Terror groups hide behind Web encryption

[William Knowles <wk () C4I ORG>]

http://www.usatoday.com/life/cyber/tech/2001-02-05-binladen.htm

By Jack Kelley
USA TODAY
02/06/2001

WASHINGTON - Hidden in the X-rated pictures on several pornographic
Web sites and the posted comments on sports chat rooms may lie the
encrypted blueprints of the next terrorist attack against the United
States or its allies. It sounds farfetched, but U.S. officials and
experts say it's the latest method of communication being used by
Osama bin Laden and his associates to outfox law enforcement. Bin
Laden, indicted in the bombing in 1998 of two U.S. embassies in East
Africa, and others are hiding maps and photographs of terrorist
targets and posting instructions for terrorist activities on sports
chat rooms, pornographic bulletin boards and other Web sites, U.S. and
foreign officials say.

"Uncrackable encryption is allowing terrorists Hamas, Hezbollah,
al-Qaida and others to communicate about their criminal intentions
without fear of outside intrusion," FBI Director Louis Freeh said last
March during closed-door testimony on terrorism before a Senate panel.
"They're thwarting the efforts of law enforcement to detect, prevent
and investigate illegal activities."

A terrorist's tool

Once the exclusive domain of the National Security Agency, the
super-secret U.S. agency responsible for developing and cracking
electronic codes, encryption has become the everyday tool of Muslim
extremists in Afghanistan, Albania, Britain, Kashmir, Kosovo, the
Philippines, Syria, the USA, the West Bank and Gaza and Yemen, U.S.
officials say.

It's become so fundamental to the operations of these groups that bin
Laden and other Muslim extremists are teaching it at their camps in
Afghanistan and Sudan, they add.

"There is a tendency out there to envision a stereotypical Muslim
fighter standing with an AK-47 in barren Afghanistan," says Ben
Venzke, director of special intelligence projects for iDEFENSE, a
cyberintelligence and risk management company based in Fairfax, Va.

"But Hamas, Hezbollah and bin Laden's groups have very sophisticated,
well-educated people. Their technical equipment is good, and they have
the bright, young minds to operate them," he said.

U.S. officials say bin Laden's organization, al-Qaida, uses money from
Muslim sympathizers to purchase computers from stores or by mail. Bin
Laden's followers download easy-to-use encryption programs from the
Web, officials say, and have used the programs to help plan or carry
out three of their most recent plots:

* Wadih El Hage, one of the suspects in the 1998 bombing of two
  U.S. embassies in East Africa, sent encrypted e-mails under various
  names, including "Norman" and "Abdus Sabbur," to "associates in al
  Qaida," according to the Oct. 25, 1998, U.S. indictment against
  him. Hage went on trial Monday in federal court in New York.

* Khalil Deek, an alleged terrorist arrested in Pakistan in 1999, used
  encrypted computer files to plot bombings in Jordan at the turn of
  the millennium, U.S. officials say. Authorities found Deek's
  computer at his Peshawar, Pakistan, home and flew it to the National
  Security Agency in Fort Meade, Md. Mathematicians, using
  supercomputers, decoded the files, enabling the FBI to foil the
  plot.

* Ramzi Yousef, the convicted mastermind of the World Trade Center
  bombing in 1993, used encrypted files to hide details of a plot to
  destroy 11 U.S. airliners. Philippines officials found the computer
  in Yousef's Manila apartment in 1995. U.S. officials broke the
  encryption and foiled the plot. Two of the files, FBI officials say,
  took more than a year to decrypt.

"All the Islamists and terrorist groups are now using the Internet to
spread their messages," says Reuven Paz, academic director of the
Institute for Counter-Terrorism, an independent Israeli think tank.

Messages in dots

U.S. officials and militant Muslim groups say terrorists began using
encryption which scrambles data and then hides the data in existing
images about five years ago.

But the groups recently increased its use after U.S. law enforcement
authorities revealed they were tapping bin Laden's satellite telephone
calls from his base in Afghanistan and tracking his activities.

"It's brilliant," says Ahmed Jabril, spokesman for the militant group
Hezbollah in London. "Now it's possible to send a verse from the
Koran, an appeal for charity and even a call for jihad and know it
will not be seen by anyone hostile to our faith, like the Americans."

Extremist groups are not only using encryption to disguise their
e-mails but their voices, too, Attorney General Janet Reno told a
presidential panel on terrorism last year, headed by former CIA
director John Deutsch. Encryption programs also can scramble telephone
conversations when the phones are plugged into a computer.

"In the future, we may tap a conversation in which the terrorist
discusses the location of a bomb soon to go off, but we will be unable
to prevent the terrorist act when we cannot understand the
conversation," Reno said.

Here's how it works: Each image, whether a picture or a map, is
created by a series of dots. Inside the dots are a string of letters
and numbers that computers read to create the image. A coded message
or another image can be hidden in those letters and numbers.

They're hidden using free encryption Internet programs set up by
privacy advocacy groups. The programs scramble the messages or
pictures into existing images. The images can only be unlocked using a
"private key," or code, selected by the recipient, experts add.
Otherwise, they're impossible to see or read.

"You very well could have a photograph and image with the time and
information of an attack sitting on your computer, and you would never
know it," Venzke says. "It will look no different than a photograph
exchanged between two friends or family members."

U.S. officials concede it's difficult to intercept, let alone find,
encrypted messages and images on the Internet's estimated 28 billion
images and 2 billion Web sites.

Even if they find it, the encrypted message or image is impossible to
read without cracking the encryption's code. A senior Defense
Department mathematician says cracking a code often requires lots of
time and the use of a government supercomputer.

It's no wonder the FBI wants all encryption programs to file what
amounts to a "master key" with a federal authority that would allow
them, with a judge's permission, to decrypt a code in a case of
national security. But civil liberties groups, which offer encryption
programs on the Web to further privacy, have vowed to fight it.

Officials say the Internet has become the modern version of the "dead
drop," a slang term describing the location where Cold War-era spies
left maps, pictures and other information.

But unlike the "dead drop," the Internet, U.S. officials say, is
proving to be a much more secure way to conduct clandestine warfare.

"Who ever thought that sending encrypted streams of data across the
Internet could produce a map on the other end saying 'this is where
your target is' or 'here's how to kill them'?" says Paul Beaver,
spokesman for Jane's Defense Weekly in London, which reports on
defense and cyberterrorism issues. "And who ever thought it could be
done with near perfect security? The Internet has proven to be a boon
for terrorists."



*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".