists with weapons in hand need a way to communicate with each other.İ This is where Western technology really comes into play. The Afghan Wireless Communications Company has recently finished construction of a 3.7-meter satellite antenna and all associated switching equipment to bring Afghanistan on to the international telephone system. (Afghan Wireless Communication Company) With telephone conductivity the terrorists now have a medium to communicate with each other over long distances.İ With a phone system in place it is now possible for terrorist leaders to reach out and touch operatives in enemy states.İ With this type of communication coordination, attacks such as those on the World Trade Center and the Pentagon can take place.İ It also allows the leaders of the terrorist organization to remotely activate and control sleeper operatives.İİİ
Once terrorists have access to phone lines it's only
natural to assume that they would have Internet connectivity. With access
to the World Wide Web whole new worlds of possibility would open up to them.İ For instance, terrorists could conduct easy
covert communications via e-mail and chat software, establish repositories
for information regarding plans and possible attacks, distribute propaganda
to get more support and money for their cause, and even find information how
to build and detonate bombs.İİ ìThe
terrorists did research on the Internet to find out about the construction
of the World Trade Center, the layout of the Pentagon, the volatility of jet
fuel, and more. Technology, which has enabled American culture to spread throughout
the world, is now allowing that world to strike back at us.î (Dylan
Tweney)İ We live in a free information
society, where information such as building plans are freely available and
not guarded secrets; it would be relatively easy for a terrorist to use the
Internet to find information on building methods and strength of materials.İ
As most of the terrorists had advanced degrees it is possible that
they would be able to calculate the proper amount of explosives or fuel to
bring down a building.İ ìOther
sites actually provide information on how to build bombs as well as instructions
for making dangerous chemical and explosive weapons. Many of these sites post
the Terrorist's Handbook and The Anarchist Cookbook which offer detailed instructions
of how to construct a wide range of bombs.î(Anti-Defamation League)
İİİİİİİİİİİ What if a terrorist group was able to figure out how to take control of the phone system in the U.S. or Europe?İ With the phone system down most commerce as we know it would stop.İ Stock could not be traded, e-commerce would grind to a halt and you would not be able to call a cab to pick you up from the airport.İ Companies would not be able to function, and economic markets would stop: the whole Western world would be thrown into chaos until the system was restored and fixed.İ All it would take is one or two good hackers and such a plan could be put in place.İ With Bin Ladenís money it should be easy to find people willing to perform such a task.
As we can now see
ìThe world is a smaller, more terrifying place, and much of that is thanks
to technology. It's frighteningly easy for one person, or a relatively small
group of people, to cause destruction, chaos, misery, and confusion from ten
thousand miles away. The terrorists involved almost certainly used email and
cell phones extensively; they may also have used
instant messaging, faxes, and even messages hidden in pornographic images posted on Usenet.î(
Dylan Tweney)İ As
with any new technology if it falls into the wrong hands it can cause harm.İ The use of digital communications has made
it far quicker for terrorists to send messages back and forth.İ It has also made the communications far more
secure and harder for lawmakers to detect and decipher. Things that might
seem innocent from the outside such as a chat room can become a menacing tool
in the arsenal of terroristsí worldwide.İ
The use of hidden messages in images is another relatively new technology. Itís almost impossible to detect and can be posted right in front of the lawmakersí noses.İ This technology is called steganography. ìSteganography is, in broad terms, embedding covert communications within seemingly innocuous communications. Only persons who have knowledge of the embedded information and possess a ëkeyí will be able to decode and view the information.î (Stephen Lau) ìİ It might even be possible for the videos released from Bin Laden and the Taliban to have been run through a computer, thus encoding information into the frames of the video.İ Video cameras film at 24 or more frames a second; imagine the sheer amounts of data that could be stored in just a minute of footage. The distribution channels would also be free and widespread as well.İ All terrorists would need is a computer with the proper equipment and the key to unlock the encrypted data in the frames.İ This might be a stretch for todayís technology but it is not out of the possibility for the near future.İ This might also be why Washington studies all propaganda and videos released before public airing.İİİ
Though this technology is new, itís more than reasonable to think that terrorists are using it.İ Itís the next level of encryption, with pretty good protection (pgp) encryption you know a document is encrypted but with steganography you do not really know if a document exists within the picture.İ This makes it harder to detect, and if for some reason they do detect it, law enforcement would have a hard time decoding it.İ With the thousands of image archival sites on the Internet terrorists have thousands of places to secretly dump the plans for their next attack, and law enforcement would be none the wiser.
ìWe do know that Osama Bin Laden, who has been invoked as a suspect, was a sophisticated consumer of crypto technology. In the recent trial over the bombing of the Libyan embassy, prosecutors introduced evidence that Bin Laden had mobile satellite phones that used strong crypto.î (Steven Levy)
İİİİİİİİİİİ
Terrorists could have also benefited from off-the-shelf planning and
simulation software.İ Programs that
could keep track of events and timelines would surely have made planning such
acts much easier.İ "They benefited
clearly from these technologies, such as simulation tools that allowed them
to learn how to fly an airplane.İ Their
training could have been as simple as using commercially available game simulations,
which would have been chancy but would have provided some level of expertise,
to actually having been trained on full-scale simulators."î(Dan Verton)İ It
is clear that the terrorists had to use flight simulation programs ìpossibly
Microsoft Flight Simulator, which includes detailed cockpit mockups as well
as the exact latitude and longitude of the World Trade Center.î (Dylan Tweney)
The terrorists of the September
11 bombing also had formal training at flight schools and on school simulators.İ
This would have given them the feel of the actual plane and controls
while the cheaper flight simulators could have been used for navigation practice.
One technology that terrorists are using quite extensively is encryption.İ Encryption is a way of coding messages so that only the intended reader can open the message.İ The computer will use special algorithms and keys known by both the sender and receiver to scramble the message.İ If someone intercepts the message, it will take lots of computing power to break the encryption and read the message.İ Terrorists surely use this to protect themselves on the Internet.İ Encryption used in business is getting stronger and stronger and its availability is very widespread.İ Western governments have put export restrictions on most forms of encryption, but most can be had from a pirate site without signing waivers stating that you are from an ìallowedî country.
ìExperts say that terrorists
have made a practice of putting encrypted messages, including maps of targets,
inside seemingly innocent Internet chat rooms, bulletin boards and other Web
sites. The same advantages the Internet and advanced technology
bring to the general public and to business speed, security and global linkage
are helping international terrorist groups organize their deadly and disruptive
activities.İ The Internet and e-mail
provide the perfect vehicles for these groups to communicate with each other,
to spread their message, to raise money and to launch cyber attacks.î(
Jay Lyman)
It would
be a trivial matter for a well funded terrorist group to set up a website
to recruit new operatives as well as collect funds via an online credit card
system.İ Such a site would be able
to reach a much larger audience and spread the word faster and far cheaper
then the methods of the past.İ It could
also be a place to dump images with hidden messages in plain sight.İ With freedom of speech laws, it would be almost
impossible to force removal of such a site.İ It would be even harder to disable if it was physically located
outside the U.S.
Just as instant messaging is popular with the everyday person here in America, it can be just as popular and even more important for terrorists.İ Terrorists can secure a private chat room and plan attacks around the world.İ Many different terror cells can plan a joint strike with ease and all be located physically in different countries.İ Americans were stunned with the planning of the September 11 tragedy, but in the future we could have multiple targets in multiple countries being hit in rapid succession.
ìIf you move beyond
the Web, terrorist organizations do use information technology as a very viable
and secure communication mechanism. The Web could help facilitate attacks
by terrorist groups on not only the Internet economy, but on power, transportation
and other systems that rely on information that is linked to the Web. Despite
their ongoing efforts to cripple parts of the Web, disrupt infrastructure
systems such as electrical power or steal money and information from government
and businesses, terrorists have a vested interest in keeping the Internet
working.î (Jay Lyman)
ìTerrorists are using the Internet more than they are attacking it. At least 12 of the 30 groups on the State Department's list of designated foreign terrorist organizations maintain Web sites on the Internet. While U.S. officials believe that some terrorists use encrypted e-mail to plan acts of terrorism, most groups appear to use the Internet to spread their propaganda.î(Anti-Defamation League)
The Internet is just the door to private networks where the
real trouble can begin.İ Companies
or governments that do not take security measures are very vulnerable to attack.İ
If the defenses of a company are broken and a terrorist does happen
to gain access.İ Then the company is at the mercy of the terrorist.İ
Suppose a large drug company is compromised, the hacker goes unnoticed
and learns the companyís system.İ He or she finds the systems that control the
chemical reactors that are used in the production of a popular over-the-counter
drug.İ The hacker then changes the
ingredients so that the final product is toxic and deadly.İ Now the terrorist has used the company to further
its terror.İ The product will be sold
through its normal distribution channels and people will consume the drug
thinking itís safe.İ After people start
dying the group reveals that it is responsible and claims a small victory
for their cause.İ ìThe fear
surrounding cyberterrorism is that terrorists and other criminals could attack
and penetrate our nation's critical infrastructure computer systems and endanger
human lives by disrupting military networks, emergency medical services, land
and air transportation systems, telecommunications and utilities. Cyberterrorists
could also cause chaos and anarchy by attacking banking and other financial
computer networks.î(Anti-Defamation League)
ììWhile law enforcement
officials are aware of terrorists' use of the Internet, they cannot monitor
Web sites for both logistical and legal reasons,î according to spokesperson
Steve Berry of the U.S. Federal Bureau of Investigations' National Infrastructure
Protection Center.İ The rapid advancement
of technology makes it hard to fight terrorists, who, experts agree, are adept
at using the Internet and other advanced technology. Bin Laden's al Qaieda
and other terrorist groups have reportedly used encryption programs that are
available free on the Web, as well more powerful anti-spy software purchased
on the open market.î( Jay Lyman)
ìTerrorism and
the Internet are related in two ways. First, the Internet has become a forum
for terrorist groups and individual terrorists both to spread their messages
of hate and violence and to communicate with one another and with sympathizers.
(Anti-Defamation League)
We have no real way of enforcing
law on the Internet because obviously it has no borders.İ We can, however, make systems more secure and
force the removal of pages that have content that could be dangerous to national
security.İ The government could also
ask the popular Internet providers to filter out certain sites that support
terrorists or their cause.İ It would
require people giving up some freedom of speech but most would agree that
national security is more important than having access to The Anarchistís
Cookbook. It would be a simple matter to block the international sites
that support terrorism, raise money for terrorism or recruit members.İ This could be as simple as changing a rule
set on a firewall.
ììAl-Qaida terrorists may have been using data gleaned from the Internet about insecticides and pest-control products to prepare for new attacks involving American dams and water-supply systems,î the FBI said. Investigators said law-enforcement and intelligence agencies also received indications that al-Qaida terrorists have sought information on automated systems, called supervisory control and data acquisition networks, controlling water supplies and wastewater facilities in the United States and overseas.î (Ted Bridis)İ Think of the chaos that could be caused if a terrorist group seized control of an air traffic control system or some type of system at an automated food processing plant.İ The risks are real and out there, we have to prepare ourselves and implement technologies such as intrusion detection systems and hardened firewalls. An intrusion detection system is a device on a computer network that actively monitors the entire network and looks for suspicious activities.İ Activity that would only take place if the network or machines were compromised by some outside person. An example of this would be a port scan of a machine, this is when a hacker scans to see if certain ports on a machine are open for attack.İ An Intrusion detection system would recognize the port scan as malicious activity and notify an administrator or take some type of counter measure. A firewall is a companyís first defense against cyber break-ins.İ It is a device that only allows ìgoodî traffic on the network
İİİİİİİİİİİ Technology is used by Bin Ladenís forces but Bin Laden himself uses very little of it. ìInstead, he has fallen back on ancient methods of communication, denying U.S. and its allies the chance to track electronic footprints, satellite signals or even the radiation emissions from cellular phones.î (Sharon Gaudin) It is possible for the U.S. to triangulate the location of any transmitter used by Bin Laden and send a bomb or missile to that location.İ This is why Bin Laden himself does not use cell phone or satellite phone technology.İ ìU.S. forces have not yet ferreted Bin Laden and some of his lieutenants out of hiding. Security analysts and former military personnel say the top members of Al Qaeda, who are well-educated and skilled, know where high-tech tools will help the cause and are paranoid enough to distance themselves personally.î(Sharon Gaudin) This is because most terrorists know the capabilities of the U.S. military.İ They know the use of a cell phone or satellite phone can be used to guide a bomb right to them.İİ
İìFor years, experts have been warning of the increased threat from terrorists' use of commercial IT tools, such as powerful encryption software, cell phones, Web pages and steganographic images. However, experts also say that the events of September 11 point to a combination of traditional, non technical coordination and detailed knowledge of how to avoid detection by U.S. intelligence surveillance systems.î (Dan Verton)İ With Web anonomizers and other similar technologies terrorists can plan and browse suspicious sites without fear of detection. A Web anonomiser is a site that will allow you to browse other sites without fear of detection or being watched.İ The technology was originally for people that wanted to browse sites in the office that were of a risquÈ nature, but the technology can be used for other, more sinister purposes.
İİİİİİİİİİİ ìAttacking computer systems
rather than physical targets has several advantages for terrorist groups,
These attacks would cause economic damage while allowing less chance of capture
than planting a bomb, they could generate good publicity, the skills needed
for the attack can be bought from hackers, and the threat of these attacks
could be used to extort money from potential victims,î(Douglas
Hayward) Hacking into a system is much cheaper then a conventional war, with
much less loss of life for the terrorists.İ
It is cheap to get started and can have a devastating effect on the
enemy.İ Another advantage is that the
terrorists do not even have to be in the country when they execute the attack.İ
The attack can take place next-door or around the world.İ
Most of the time it will be days or weeks until the administrators
at an attacked site know the system has been compromised.İ
Once in the terrorists can snoop and learn about the systems or technologies
they are interested in.İ All that a
terrorist would need is a hacker willing to work for money and a plan.İ
With enough money a hacker would be more than willing to risk imprisonment
and a sentence of treason to pull off a job.
ìIslamic militant organizations also use the Internet
to disseminate their anti-Western, anti-Israel propaganda. Several Internet
sites created by Hamas supporters, for example, carry the organization's charter
and its political and military communiquÈs, some of which openly call for
and extol the murder of Jews. Still others use the Internet to raise funds;
Hezbollah, for example, the pro-Iranian Shiite terrorist organization based
in south Lebanon, sells books and publications through its Web site.î(Anti-Defamation
League)İ The message of hate can be spread electronically
with an ease that was never before possible.İ Money can be collected from sites setup to
take donations to support the terroristsí cause.İ Plans can be made on-line and sent to operatives around the world
in e-mail or pictures.İ The Internet
has many roles in terrorism today and getting the word out to people is just
one of them.
It is quite clear from recent events that terrorists
are using Western technology to help plan and implement many of their attacks.İ
Looking at September 11 alone we can see just how much technology was
used.İ From the aircraft to the communication network needed to plan and
coordinate actions from different locations around the country simultaneously.İ
If we do not start protecting our vital government and commercial links
the western world will have a long and hard fight ahead.İ
It has become clear that even though most Middle Eastern terrorists
do not like technology, they do in fact use it with frightening efficiency.İ In the future as more companies go on-line, opportunities will open
up for all new terrorist attacks.İ The
companies of the future will need to be ever vigilant when it comes to network
and computer security, because no one who knows what could think up next.İİ
References
Afghan Wireless Communication Company ‚ Main page,
(n.d.)
İİİİİİİİİİİ Retrieved March 1, 2002,
from http://www.afghanwireless.com/
Anti-Defamation League,
(1998) Terrorist Activities on the Internet
İİİİİİİİİİİ Retrieved March 1, 2002,
from http://www.adl.org/Terror/focus/16_focus_a.html
Ted Bridis, (2002) Terrorists
used Interned to research new attacks, FBI says
İİİİİİİİİİİ Retrievec March 1, 2002,
from http://www.nando.net/technology/story/234164p-2247860c.html
Center For Nonproliferation
Studies ‚ Afganistan. (n.d.)
İİİİİİİİİİİ Retrieved March 1, 2002,
from http://cns.miis.edu/research/wtc01/afghan.htm
Chapman, Brent and Zwicky, Elizabeth
İİİİİİİİİİİ Building Internet Firewalls.
İİİİİİİİİİİ New York: OíReilly. 1995.
Costello, Andrea. Personal interview. Apr. 2002.
"Terrorism" EncyclopÊdia Britannica
İİİİİİİİİİİ
Retrieved March 1, 2002, fromİİİİ <http://www.britannica.com/eb/article?query=terrorism&eu=73664&tocid=217761
Frankel Lory. Personal interview. Apr. 2002.
Sharon Gaudin, (2001)
The terrorist network
İİİİİİİİİİİ Retrieved March 1, 2002,
from http://www.nwfusion.com/research/2001/1126featside4.html
Douglas Hayward, (1997)
Terrorists Target The Net
İİİİİİİİİİİ Retrieved March 1, 2002,
from http://content.techweb.com/wire/news/may/0508terror.html
Hunt, Craig
İİİİİİİİİİİ TCP/IP Network Administration
İİİİİİİİİİİ New York: OíReilly. 1998.
Stephen Lau, (2001)
An Analysis of Terrorist Groupsí Potential Use of Electronic Steganography
İİİİİİİİİİİ Retrieved March 1, 2002,
from http://rr.sans.org/steg/terrorist.php
Steven Levy,(2001) Did
Encryption Empower These Terrorists?
İİİİİİİİİİİ Retrieved March 1, 2002,
from http://www.msnbc.com/news/627390.asp?0si=-&cp1=1#BODY
Jay Lyman, (2001) How
Terrorists Use the Internet
İİİİİİİİİİİ Retrieved March 1, 2002,
from http://www.newsfactor.com/perl/story/7731.html
Maneely Ken. Personal interview.İ Apr. 2002.
The Terror Research
Center
İİİİİİİİİİİ Retrieved March 1, 2002, from http://www.terrorism.com/index.shtml
Thor, Joseph. Personal interview.İ Apr. 2002.
Dylan Tweney,(2001).
Terror Technology
İİİİİİİİİİİ Retrieved March 1, 2002,
from http://www.tweney.com/2001/0918terror.htm
Dan Verton,(2001) Terrorists
use high-tech tools, low-tech tactics
İİİİİİİİİİİ Computerworld, Retrieved
March, 1, 2002, from http://www.computerworld.com/cwi/story/0,1199,NAV47_STO63768,00.html
Ziegler, Robert
İİİİİİİİİİİ Linux Firewalls
İİİİİİİİİİİ Indiana: New Riders. 2000.