The recent arrests of forty terrorist suspects in at least six countries and associated disruption of potential terrorist attacks in Toronto (Terror Web Watch) and New York City highlight the emerging, evolving, and critical role of the Internet in the global war on terrorism for both the jihadist and counterterrorism officials.
Al-Qaeda views the Internet along with Iraq , and Afghanistan as its primary battlefronts in the global jihad. Propaganda garnered from events in Iraq and Afghanistan are often quickly posted to the Internet in an attempt to provide religious justifications, offer ideological inspirations, supply tactical and operational training, recruit potential operatives, supporters, and sympathizers, as well as raise funds for operations. Examples of this on-line propaganda distribution include the Nick Berg beheading video.
While al-Qaeda’s use of the Internet is a legitimate source of concern, it should also be recognized that the jihadist increased reliance on the Internet presents counterterrorism officials with a tremendous opportunity to monitor the current strategic, targeting, and operational ‘mindset’ of the global jihadist front. According to media sources the recent disruptions of the plots in Toronto and New York City were due in large part to counterterrorism officials ability to monitor known jihadist web sites and chat rooms.
This apparent lack of operational security is puzzling because many al-Qaeda affiliated web sites and chatrooms host forums specifically dedicated to computer security. Many posts in these forums deal specifically with how jihadist should use proxy servers and encryption to obfuscate their identity and conceal the content of their messages. However, as the disrupted Toronto and New York City plot appear to indicate, many aspiring jihadist do not appear to practice on-line operational security. Specifically, according to media sources, “a special unit that monitors Internet and phone activity identified [Assem Hammoud] through the internet protocol address he was using to access Islamicist [sic] sites. Lebanese officials monitored his internet activity and phone calls for several months before arresting him on April 27.”
These apparent sloppy on-line operational security practices are stunning and reveal some important trends in the global war on terrorism. First, this lack of discipline may indicate that many of the arrested aspiring al-Qaeda operatives are amateurs. It has been widely reported through the media’s coverage of the NSA surveillance story that counterterrorism officials have the capability to monitor Internet traffic. Moreover, it is common knowledge that Internet traffic can be traced back to a specific computer at a physical address. Any aspiring terrorist that does not know this or take the time to understand that their movements in cyber space can be tracked can only be assumed to be either inexperienced or unintelligent.
It is also probable that counterterrorism officials have been able to detect the less experienced and knowledgeable aspiring operatives while the more experienced and savvy professional operatives have been able to successfully hide their tracks in cyber space. As mentioned above, as evidenced by the numerous posts on jihadist web sites, it is known that al-Qaeda operatives are interested in computer security. Moreover, it also known that many al-Qaeda operatives and supporters monitor the Western media in order to gather intelligence on the strategies and tactics of counterterrorism officials. Therefore, given the media’s attention to the role of Internet surveillance in the arrest of operatives in Toronto and Beirut, experienced al-Qaeda operatives must surely understand that unsafe and unprotected use of the Internet may lead to their arrest. As a result, it is likely that experienced operatives are using anonymous proxy servers and strong encryption to obfuscate their identities and conceal their messages. Therefore, it is too early to assume that counterterrorism officials have gained the upper hand in the Long War on Terrorism.