Connect with us

Hi, what are you looking for?

Life

Tracking Terrorism

Published

It’s disquietingly easy to come across these snippets of information:

Item: Anonymous, pre-paid phone cards for mobile phones were banned in March by the Swiss Parliament. Why? Fears that al-Qaeda operatives were using them to make untraceable calls. “Pakistan’s intelligence agency has said that recent arrests of al-Qaeda members there followed calls traced by a team monitoring satellite and mobile phone conversations of terrorism suspects,” reported The New York Times.

Item: The digital memory bank of a cellphone and the hard drive of a computer were two big prizes in the capture of an al-Qaeda leader.

Item: Al-Qaeda’s forced departure from Afghanistan to Pakistan is viewed as a good thing by some of its members, because the Internet and phone service is so much better in Pakistan. They were making good use of public Internet cafés.

Item: Dzhokar Dudayev, a separatist leader in Chechnya, was assassinated in 1996 after Russian authorities used satellites and radio locating gear (provided by the United States) to pinpoint his position while he was using a satellite phone, and saturate it with rocket fire.

Item: Former BBC war correspondent, Kate Adie, made the startling claim that a Pentagon official warned her before the U.S. invasion of Iraq began that any satellite telephone or TV uplink signal detected out of, say, Baghdad, could be “targeted down,” or fired upon. And if it happened to belong to a journalist? “ ‘So what?’,” she quoted the official as saying.

They all point to the ubiquities of technology in our lives; how technology can be used for the lethal and the mundane (anyone who has heard someone loudly describing a tedious day at work on a crowded city bus can relate), how it provides a way to catch the bad guys, and how over-reliance on technology can fail.

First, the bad guys.

“The Internet has had as great an impact on Holy War, Inc. as many other concerns,” wrote Peter Bergen in his book Holy War, Inc: Inside the Secret World of Osama bin Laden. You can find al-Qaeda recruitment videos on the Internet, chat groups and get valuable tips on jihad training.

In those first jarring, traumatic days after Sept. 11, one thing that struck most people was how globalized al-Qaeda was, and how it had married modern communications technologies with its medieval interpretations of Islam. But the really scary thing about it was how amateurish they actually were while still managing to commit the most lethal terrorist attack of all time.

“They used their real names,” snorted Andrew Mitrovica, an award-winning journalist who has written extensively on security issues and is the author of Covert Entry, a muckraking look at the Canadian Security and Intelligence Service. “It seems that among the subjects taught at the al-Qaeda terrorist schools, operational security was not the big favourite. OPSEC (operational security) is doing what is needed to keep the enemy from finding out what you’re up to,” said military commentator James Dunnigan. His latest book is The Next War Zone: Confronting the Global Threat of Cyberterrorism.

Careless use of cellphones (which can be monitored by simple scanners) and e-mail were two of the biggest security blunders commonly committed by al-Qaeda members, who varied greatly in skill levels, Dunnigan said. Nor did they encrypt files on their various computers.

“[The] Al-Qaeda probably was unaware that there are a relatively small number of Internet protocol (IP) addresses in Pakistan, a favourite place for al-Qaeda to take care of their e-mail. If the U.S. was not checking every item coming out of Pakistani Internet connections before September 2001, it probably has been since.”

As an FYI, Pakistan had 55 IP addresses in 2002, according to a list prepared by iDEFENSE, a computer security firm. It’s possible some associates of the world’s most notorious terrorist organization haven’t learned much.

Computer security consultant Marcus Ranum almost choked when he heard about al-Qaeda people using public Internet cafés. “What makes them think they’re not being run by the (Pakistani) intelligence service?” he asked incredulously. For that matter, if he were in the Central Intelligence Agency, Ranum said he’d be getting into the Internet café business in Pakistan and otherwise putting keystroke logging software on every publicly accessible Pakistani computer he could.

Actually, the authorities are on that angle. Here’s a segment of a Time magazine story on shoe bomber Richard Reid, sentenced to life in prison: “Investigators are combing through the hard drives of computers in the (Paris) Internet cafés from which Reid e-mailed his contacts in Pakistan. They have discovered a ‘testament’ that Reid sent to his mother describing his ‘martyrdom to Islam.’ French sources say many of Reid’s e-mails were sent to an address in Peshawar, Pakistan, which they think provides postal-drop and forwarding services for al-Qaeda operatives in Europe.” Peshawar is on the border with Afghanistan and was a hotbed for espionage, weapons sales and smuggling in the Cold War period of the 1980s.

Let’s assume, for the sake of argument, that we’re dealing with diabolical terrorists of varying technological competence — Reid, it can be fairly argued, was a dunce. How does one find the bad people in the vast digital and analog sea of modern communications? Keep in mind there were an estimated 505 million e-mail addresses in 2002, and about 1.8 billion cellphones worldwide.

In Canada, that would fall under the purview of the RCMP, Canadian Security and Intelligence Service (CSIS) and the Communications Security Establishment (CSE). The American equivalents are agencies like the FBI, CIA and the National Security Agency. The CSE is primarily responsible for signals intelligence (SIGINT) from foreign sources. That means gathering signals from any number of sources: e-mail, phones, cellphones and so on. It’s part of an alliance with its British, American and Australian counterparts, said Wesley Wark, a security and intelligence specialist at the Munk Centre for International Studies at the University of Toronto.

Mitrovica said there are three basic ways that SIGINT works: by looking for topics, voice recognition and word spotting. This type of technology actually has some consumer applications, he said. “When you call directory assistance and (it asks) if you want a business number, and you say yes, that’s word spotting.”

The security services have software in place that looks for certain inflections and mannerisms in a voice that are associated with a particular person, “so they can literally pluck out Saddam Hussein’s voice from the electronic ether,” he said.

Dunnigan said the NSA had bin Laden’s satellite phone, and used to amuse themselves and visiting dignitaries by listening to his telephone conversations with his mother. But all that came to a halt when “some idiot at NSA bragged to journalists” that they were doing this. After that made it on CNN, bin Laden had expendable subordinates make calls for him, he said. Bin Laden’s whereabouts remain a big mystery today.

Whether he’s in northwest Pakistan or southeast Afghanistan, he’s operating in a military and intelligence-saturated zone. There’s likely heavy electronic surveillance, and you’d think any satellite phone signal detected in a remote mountain gulley there would be of immediate interest, considering the per capita annual income is about $1,200 per year (Canada’s is about 36 times greater).

But while the theory of the technology is impressive, the practice is somewhat different, said James Lewis, senior fellow and director with the Center for Strategic and International Studies in Washington. While he admitted the grunt-level al-Qaeda operatives weren’t very good at operational security, that didn’t hold true for higher-level ones. “(Bin Laden) knows people are looking for him and he’s had a lot of practice (at hiding).” And, simply put, “the technical systems can’t be everywhere all the time, and he has been good enough to exploit the gaps in coverage,” he said.

In addition, the systems that are in use now were designed to track things like Soviet aircraft carriers or monitor tank movements, not find individual persons. “Focusing down a little has been a challenge.”

Consider there might be 400 million signals out there at any one time, in 300 languages, in many different formats and with only sporadic output, and one can start to understand the limitations of SIGINT. Both Dunnigan and Lewis said there’s evidence that al-Qaeda is moving back to a “sneaker net” mode — having couriers transport disks instead of sending information electronically.

Extreme low-tech can successfully battle extreme high-tech, Wark said. “We’re back to the Renaissance condition…of having to intercept the messenger, which is how they did it in 15th and 16th century Europe. They laid in wait for the nascent postman, waylaid him in the highway, stole his mail, and took it back to their chanceries and tried to read the secret writing. And maybe that’s also what (agencies) are doing (as) part of the hunt for terrorists.”

Hmm…back to the future.

How to Avoid Being Spied On
Chances are you’re not a terrorist. Even so, you may have an interest in secure computing and communications, particularly if you’re in a business where you handle sensitive information. Here are a few pointers from James Lewis, senior fellow and director at the Center for Strategic and International Studies:

  • If you still have an analog cellphone, get a digital one.
  • Encrypt your data, both on your computer and when you transmit it.
  • If you have a wireless network, test its security.
  • Make sure you have some type of intrusion detection system and firewall installed over top of your network.

Computer security consultant Marcus Ranum chips in with one of his own: Don’t be lazy about creating passwords for logging on to your computer. For example, if you are Osama bin Laden, you might not want to use something like “the Taliban rocks” as your password. Use a random combination of alphabetical and numeric characters, at least seven in total.

In organizations, the biggest security risks often don’t come from system failure; instead, they come from human failure as people have been talked out of crucial information by devious intruders, he said.

Invading Privacy, or Police Protection?
Any talk of communications intelligence has to end with some Big Brother reference. But clearly, the work done by the Communications Security Establishment (CSE) in Canada, or the National Security Agency in the United States does carry the possibility of serious privacy violations. How concerned should we be about that?

Wesley Wark of the Munk Centre for International Studies at the University of Toronto thinks we’re in good hands. Investigative journalist Andrew Mitrovica isn’t so sanguine. Wark makes the following points:

  • There are laws constraining the CSE’s behaviour; it can’t intercept the communications of Canadians unless they are linked to overseas targets.
  • There is a cabinet minister (currently Defence Minister John McCallum) overseeing CSE who has to approve its activities, so there is political accountability.
  • There is an independent commissioner appointed by the government who is mandated to investigate CSE and ensure it is operating within the law.

Mitrovica noted that the commissioner was appointed after an official within the CSE broke her oath of silence and told of the conversations she had overheard of women talking with their gynecologists. That commissioner has a staff of two “and an office probably the size of my bathroom. And I don’t live in Buckingham Palace,” he said.
No judicial warrant is required for it to intercept communications. “That should send a chill down every Canadian’s spine.”

In comparison, if the police want to tap your phone, they must get a warrant and show reasonable and probable grounds for their request.

Wark said the theoretical possibility for abuse exists, but that has to be balanced against the reality that the CSE doesn’t have the resources to cast its net wide. “Intelligence really has bad press. People don’t understand what it does and they assume that any talk of intelligence is somehow a threat to civil liberties,” he said. But the track record of what they do “doesn’t support the public mythology that they are, in essence, George Orwell come to life.” In a post Sept. 11 world, our security might depend on intelligence services.

In this article:terrorists, Wtc
Written By

You may also like:

Oil prices sank after key producers said they would ramp up output more than expected next month Oil prices sank after key producers said they would ramp up output more than expected next month

Business

Asian markets drop as Trump’s tariff deadline looms

Most Asian markets fell Monday as countries fought to hammer out trade deals days before Donald Trump's tariff deadline.

16 hours ago
Different populations of chimpanzees showed varying behaviours Different populations of chimpanzees showed varying behaviours

Tech & Science

COVID-like measures can keep chimps safe from human diseases

Masking, distancing and quarantines keep chimpanzees safe from human disease, a new study shows.

11 hours ago
While the heftiest of Donald Trump's tariffs on Vietnam have been avoided, there are worries about the effect of the deal with regard to China While the heftiest of Donald Trump's tariffs on Vietnam have been avoided, there are worries about the effect of the deal with regard to China

World

Trump steps up pressure for deals as US tariff deadline nears

While the heftiest of Donald Trump's tariffs on Vietnam have been avoided, there are worries about the effect of the deal with regard to...

14 hours ago
Johnny Martin directing 'Off the Grid' Johnny Martin directing 'Off the Grid'

Entertainment

Johnny Martin talks about directing the action thriller ‘Off the Grid’

Filmmaker Johnny Martin chatted about directing the new action movie "Off the Grid," which was released on June 27th via Lionsgate.

7 hours ago