Law enforcement officials in Mumbai, India recently reviewed a proposal to install keystroke-logging software in each of the cities more than 500 cyber cafés (source). Vijay Mukhi, the president of the Foundation for Information Security and Technology and chief advocate for the cyber café surveillance proposal, observed that terrorists are increasingly using the Internet to communicate, plan, and possibly coordinate terrorist attacks.
As a result, Mukhi stated, “the police needs to install programs that will capture every key stroke at regular interval screen shots, which will be sent back to a server that will log all the data. The police can then keep track of all communication between terrorists no matter, which part of the world they operate from. This is the only way to patrol the net and this is how the police informer is going to look in the e-age (source).”
Terrorist Use of the Internet
Terroris use of the Internet is well known. We have previously documented numerous instances of terrorists using the Internet to
•Provide strategic guidance (Previous Report)
•Exchange tactical training (Previous Report)
•Raise funds (Previous Report)
•Disseminate propaganda
•Gather intelligence (Previous Report)
The Value of Anonymity
Although terrorists rely on the Internet to achieve these vital functions, they understand that their use of the Internet can leave them vulnerable to detection and detention. For example, the July 2006 plot to bomb the NY/NJ PATH railway tunnels underneath the Hudson River was disrupted when Lebanese security services detected the origins of the plot online and traced the location of the lead operative Assem Hammoud (Previous Report).
As a result, al-Qaeda operatives are keenly interested in developing techniques and tactics that will guarantee their anonymity online. One recommended technique to preserve anonymity is the use of cyber cafés. Presumably, cyber cafes are recommended because al-Qaeda operatives believe it would be very difficult to trace suspicious online communication back to an individual customer.
The Utility of Keystroke-Loggers
In theory, a keystroke-logger would aid law enforcement and intelligence officials in monitoring suspicious Internet traffic from a cyber café. However, simple keystroke loggers will not suffice. An entire surveillance infrastructure including cameras and teams of law enforcements agents capable of following suspects on foot once they leave the cyber café are needed to aid in the accurate identification or immediate detention of terrorist suspects. Without this infrastructure law enforcement and intelligence officials will in the best cases likely only be left with fragmentary information.
This is not to claim that keystroke loggers should not be used in public cyber cafés. Rather, the above argument is meant to set reasonable expectations for the use of this technology.
Although keystroke loggers are not a silver bullet solution, it is likely that publicly advertising their use at cyber cafés would force al-Qaeda operatives and sympathizers to connect to the Internet via other access points. Forcing al-Qaeda operatives and sympathizers not to use cyber cafés may cause them to mistakenly reveal their identity by leaving a noticeable trail in cyberspace. As a result, the use of keystroke loggers at public Internet terminals should at least be considered and publicly discussed.