[ISN] Iraqi insurgents turn to net publishing

InfoSec News isn at c4i.org
Tue Apr 19 09:13:22 EDT 2005


By Doug Mohney
18 April 2005

AS IRAQI insurgents continue to battle against the existing Iraqi
government and allied forces, the Internet is playing a key role in
their efforts to coordinate attacks and publicise them after the fact,
according to multiple newspaper and media accounts.

Who would have thought that we would see the "Jihadist Information
Brigade" appear or Abu Musab al-Zarqawi start publishing his own
Internet webzine? Zurwat Al Sanam . translated, it means "The Tip of
the Camel Hump" . allegedly started publishing in March, but trying to
find a URL to the publication in English through Google is about as
easy as trying to find Mr. Zarqawi himself.

Ironically, this grass-roots, er, sandlot use of the Internet runs
counter to the loud ideas espoused by cyberwarfare geeks and info-sec
experts that evil doers would use their much superior knowledge of the
Internet to bring down banking systems, power plants, and Civilisation
As We Know it, inflicting billions of dollars of damage onto world
economies. Turns out that the evil doers need the Internet now more
than ever to communicate, organise and propagandise the masses.

However, this isn't a one-sided battle, by any stretch of the
imagination. While Al Qaeda and its international band of affiliates
post their latest beheading videos and exchange the latest bomb tips
via peer-to-peer networking, various governmental agencies are
conducting their own operations. Exactly what is going on in this
electronic version of Spy-vs-Spy isn't clear, but we can wager some
very good guesses.

First, intelligence agencies, and of course, the public media, are
actively "tuned in" to various terrorist "Network 21" websites and go
through every freshly posted web page with a fine-tooth comb,
examining everything from a newly posted JPEG graphic for hidden
messages to downloading audio and video clips and running them against
archival databases to identify speakers voices and sifting for clues
on locations from background noises and images. Each web page is
catalogued and compared to previous ones, in an attempt to discern
patterns and electronic "fingerprints" of compositional style and
software. While government agencies may loathe the content of these
missives, they love each and every posting opportunity that jihadist
webmasters make. Every piece of data presents an opportunity to learn
more about the individual(s) and build a profile.

Efforts are also made to track down the physical location where
postings are made from to web servers and chat rooms, but this is a
little trickier given the proliferation of anonymous posting
techniques and the explosive growth of cybercafés across Iraq. It's
likely there's a combination of American technology and expertise
working with Iraqi government security forces to put eyes on any
potential "points of posting," with a quick raid to grab people and
computers if a successful lead develops.

It is also likely that US information warfare specialists are very
carefully and selectively examining and, when possible, even
manipulating posted data. Nothing better than to change a couple of
key steps in the on-line bomb making manual or to suggest
"improvements" in bomb-making techniques that result in devices that
are more easily discovered or go off prematurely. A few successful
"plants" of that nature and suddenly the practices of Information
Assurance are more than abstract theory taught at West Point.

More information about the ISN mailing list