Digital Underground

Exposing the 'Darknet': Are Al Qaeda terrorists using your personal computer?

When he walked out of Lompoc Federal Correctional Institution in California five years ago, Kevin Mitnick, the most notorious hacker in the United States, faced a peculiar probation requirement. For three years following his release, he was obliged not to touch a computer keyboard or use a cellular phone. Mitnick himself attributed this novel constraint to the fact that the judge in his case had bought into "the myth of Kevin Mitnick—that I could launch nuclear missiles by whistling into a phone." But the desire to physically isolate him from any type of computer was also a frank admission of failure on the part of the authorities: The FBI was so inept and Mitnick so adept with communications technologies that they regarded him as a practitioner of a kind of black magic. In a broader sense, the episode illustrates a digital divide between those who have mastered the capabilities of networked technologies and those who have not. This divide has traditionally been exploited by identity thieves, pornographers, spammers, and copyright pirates. But in the last several years, terrorists have increasingly exploited it as well.

Paul Wolfowitz announced recently that American authorities will pursue Al Qaeda in "cyber sanctuaries," signaling a new theater in the ever evolving war on terrorism: the Internet. The American campaign in Afghanistan had a noticeable impact on the infrastructure of Al Qaeda, but rather than "smoke" the terrorists out, as President Bush declared it would, the war on terror has simply driven them further underground, decentralizing the leadership, atomizing the threat, and increasingly pushing terrorists onto the Web. If American forces are unaccustomed to pursuing adversaries through the caves of Afghanistan or the streets of Baghdad, they will have even more trouble tracking

Al Qaeda online, because Internet technology favors the fugitive criminal and the migrant threat, and because terrorists know how to turn the new digital divide to their advantage. In this evasive game they have at their disposal a most unusual accomplice: unwitting Americans with personal computers and Internet connections.

illustration: Steven Dana

It emerged last year that Fortress ITX, a Clifton, New Jersey, Internet company, inadvertently hosted an Arabic-language website that urged attacks on America and Israel and supplied instructional pamphlets on kidnapping and urban guerrilla warfare. The emergence of this "virtual terrorism" should not be surprising, nor should the fact that Fortress ITX was unaware of it. Despite their wish to turn back the clock on various advances of the modern era, the followers of Osama bin Laden have proved surprisingly capable with the tools of the Internet. In addition to the use of explosives and automatic weapons, Al Qaeda trainees are instructed in computer encryption. Bin Laden associates employ cutting-edge steganography, which involves implanting a text message into a single image or letter on a website. Last July Pakistani authorities captured Muhammad Naeem Noor Khan, a kind of one-man IT department, who helped bin Laden maintain his network by sending encrypted messages to e-mail addresses in places like Turkey and Nigeria. Sites like the one discovered in New Jersey are now the preferred means of communication for Al Qaeda and its affiliates. Seven years ago, there were only a dozen websites associated with terrorist groups; today there are over 4,000.

What's more unsettling is that American computer users may assist in this growth phase for Al Qaeda. The appeal of the Internet for those engaged in any sort of crime is twofold. First, it's possible to conduct business in near complete anonymity provided you can divert pursuers by routing your activity through neutral networks and computers to cover your tracks. And second, most people running those networks and using those PCs are so completely naive about this technology that for the sophisticated criminal, hijacking the hardware is child's play.

The average American computer user comprehends only a minor fraction of what his or her machine can do. Word processing, Web surfing, and burning the odd CD hardly exhaust a computer's capabilities, and consumers who shell out $2,000 every couple of years to purchase a new computer for these purposes are a little like the bourgeois urbanites who use a Viking range to boil water and reheat takeout. But a computer is connected to the outside world—and that makes the naive owner of a networked PC vulnerable. A few years ago a computer-savvy New York identity theft ring stole the credit histories of more than 30,000 people, and used them to empty bank accounts, take out false loans, and run up credit card bills. In 2003 over a thousand people had them hijacked by a group of hackers representing porn sites, who secretly used the computers as portals through which to transmit material onto the Web. The programs didn't harm the computers, and wouldn't show up unless users were looking for them. "Here people are sort of involved in the porno business and don't even know it," said Richard M. Smith, the computer researcher who first noticed the problem. Another security analyst believed the ring could be traced to the Mafia-connected computer underground in Russia—but couldn't say for sure.

Terrorists have become experts at identifying unguarded server space from which to upload material. Jihad videos were recently discovered on the servers of George Washington University and the Arkansas State Highway and Transportation Department. Some of the more sophisticated terrorist sites migrate from one server to another, often several times a day, in order to evade the authorities. "Reverse proxy servers" allow a user to cloak his identity behind a "front" computer, by transmitting material through that computer onto the Internet while making it appear that the front computer is in fact the server.

Next Page »
My Voice Nation Help
New York Concert Tickets