Al Qaeda and the Internet: the danger of "cyberplanning"

Parameters, Spring, 2003 by Timothy L. Thomas

With regard to gathering information through the Internet, on 15 January 2003 Defense Secretary Donald Rumsfeld observed that anal Qaeda training manual recovered in Afghanistan said, "Using public sources openly and without resorting to illegal means, it is possible to gather at least 80 percent of all information required about the enemy." (20)

* The Internet puts distance between those planning the attack and their targets. Terrorists planning attacks on the United States can do so abroad with limited risk, especially if their command and control sites are located in countries other than their own. Tracing the route of their activity is particularly difficult. The net provides terrorists a place to plan without the risks normally associated with cell or satellite phones.

* The Internet can be used to steal information or manipulate data. Ronald Dick, Director of the FBI's National Infrastructure Protection Center, considers the theft or manipulation of data by terrorist groups as his worst nightmare, especially if the attacks are integrated with a physical attack such as on a US power grid. (21) Richard Clark, Chairman of the President's Critical Infrastructure Protection Board, said the problem of cyber security and data protection had its own 9/11 on 18 September 2001 when the Nimda virus spread through Internet-connected computers around the world, causing billions of dollars of damage. Nimda's creator has never been identified. This virus, hardly noticed in the wake of the airliner attacks and anthrax scares, set off a chain reaction among software companies (including Microsoft) to get very serious about plugging vulnerabilities. (22) In the fall of 2001 a number of unexplained intrusions began occurring against Silicon Valley computers. An FBI investigation traced the i ntrusions to telecommunication switches in Saudi Arabia, Indonesia, and Pakistan. While none was directly linked to al Qaeda, there remain strong suspicions that the group was somehow involved. (23)

* The Internet can be used to send hidden messages. The practice of steganography, which involves hiding messages inside graphic files, is a widespread art among criminal and terrorist elements. Hidden pages or nonsensical phrases can be coded instructions for al Qaeda operatives and supporters. One recent report noted,

Al Qaeda uses prearranged phrases and symbols to direct its agents. An icon of an AK-47 can appear next to a photo of Osama bin Laden facing one direction one day, and another direction the next. The color of icons can change as well. Messages can be hidden on pages inside sites with no links to them, or placed openly in chat rooms. (24)

In addition, it is possible to buy encryption software for less than $15. Cyberplanners gain an advantage in hiding their messages via encryption. Sometimes the messages are not even hidden in a sophisticated manner. Al-Jazeera television reported that Mohammed Atta's final message (another advantage of the Internet--the impossibility of checking sources) to direct the attacks on the Twin Towers was simple and open. The message purportedly said, "The semester begins in three more weeks. We've obtained 19 confirmations for studies in the faculty of law, the faculty of urban planning, the faculty of fine arts, and the faculty of engineering." (25) The reference to the various faculties was apparently the code for the buildings targeted in the attacks.