[iwar] [fc:How-Terrorists-Use-the-Internet]

From: Fred Cohen (fc@all.net)
Date: 2001-09-13 13:26:47
Next message: Fred Cohen: "[iwar] Possible mid-east cyber attacks"
Previous message: Fred Cohen: "[iwar] [fc:Palestinian-Authority-threatens-camera-crews-covering-celebrations]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200109132026.NAA17849@big.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Thu, 13 Sep 2001 13:26:47 -0700 (PDT)
Reply-To: iwar@yahoogroups.com
Subject: [iwar] [fc:How-Terrorists-Use-the-Internet]
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

How Terrorists Use the Internet

By Jay Lyman, www.NewsFactor.com, 9/13/2001
<a href="http://dailynews.yahoo.com/h/nf/20010912/tc/7731_1.html">http://dailynews.yahoo.com/h/nf/20010912/tc/7731_1.html>

The same advantages the Internet and advanced technology bring to the
general public and to business -- speed, security and global linkage --
are helping international terrorist groups organize their deadly and
disruptive activities.

"The Internet and e-mail provide the perfect vehicles for these groups
to communicate with each other, to spread their message, to raise money
and to launch cyberattacks," iDefense director of intelligence for
special projects Ben Venzke told NewsFactor Network.

A recent report from U.S. officials indicates that terrorists' use of
the Web for communication and coordination through the use of encrypted
messages is widespread, with numerous sites -- many of which are unaware
of the use to which they are being put -- serving as conduits for
terrorist conspiracies.

Government and private Internet security firms are doing their best to
keep up with the terrorists, but the task is made more difficult by
advancing technologies available to groups bent on targeting the U.S.
and its citizens, allies and businesses.

Terror Tool

Security officials in government and private industry agree that the Web
is heavily used by terrorists such as Osama bin Laden (news - web sites)
and other extremist groups, including Middle East terror organizations
Hezbollah and Hamas.

"Terrorists use the Web mostly for propaganda and for information
exchange," said Matthew Devost, founding director of the Terrorism
Research Center. "If you move beyond the Web, terrorist organizations do
use information technology as a very viable and secure communication
mechanism."

Devost told NewsFactor that despite the Internet's viability as an
economic medium, it has proven somewhat insecure for commercial
transactions.

He said the Web could help facilitate attacks by terrorist groups on not
only the Internet economy, but on power, transportation and other
systems that rely on information that is linked to the Web.

'No Limit'

Terrorists are beginning to use the Web in interesting ways, Vigilinx
director of intelligence Jerry Freese told NewsFactor.

"There's really no limit to it," Freese said. "Anywhere you can send an
e-mail with an audio or graphics file is fair game."

Freese, whose security company provides secure servers, intruder
detection and security audits, said terrorist cells around the world use
the Internet for scheduling, meeting and organizing.

"We see the Web as a terrorism-assistance tool that allows them to do
things in secrecy," he said, referring to encrypted messages. "The thing
is, it can originate from anywhere. The Web, of course, is ubiquitous."

Freese said steganography -- putting encrypted messages in electronic
files -- is widely used by terrorist groups. A recent government report
indicated that terrorists have been hiding pictures and maps of targets
in sports chat rooms, on pornographic bulletin boards and on Web sites.

Reliance on the Net

Despite their ongoing efforts to cripple parts of the Web, disrupt
infrastructure systems such as electrical power or steal money and
information from government and businesses, terrorists have a vested
interest in keeping the Internet working.

"It's a very good tool for them," Freese told NewsFactor, "so they don't
want to disrupt the flow of the Web; rather, they'll target specific
companies that are working with or are sympathetic to their enemies."

Rogue Rights

While law enforcement officials are aware of terrorists' use of the
Internet, they cannot monitor Web sites for both logistical and legal
reasons, according to spokesperson Steve Berry of the U.S. Federal
Bureau of Investigations' National Infrastructure Protection Center.

"However repugnant to our perception and to the general public and law
enforcement their Web site or use of it might be, that does not give us
the authority to block them," Berry told NewsFactor. "That's free
speech. That's the country we live in."

Venzke, whose company tracks Web-based threats for Fortune 500 companies
and government, said law enforcement is also limited by national culture
and geography. The Web offers entry into any country from anywhere, and
with so many points linked together, terrorist activity is often
impossible to track.

"How do you force an [Internet service provider] halfway around the
world, which may not be friendly to you to begin with, to shut down a
Web site?" Venzke asked.

Predicting Protection

The rapid advancement of technology makes it hard to fight terrorists,
who, experts agree, are adept at using the Internet and other advanced
technology. Bin Laden's al Qaida and other terrorist groups have
reportedly used encryption programs available free on the Web, as well
more powerful anti-spy software purchased on the open market.

The Terrorism Research Center's Devost said that despite a number of
valid efforts to combat terrorists, targeted countries and businesses
are not prepared.

"Most nations, and most companies, are not being diligent with regard to
addressing information security concerns and fortifying their security
posture," said Devost.

Counter Strike

Security experts claim they are getting better at detecting and decoding
terrorist communiques, but more awareness and information sharing is
needed.

"Right now, it's very hard to detect where these messages are coming
from and what their intent is," said Freese. "Information exchange is a
key issue here. We have a lot of repositories of information, but it
isn't shared. The government is trying to collate information from
private and government sources to coordinate defenses."

Devost agrees, adding that despite increased efforts to keep tabs on
terrorists, vulnerabilities are on the rise.

"Governments are making great progress in understanding the way these
groups are utilizing technology," Devost said, "[but] while we are
making progress, it is not enough."

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Secure your servers with 128-bit SSL encryption! Grab your copy of VeriSign's FREE Guide, "Securing Your Web
site for Business" and learn all about serious security. Get it Now!
http://us.click.yahoo.com/r0k.gC/oT7CAA/yigFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: Fred Cohen: "[iwar] Possible mid-east cyber attacks"
Previous message: Fred Cohen: "[iwar] [fc:Palestinian-Authority-threatens-camera-crews-covering-celebrations]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:42 PDT