[iwar] news
From: Fred Cohen
To: Information Warfare Mailing List
From: fc@all.net
To: iwar@onelist.com
Sun, 11 Feb 2001 13:11:27 -0800 (PST)
fc Sun Feb 11 13:12:08 2001
Received: from 207.222.214.225
by localhost with POP3 (fetchmail-5.1.0)
for fc@localhost (single-drop); Sun, 11 Feb 2001 13:12:07 -0800 (PST)
Received: by multi33.netcomi.com for fc
(with Netcom Interactive pop3d (v1.21.1 1998/05/07) Sun Feb 11 21:12:02 2001)
X-From_: fc@all.net Sun Feb 11 15:11:31 2001
Received: from mv.egroups.com (mv.egroups.com [208.50.144.81])
by multi33.netcomi.com (8.9.3/8.9.3) with SMTP id PAA05315
for ; Sun, 11 Feb 2001 15:11:29 -0600
X-eGroups-Return: sentto-279987-917-981925893-fc=all.net@returns.onelist.com
Received: from [10.1.4.55] by mv.egroups.com with NNFMP; 11 Feb 2001 21:11:33 -0000
X-Sender: fc@all.net
X-Apparently-To: iwar@onelist.com
Received: (EGP: mail-7_0_3); 11 Feb 2001 21:11:32 -0000
Received: (qmail 84251 invoked from network); 11 Feb 2001 21:11:32 -0000
Received: from unknown (10.1.10.26) by l9.egroups.com with QMQP; 11 Feb 2001 21:11:32 -0000
Received: from unknown (HELO all.net) (65.0.156.78) by mta1 with SMTP; 11 Feb 2001 21:11:31 -0000
Received: (from fc@localhost) by all.net (8.9.3/8.7.3) id NAA26996 for iwar@onelist.com; Sun, 11 Feb 2001 13:11:27 -0800
Message-Id: <200102112111.NAA26996@all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
X-Mailer: don't even ask
X-Mailer: ELM [version 2.5 PL1]
From: Fred Cohen
MIME-Version: 1.0
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe:
Date: Sun, 11 Feb 2001 13:11:27 -0800 (PST)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] news
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
TERRORISTS TAKING UP CYBERSPACE
Part A; Part 1; Page 1; Financial Desk
Copyright 2001 / Los Angeles Times
February 8, 2001, Thursday, Home Edition
A car bomb shattered storefronts in Netanya, a seaside resort town in
northern Israel, and wounded 60 diners and shoppers on the evening of
Jan. 1. There was one fatality--the bomber himself.
The group behind this blast didn't call a TV station to claim credit.
Instead Hamas, the Palestinian organization that sponsors acts of terror
against Israel, posted a note on its Web site.
It turns out that the Internet--inexpensive, open and accessible at any
time from anywhere--is an ideal tool for terrorists.
Scores of guerrilla armies and political factions locked in holy wars
and liberation struggles flock to the Net to send messages undiluted by
the press and untouched by government censors. Hezbollah and Hamas in
the Middle East, guerrillas with the Maoist group Shining Path of Peru
and revolutionaries across Europe and Asia operate their own Internet
sites. The most popular terrorist sites draw tens of thousands of
visitors each month.
Hamas' Web site presents political cartoons, streaming video clips and
photo montages depicting the violent deaths of Palestinian children.
The Armed Islamic Group, a fundamentalist sect warring with the Algerian
government, posted a detailed bomb-making manual. The online home of
the Tamil Tigers, a liberation army in Sri Lanka best known for the 1991
assassination of former Indian Prime Minister Rajiv Gandhi, offers
position papers, daily news and peddles free e-mail services. Other
terrorist sites post electronic bulletin boards, tips on smuggling money
to finance their operations and automated registration for e-mail alerts
to foment revolt.
"This is almost a revolutionary change in terrorism," said Bruce
Hoffman, director of the Washington office of Rand Corp., a Santa
Monica-based policy research firm. "In the past, terrorists had to
communicate through an act of violence and hope that the communique
would effectively explain their ideological justification or their
fundamental position," Hoffman said.
Experts still are unclear whether the ability to communicate online
worldwide is prompting an increase or a decrease in terrorist acts. But
they agree that online activities substantially improve the ability of
such terrorist groups to raise funds, lure new faithful and reach a mass
audience.
"There is a tendency to think that these people are not computer savvy,
that they run around with AK-47s and that's about it," said Ben Venzke,
an intelligence researcher at IDefense, a Fairfax, Va., computer
security company. But the Internet "is the perfect vehicle for them to
generate support."
Yet the federal government has lagged in responding to this surge of
terror groups online. "I give us a 'C-minus' in following these
issues," said a U.S. counter-terrorism official who requested
anonymity. "We're still trying to get our arms around exactly what
we're dealing with."
Terrorists rarely rely on their Web sites to communicate within their
groups. More commonly, they use encrypted--or digitally
scrambled--e-mail, according to the FBI. But even that method is widely
distrusted.
"The FBI has developed a system to intercept and read e-mail . The
British intelligence agency MI-5 and Scotland Yard have developed
similar programs," said Isaac Velazco Fuertes, Web manager for Peru's
Tupac Amaru Revolutionary Movement, in an interview from Germany, where
the group's main Web site is based. "We believe that to communicate
among members using our Web sites or e-mail is to be exposed."
To solve the problem, some terrorists place seemingly innocuous messages
that contain coded instructions on outsiders' Web site bulletin boards.
Others hide messages within digital images. Islamic extremists,
including some connected to Osama bin Laden--the accused mastermind of
the deadly bombings of U.S. embassies in Tanzania and Kenya in
1998--embed encrypted messages within pornography, then post such images
on public Web sites. The intended recipients download the images, then
extract and decrypt the messages.
"The value of this technique is that much like a classified ad," Venzke
said, "the sender doesn't even need to know who the recipient is."
Terrorist Web sites have become important enough to become targets.
Since the Palestinian uprising last fall, Israeli hackers have
repeatedly struck the Web sites of Hezbollah, a Lebanese-based Islamic
group behind the 1983 suicide truck bombing of the U.S. Embassy and
military barracks in Beirut.
Hackers replaced Hezbollah's Web logo, a raised fist clenched around an
automatic weapon, with photos of Israelis captured by Hezbollah set
against a field of waving Israeli flags.
"You can see logically why the Internet is important to us--the other
side is trying to do everything to stop our efforts," said Malik
Hussein, a Hezbollah member who founded the group's collection of Web
sites five years ago. Speaking by phone from Beirut, Hussein noted that
Israeli hackers knocked his service offline for 16 hours in December and
wiped clean the host computers' storage drives.
For their part, pro-Palestinian hackers temporarily overwhelmed the Web
sites of Israel's army, foreign ministry and parliament with a torrent
of electronic demands. Scores of Israeli and Palestinian Web sites have
been vandalized.
Pakistani and Indian computer hackers have done the same in response to
the bloody conflict between those nations over Kashmir.
"When tensions arise on the ground, you see a parallel rise of activity
in cyberspace," said Venzke, who recently completed a report on the Web
wars for commercial clients.
And no matter how much a group may revile the United States, most
factions translate their sites into English, the Web's lingua franca.
"You can't work on the Internet if you don't know English very well,"
said Hezbollah's Hussein, who was educated in Europe and is fluent in
English.
American firms also play a significant role in back-office support for
some terrorist sites, according to Internet-address registration
records.
At least a dozen terrorist sites use American Internet providers, such
as Trumbull, Conn.-based OLM (Hamas and the Tamil Tigers); and LanMinds
in Berkeley (Mojahedin-e Khalq, an Iranian leftist group involved in the
1979 takeover of the U.S. Embassy there and which now fights the
nation's clerical regime).
A UC San Diego student group maintains the "Burn!" Web site that hosts
offerings from a wide range of radical-left organizations, including an
English-language version of the Tupac Amaru site. The Peruvian
guerrillas are one of 29 groups officially designated on the U.S. State
Department's foreign terrorist list. Tupac Amaru seized the Japanese
Embassy in Lima in 1996, taking more than 400 hostages. A UCSD
spokesperson said the university neither endorses nor censors the site,
which operates on UC computers.
And until recently Interland Inc., a medium-size Internet service
provider in Atlanta, hosted several Hezbollah Web sites. The company
said it terminated contracts with three Hezbollah sites in December and
January for unspecified violations of its usage agreement. Hezbollah
then switched to a Lebanese provider.
The company also hosts the Web site for the U.N. mission addressing the
Taliban regime, Islamic fundamentalists who rule most of Afghanistan.
The Taliban was severely sanctioned in January by the U.N. for
harboring terrorists, including Bin Laden.
Many terrorist sites seem to preach to the converted, but others build
surprisingly diverse audiences. Hezbollah claims 40,000 visitors per
month to its sites--a paltry showing compared with the 50-million-plus
on Yahoo or America Online. But they have proved influential. In one
case,541615482oners swap. Israel only reported the return of one
soldier's body, although the remains of two others also were returned.
The army secretly buried the remains.
"Only after Israel learned that the Hezbollah planned to and ultimately
did post the information on its Internet site did the Israeli military
decide to pass the information on to the two families," the Israeli
newspaper Ha'aretz reported. A scandal ensued.
Last summer, Israelis seeking information on the fighting in southern
Lebanon looked to Hezbollah Web sites for news or images of casualties
that may not have appeared in the Israeli press due to military
censorship, Hoffman said.
Given the violence by many national governments against political
opponents, the definition of "terrorist" can be murky. In the United
States, Web sites are protected by the 1st Amendment. The FBI does not
track visitors to the sites or monitor content unless it is
investigating a specific illegal activity, a spokesman said. But U.S.
law does prohibit fund-raising by groups on the State Department list of
foreign terrorists.
One organization that apparently fell afoul of that rule recently was
the Brooklyn, N.Y.-based Hatikva Jewish Identity Center. That group
operates http://www.kahane.org, named for the anti-Arab extremist Rabbi
Meir Kahane, who was slain a decade ago. Two organizations Kahane or
his supporters founded, Kach and Kahane Chai, were placed on the State
Department list after a Kach member massacred 48 worshipers at a West
Bank mosque in 1994. Kahane.org calls for the expulsion of all Arabs
from Israel and solicits donations for its work.
On Jan. 4, the FBI raided Hatikva and carried away computers and
documents. Hatikva views the raid as an effort to establish links
between it and Kach and Kahane Chai. "I can tell from the search
warrant . . . that they are clearly trying to frighten anyone from
contributing funds," said Mike Guzovsky, a Hatikva official, in a
recording posted on the Web site.
Some terrorist groups rely on supporters to raise funds online.
One such fund-raiser is Azzam Publications in London. Azzam operates a
site dedicated to worldwide jihad and its site steers funds to the
Taliban in Afghanistan and to allied guerrillas fighting the Russians in
Chechnya.
Taliban's assets abroad have been frozen by U.N. mandate. But the
Azzam site states, "An appeal for cash donations is especially urgent"
and advises the personal delivery of U.S. currency to the Taliban
consul-general in Karachi, Pakistan, and suggests a $ 20,000 minimum
donation.
"It is probably advisable to send one or two trustworthy, young, strong,
fit Muslims with the delegation for protection of the money and the
delegation," the instructions caution, suggesting ways to dodge nosy
airport officials. "Under no circumstances should you hand over the
money to anyone at the consulate other than the consul-general."
Possibly the most accomplished Internet fund-raiser is Lashkar-e-Taiba
("Army of the Pure"), a Taliban ally that maintains a guerrilla army
battling the Indian military for control over the Kashmir region
bordering Pakistan.
Lashkar-e-Taiba's sophisticated Web site offers Arabic, Urdu and English
versions, attractive illustrations and easy pull-down menus that
resemble Microsoft Windows.
The site describes how the Mujahideen-e-Lashkar-e-Taiba is fighting the
"oppressive Hindu Army in the snow covered valleys, mountains and
jungles of Kashmir. These Mujahideen best deserve your charity ." The
site directs donations to a bank in Pakistan; the bank's phone and the
account number are conveniently provided for wire transfers.
Their effort has been so successful that Lashkar-e-Taiba may soon become
the envy of like-minded groups that have discovered the Internet.
Lashkar-e-Taiba is reportedly planning to open its own bank.
Times staff writer Mary Curtius in Jerusalem contributed to this report.
--
Fred Cohen at Sandia National Laboratories at tel:925-294-2087 fax:925-294-1225
Fred Cohen & Associates: http://all.net - fc@all.net - tel/fax:925-454-0171
Fred Cohen - Practitioner in Residence - The University of New Haven
This communication is confidential to the parties it is intended to serve.
PGP keys: https://all.net/pgpkeys.html - Have a great day!!!
------------------------ Yahoo! Groups Sponsor ---------------------~-~>
eGroups is now Yahoo! Groups
Click here for more details
http://click.egroups.com/1/11231/1/_/595019/_/981925893/
---------------------------------------------------------------------_->
------------------
http://all.net/