Hiding (and Seeking) Messages on the Web

R. A. Hettinga rah at shipwright.com
Sun Jun 9 21:20:37 EDT 2002 

http://www.msnbc.com/news/764107.asp


U.S. intelligence has discovered dozens of Islamist Web sites, such as the
one above, where Al Qaeda uses covert forms of communication to direct its
agents

Hiding (and Seeking) Messages on the Web
Al Qaeda uses the Web as a communications network

By Colin Soloway, Rod Nordland and Barbie Nadeau
NEWSWEEK
  	  	June 17 issue -  One day last October, an intelligence-community
analyst noticed something strange about a radical Islamist Web site she had
been monitoring for several months. A previously open, innocuous part of
the site was suddenly blocked. She checked her notes, found the old address
for the link and typed it in-to find an otherwise empty page commanding in
Arabic, MISSIONARIES ATTACK!	 

OTHER "HIDDEN" PAGES ON the site included seemingly nonsensical phrases and
quotations from the Qur'an-coded instructions for Qaeda operatives and
their supporters. U.S. intelligence discovered Al Qaeda uses the Web as a
communications network. Analysts believe Al Qaeda uses prearranged phrases
and symbols to direct its agents. An icon of an AK-47 can appear next to a
photo of Osama bin Laden facing one direction one day, and another
direction the next. Colors of icons can change as well. Messages can be
hidden on pages inside sites with no links to them, or placed openly in
chat rooms. The messages and patterns of symbols are given to analysts at
the CIA and National Security Agency to decipher.
        The operators of these sites, working from Pakistan, Malaysia,
Indonesia, the gulf states and Britain, are sophisticated in their computer
tradecraft. "These guys are no fools," says an intelligence source.
        Much of the intelligence from the sites comes from "traffic
analysis." Analysts say they have seen "surges" in traffic since 9-11, in
many cases prior to attempted attacks. "There was a surge about the time
[shoe-bomber] Richard Reid got on the plane," says one analyst. "We would
get surges, and then you would hear about people who were stopped."

For more direct communication, Al Qaeda uses commercially available
encryption software or hides messages inside graphics files by a process
known as steganography. "They are giving strategic direction to their
supporters by using the Web [and] using [cryptographic software] to
transmit e-mail messages," says a British intelligence source.
        While encrypted communications keep the content of messages secret,
they attract the attention of intelligence services, which track the
messages to their source and recipient; meanwhile, much of the Web
communications are hidden in the mass of unrelated "chatter" on radical Web
sites. "The genius of this method is that they are hiding in plain sight,"
says the analyst. "It's three jigsaw puzzles mixed up in one box, when
you're only interested in one of them."
        Some of the most valuable intelligence gleaned from the sites has
been the connection between Islamic charities and Qaeda fund-raising
operations. Analysts found the same bank-account numbers listed in Islamic
humanitarian appeals on sites raising funds for jihad against the enemies
of Islam. Several U.S.-based Islamic "charities" have been shut down thanks
to the analysts' discovery of this fund-raising scam.

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list