Hiding (and Seeking) Messages on the Web
Al Qaeda uses the Web as a communications network
By Colin Soloway, Rod Nordland and Barbie Nadeau
NEWSWEEK
June 17 issue — One day last October, an intelligence-community analyst noticed
something strange about a radical Islamist Web site she had been monitoring for
several months. A previously open, innocuous part of the site was suddenly
blocked. She checked her notes, found the old address for the link and typed it
in—to find an otherwise empty page commanding in Arabic, MISSIONARIES ATTACK!
OTHER “HIDDEN” PAGES ON the site included seemingly nonsensical phrases and
quotations from the Qur’an—coded instructions for Qaeda operatives and their
supporters. U.S. intelligence discovered Al Qaeda uses the Web as a
communications network. Analysts believe Al Qaeda uses prearranged phrases and
symbols to direct its agents. An icon of an AK-47 can appear next to a photo of
Osama bin Laden facing one direction one day, and another direction the next.
Colors of icons can change as well. Messages can be hidden on pages inside sites
with no links to them, or placed openly in chat rooms. The messages and patterns
of symbols are given to analysts at the CIA and National Security Agency to
decipher.
The operators of these sites, working from Pakistan, Malaysia, Indonesia, the
gulf states and Britain, are sophisticated in their computer tradecraft. “These
guys are no fools,” says an intelligence source.
Much of the intelligence from the sites comes from “traffic analysis.” Analysts
say they have seen “surges” in traffic since 9-11, in many cases prior to
attempted attacks. “There was a surge about the time [shoe-bomber] Richard Reid
got on the plane,” says one analyst. “We would get surges, and then you would
hear about people who were stopped.”
For more direct communication, Al Qaeda uses commercially available encryption
software or hides messages inside graphics files by a process known as
steganography. “They are giving strategic direction to their supporters by using
the Web [and] using [cryptographic software] to transmit e-mail messages,” says
a British intelligence source.
While encrypted communications keep the content of messages secret, they attract
the attention of intelligence services, which track the messages to their source
and recipient; meanwhile, much of the Web communications are hidden in the mass
of unrelated “chatter” on radical Web sites. “The genius of this method is that
they are hiding in plain sight,” says the analyst. “It’s three jigsaw puzzles
mixed up in one box, when you’re only interested in one of them.”
Some of the most valuable intelligence gleaned from the sites has been the
connection between Islamic charities and Qaeda fund-raising operations. Analysts
found the same bank-account numbers listed in Islamic humanitarian appeals on
sites raising funds for jihad against the enemies of Islam. Several U.S.-based
Islamic “charities” have been shut down thanks to the analysts’ discovery of
this fund-raising scam.
To read More:
