by A. Aaron Weisburd
There is no problem that cannot instead be viewed as an opportunity. The "problem" of radical Islamist use of the Internet is a case in point.
The following observations are in response to comments made in the Washington Post "e-Qaida" project, one which was long on discussion of problems and largely devoid of discussion of solutions.
With laptops and DVDs, in secret hide-outs and at Internet cafes, young code-writing jihadists have sought to replicate training, communication, planning and preaching facilities they lost in Afghanistan with new locations on the Internet.There are only a handful of jihadis out there with code-writing skills, and many of them know just enough to get them and their buddies in trouble. It is, for example, questionable wisdom to use Visual Basic to develop an encryption program that is supposed to enable secure communications among jihadists. The software won't stand up to the likes of the NSA, and the fact that you even tried to develop or use it makes you a target.
To the extent that Islamists use internet cafes, they are exposing themselves not only to online surveillance but also to good old-fashioned physical surveillance, since internet cafes are by definition public places. These businesses have owners who may find it in their best interest to cooperate with law enforcement.
"The Internet is the ideal medium for terrorism today: anonymous but pervasive," RAND Corp. terrorism expert Bruce Hoffman said.Pervasive, yes. Anonymous? Not nearly as anonymous as such statements suggest. To the extent that there is any anonymity on the internet, this is something that can be exploited by those of us in the business of tracking down and taking out the bad guys. The bad guys are in a Catch-22: they want to hide while at the same time they want to share data and interact with their fellow jihadis.
They can't do both.
The good guys only need to hide the fact that they are investigators, agents, spies. They have a much better chance of succeeding, since the bad guys can only do so much to find out who someone really is. The bad guys cannot, for example, compel a service provider to hand over log files.
Al-Qaida suicide bombers and ambush units in Iraq depend on the Web for training and tactical support, relying on the Internet's anonymity and flexibility to operate with near impunity in cyberspace.There is no consensus regarding either the value or the degree of reliance upon online jihad training. Using internet instructions to learn how to make TATP is a singularly Bad Idea™.
As for the second part of the statement, I have already addressed the issue of anonymity, and noted that to the extent it exists it cuts both ways. More importantly, Jihadis are able to use the internet with impunity only to the extent that they are allowed to do so. There are a broad range of actions that can be undertaken to combat jihadist use of the internet - by military, intelligence, police and prosecutors, non-governmental organizations and civilians. The biggest single impediment is not a lack of laws, or of personnel, or of language skills or of technical know-how. It is the lack of will and the vision to see the broad range of opportunities for action that jihadist use of the internet presents.
Attitude is everything.
Western terrorism specialists have concluded that the "global jihad movement," sometimes led by al-Qaida fugitives but increasingly made up of diverse "groups and ad hoc cells," has become a "Web-directed" phenomenon, as State Department terrorism expert Dennis Pluchinsky put it.
No argument from me on this count. Pluchinsky "gets it". Jihadist command and control consists of agenda-setting, then letting independent cells take action based on that agenda.
Less often, one sees genuine signals being given to undertake action against a particular target. This is rare, and the signals are quite subtle and easy to miss until after the fact. That is why a focus on the content of jihadist speech is, while not a waste of time, not likely to actually prevent any terrorist attack from occurring. What is needed is a feel for the rhythm of the message, the timing, and an acute sense of the regular patterns of online behavior. That is an art, not a science, and it requires experience, familiarity with the subject, and a knowledge of the language being used.
Hampered by the nature of the Internet, the government has proved ineffective at blocking this online presence.
It might be more accurate to say "Hampered by the nature of governments..."
This is not only, or even particularly, an "American" problem. The enemy is global. The jihad they are waging is global. And it is governments (plural), non-governmental agencies (plural), and civilians (plural) who need to stand up and confront this global menace using a wide variety of tactics (plural).
Allow me to use Internet Haganah as one example:
The Internet Haganah website's readership is 40% North American and 60% European and Middle Eastern, and the Middle Eastern audience includes more than just Israelis.
Between Internet Haganah and the Society for Internet Research we represent in action a broad range of tactics, only one of which involves encouraging civilians to contact service providers to shut down websites. 90% of our time is spent conducting research, engaging in psyops, infiltrating and monitoring the online activities of organizations and individual jihadis, and facilitating investigations, the latter being something we are uniquely positioned to do since we are non-governmental and have our own agents in Europe, North America, the Middle East and Asia.
Further, realizing that fixed Internet sites are vulnerable, al-Qaida is turning more to bulletin boards and Internet sites that offer free upload services where files could be stored.Whether this is a problem or an opportunity has nothing to do with the internet and everything to do with your attitude. If you want to lose, this is a problem. If you want to win, this presents multiple opportunities.
The difference between fixed, non-interactive sites, and bulletin boards or forums, for our purposes, is that with non-interactive sites all we know is that someone is reading the site. On a forum the user has the opportunity to speak in his own voice, revealing how he views the world and what his allegiances are.
For our part we can use this feature to separate out the leaders from the followers, the wannabes from the active-duty jihadis, and so on. That gives us the opportunity to conduct investigations and devote limited resources in a more targeted way. The importance of exploiting the internet as a means of "early detection" of future terrorists cannot be over-estimated. Today he's "Abou Zubaida" and he is posting on a forum. The next time you see him he may be on a train with a backpack that is about to explode.
The difference between a file being uploaded to one server, and the same file being uploaded to ten servers is this:
Now you have ten chances to get a fix on the guy uploading the file, instead of just one chance. I don't know about you, but I like those odds. Mr. Jihadi has to be careful and/or lucky, every time. I only have to be lucky one time and I've got him. If cases are broken open because an investigator "caught a break", then make more breaks, shake things up, keep the bad guys talking and moving and making sites and uploading files, because every move they make is an opportunity for us get track them down and take them out.
Jihadists seek to overcome in cyberspace specific obstacles they face from armies and police forces in the physical world. In planning attacks, radical operatives are often at risk when they congregate at a mosque or cross a border with false documents. They are safer working on the Web.If they are safer on the web that is because we are not trying hard enough.
There is an element of truth here, in that they can use the net to store important data. On the other hand, now you don't need to get your hands on their laptop in order to read their files. You just need to find the files online.
Suppose Mr. Jihadi leaves Sudan with a clean laptop, and checks into a hotel in Toronto only to discover that his online stash of files is gone, replaced by a Little Blue AK on some Jew's website. He's out of luck. To deal with that possibility he has to upload his files to multiple locations, and that means we have multiple opportunities to find his files instead of just one. As for what can be done once you find those files, suffice it to say that getting them removed is the least interesting of the options available. Use your imagination...
The number of jihadist-related Web sites has metastasized since Sept. 11, 2001. When Gabriel Weimann, a professor at the University of Haifa in Israel, began tracking terrorist-related Web sites eight years ago, he found 12; today, he tracks more than 4,500.
I don't mean this as criticism of Gabriel Weimann but rather of the article in which he is quoted. The gross number of websites is fairly meaningless. There are at any given time maybe a dozen really high-quality jihadist forums, and everything else either links into or is linked out to from them.
Jihadis will post lists of hundreds of free upload sites that can be used to share files, but particular jihadis will only use a handful of them over and over again.
Being sneaky is hard work, and if aggressive measures cause jihadis to work harder and be more sneaky, the end result is more opportunities for them to slip up and for us to catch them when they do.
Conclusion
While there are many options for countering jihadist use of the internet, not all those options are available to or appropriate for everyone. Neither is any one option or tactic appropriate for use against every website or every online Islamist. In the most general terms, you can take sites down or set sites up, build trust or sow distrust, monitor communications or disrupt communications, and that doesn't even begin to address all the opportunities for black ops, covert action, or the use of paramilitary or military forces.
Posted on 23 August 2005 @ 11:40