An Interview With Gabriel Weimann

Erik Schechter, contributing editor, Tel Aviv, Israel, August 23, 2006

A computer keyboard — with Latin and Arab letters — confiscated by German police in 2004 after searching the Taqua-Mosque in Frankfurt. (Photo: Martin Oeser / AFP-Getty Images)

British police, in mid-August, raid two internet cafes in the Berkshire town of Slough and seize hard drives as part of ongoing investigation into a foiled airline-bombing plot. A week later, on the other side of the globe, Indonesian authorities arrest two Islamic militants setting up a Web site that endorses the murder of foreigners. Meanwhile, a news agency somewhere else reports claims made on the Internet by a terrorist group.

Welcome to the dark side of the information revolution.

For eight years, Haifa University professor Gabriel Weimann has been watching terrorist Web sites spread like a mold in cyberspace. In his new book "Terror on the Internet: The New Arena, the New Challenges," Weimann argues that the Internet — with its anonymous, uncontrollable flow of information to a global audience — is the perfect tool for a new breed of terrorist.

Represented best by Al Qaeda, the new terrorism is international in reach, lacks a hierarchy and state sponsor, blends politics and religion, and has enormous killing power. And the Internet is its playpen. Militants recruit sympathizers via message groups, e-chats, and online magazines; they gather open-source intelligence and coordinate attacks by encrypted e-mail.

They forge scattered individuals into a violent virtual community.

Noting all this, Weimann writes about the ways governments have been trying to crackdown on the terrorists and what that means, in terms of privacy and access, for innocent Internet users. sat down with the author to discuss the threat.

Schechter: So terrorists are hawking their causes on the Net, but is anyone buying? How do we measure the impact of a Web site?

Weimann: There are various ways to measure the impact. The most obvious is to count the number of hits a Web site gets, but I think this is an invalid approach. First, terrorists like to inflate the numbers. Second, you don't know who is logging in: are they the terrorists themselves, researchers like me, or just one person logging in many times?

Instead, I rely on the testimonies of terrorists to weigh the impact of these sites, and as I mentioned in my book, there have been numerous case studies of terrorist recruitment, training, and coordination via the Internet. Also, I listen to those working in the counterterrorism field.

In terms of structure, how do Web sites affiliated with a Marxist group like the Revolutionary Armed Forces of Columbia (FARC) differ from those of Al Qaeda?

It's hard to make a distinction.

At present, we have 4,900 terrorist-related Web sites on the Net, and many groups have multiple sites that vary in presentation. At the same time, terrorist groups learn from and copy each other, for instance, in the use of multimedia. You didn't see Flash technology on these sites five years ago, but now it is common.

Another thing: Terrorists narrowcast their messages to a particular audience, to the media, women, children, etc. Even when using the same images and layout, a Web site may say one thing to a foreign audience in English and quite another thing to locals in Arabic.

How can you tell, judging by text or graphics, if a Web site is connected to Al Qaeda and not some other Islamist group?

It's like living in any neighborhood. After a while, you know your neighbors' routines, when they get up in the morning, what they eat, and how they talk. You learn to ignore the pretenders and focus on the official sites of the terrorist group or those belonging to sympathizers.

You write that Hamas started early with the Internet and even has a Web site for kids. What is that like?

Its starts off innocent enough, with cartoon drawings, but the stories told always lead in one direction: the child going off and becoming a shahid, or martyr, to avenge his dead father, demolished home, or bombarded village. It's very shocking to see. You are looking at all these cartoons and then, all of a sudden, the photo of a suicide bomber's severed head pops up.

Besides spreading propaganda, what are some of the other ways in which terrorists use the Internet?

You have psychological warfare. For instance, the videotaped beheadings of Westerners in Iraq were meant to scare the coalition and those that would help it. Terrorists also recruit, network, and provide training materials over the Internet.

Before 9/11, they used to fundraise out in the open, but now it's done indirectly through an affiliated charity. Terrorists even conduct debate amongst themselves over the Net, for instance, when Chechen rebels criticized the Palestinian Hamas for meeting with Russia's Putin.

Finally, there's data mining — downloading sensitive information to help in an attack.

What sort of sensitive information have terrorists been able to glean from the Net?

They have downloaded maps of installations and details about their defenses and operating procedures. You can find information on the number of airlines flying at a given time, their flight codes, and where they are headed.

What is steganography, and how do terrorists use it to communicate with one another?

Steganography is the art of writing hidden messages in such a way that no one but the intended recipient knows of their existence. A steganographic message will appear to be something else — a picture, an article, a shopping list, etc. By contrast, cryptography only disguises the content of the message.

After 9/11, there was a rumor going around that the hijackers communicated with each other by hiding messages in digital pictures, but that's just a myth. They actually used basic codes and regular e-mails while relying on the enormous volume of Internet traffic to avoid detection.

Now terrorists are encrypting their e-mails. Perhaps, they'll resort to steganography in the future.

You mention two systems — Carnivore and Magic Lantern — used by the authorities to crack terrorist communications. How do they differ from one another?

Well, there's definitely more than just those two. There are all sorts of sniffers, crawlers, and spiders used for searching suspicious traffic.

Most Internet traffic travels through a few junctions; Carnivore is installed at those junctions and taps the incoming messages. Fortunately, terrorists tend to use American ISPs because they are more reliable and sophisticated than others.

By contrast, Magic Lantern is installed directly on the suspect's computer and records everything that is typed, thus finding out what is his encryption key.

What are the legal and civil rights ramifications of each?

Well, they are both an invasion of privacy, but you don't need a warrant for Carnivore.

You write that, in May 2005, the C.I.A.'s Information Operations Center ran a three-day war game involving of a massive cyber attack by imaginary hackers. What were the results of "Silent Horizon" and should we be worried?

There have been war games since then, including one in which I participated, but there has been no one, consistent result. Sometimes the defenses hold, other times hackers break in and do damage to services and infrastructure. I'd say a dark cloud is on the horizon. The day will come when terrorists will be able to interfere with flight control systems at airports.

Copyright © 1997-2022 All Rights Reserved. - - Privacy Notice - Front Page