On Monday August 20, 2007, Naheeda Mehboob Ilahi, the Deputy Attorney Gerneral of Pakistan, announced that alleged al-Qaeda operative Mohammed Naeem Noor Khan had been released from captivity and returned to his home in Karachi, Pakistan (source).
Background of Khan
Khan was arrested in Lahore, Pakistan in July 2004 on suspicions that he helped develop a covert communications network that connected al-Qaeda’s core leadership on the Afghan-Pakistan border with terrorist cells located in Britain and the United States.
According to media reports, Khan would receive messages from operatives on computer disks via couriers (source). Khan would then post these messages online in locations known only to a select number of operatives. It is likely that many of the messages that Khan posted online were encrypted and removed shortly after receipt (source).
The Hub of al-Qaeda Communications
Authorities were able to exploit the intelligence gathered from Khan’s arrest to locate and apprehend Ahmed Khalfan Ghailani, an al-Qaeda operative responsible for the 1998 bombings of the US Embassies in Kenya & Tanzania.
Additionally, British authorities were able to use the information gathered from Khan’s arrest to locate and arrest Dhiren Barot and other al-Qaeda operatives in Britain (source). Barot was later implicated in a suspected plot to load limousines with gas cylinders and use the vehicle borne improvised explosive to bomb prominent locations in Central London. While Barot’s plans were disrupted, another cell ultimately attempted to carry out his plans in their failed attempts to detonate explosives in the Haymarket area of London and at the Glasgow Airport in Scotland. (Previous Report).
The Dangers of Covert Communications
Although it is unclear whether or not Khan has the desire or capability to return to his role as an al-Qaeda communications operative, his release should serve as a reminder to both security services and policy makers of the dangers of al-Qaeda’s technical capabilities.
The release of the Mojahedeen’s Secret, a commercial grade encryption software package designed by the Global Islamic Media Front (GIMF) for use by Jihadist operatives and sympathizers, demonstrates that al-Qaeda operatives have both the technical awareness and capacity to use encryption to secure their communications (Previous Report).
The recent disruption of a number of al-Qaeda affiliated websites also illustrates the perils of al-Qaeda’s potential increased use of covert communications methods. During these disruptions there has been a decline in availability of open source intelligence on the activities of al-Qaeda and its affiliated terrorist groups (Previous Report).
The example of Mohammed Naeem Noor Khan, as well as the presence of encryption programs like the Mojahedeen’s Secret highlights the folly of attempting to drive al-Qaeda operatives and sympathizers off the Internet. Quite simply, in the absence of al-Qaeda’s network of affiliated websites, dedicated operatives will likely seek out other less observable ways to communicate thereby reducing the ability of Western security services to monitor al-Qaeda’s strategic mindset and tactical preferences.