Al-Qaeda Changing Its Ways After Leaks
By Kimberly Dozier-June 27, 2013
WASHINGTON (AP) --
U.S. intelligence agencies are scrambling to salvage their surveillance
of al-Qaida and other terrorists who are working frantically to change
how they communicate after a National Security Agency contractor leaked
details of two NSA spying programs. It's an electronic game of
cat-and-mouse that could have
deadly consequences if a plot is missed or a terrorist operative
manages to drop out of sight.
Terrorist
groups had always taken care to avoid detection - from using anonymous
email accounts, to multiple cellphones, to avoiding electronic
communications at all, in the case of Osama bin Laden. But there were
some methods of communication, like the Skype video teleconferencing
software that some militants still used, thinking they were safe,
according to U.S. counterterrorism officials who follow the groups. They
spoke anonymously as a condition of describing their surveillance of
the groups. Those militants now know to take care with Skype - one of
the 9 U.S.-based Internet servers identified by former NSA contractor
Edward Snowden's leaks to
The Guardian and The
Washington Post.
Two
U.S. intelligence officials say members of virtually every terrorist
group, including core al-Qaida members, are attempting to change how
they communicate, based on what they are reading in the media, to hide
from U.S. surveillance. It is the first time intelligence officials have
described which groups are reacting to the leaks. The officials spoke
anonymously because they were not authorized to speak about the
intelligence matters publicly.
The
officials wouldn't go into details on how they know this, whether it's
terrorists switching email accounts or cellphone providers or adopting
new encryption techniques, but a lawmaker briefed on the matter said
al-Qaida's Yemeni offshoot, al-Qaida in the Arabian Peninsula, has been
among the first to alter how it reaches out to its operatives.
The lawmaker spoke anonymously because he would not, by name, discuss the confidential briefing.
Shortly
after Edward Snowden leaked documents about the secret NSA surveillance
programs, chat rooms and websites used by like-minded extremists and
would-be recruits advised users how to avoid NSA detection, from telling
them not to use their real phone numbers to recommending specific online software programs to keep spies from tracking their computers' physical locations.
House
Intelligence Committee Chairman Mike Rogers, R-Mich., said
there are "changes we can already see being made by the folks who wish
to do us harm, and our allies harm."Sen. Angus King, I-Maine, said
Tuesday that Snowden "has basically alerted people who are enemies of
this country ... (like) al-Qaida, about what techniques we have been
using to monitor their activities and foil plots, and compromised those
efforts, and it's very conceivable that people will die as a result."
Privacy
activists are more skeptical of the claims. "I assume my communication
is being monitored," said Andrea Prasow, senior counterterrorism counsel
for Human Rights Watch. She said that's why her group joined a lawsuit
against the Director of National Intelligence to find out if its
communications were being monitored. The case was dismissed by the
U.S. Supreme Court last fall. "I would be shocked if terrorists didn't
also assume that and take steps to protect against it," she said.
"The
government is telling us, `This has caused tremendous harm.' But also
saying, `Trust us we have all the information. The US government has to
do a lot more than just say it," Prasow said.
At
the same time, NSA and other counterterrorist analysts
have been focusing their attention on the terrorists, watching their
electronic communications and logging all changes, including following
which Internet sites the terrorist suspects visit, trying to determine
what system they might choose to avoid future detection, according to a
former senior intelligence official speaking anonymously as a condition
of discussing the intelligence operations.
"It's
frustrating. You have to start all over again to track the target,"
said M.E. "Spike" Bowman, a former intelligence officer and deputy
general counsel of the FBI, now a fellow at the University of Virginia's
Center for National Security Law. But the NSA will catch up eventually,
he predicted, because there are only so many ways a terrorist can
communicate. "I have
every
confidence in their ability to regain access."
Terror groups switching to encrypted communication may slow the NSA, but encryption also flags the communication as something the U.S. agency considers worth listening to, according to a new batch of secret and top-secret NSA documents published last week by The Guardian, a British newspaper. They show that the NSA considers any encrypted communication between a foreigner they are watching and a U.S.-based person as fair game to gather and keep, for as long as it takes to break the code and examine it.
Documents
released last week
also show measures the NSA takes to gather foreign intelligence
overseas, highlighting the possible fallout of the disclosures on more
traditional spying. Many foreign diplomats use email systems like
Hotmail for their personal correspondence. Two foreign diplomats reached
this week who use U.S. email systems that the NSA monitors overseas say
they plan no changes, because both diplomats said they already assumed
the U.S. was able to read that type of correspondence. They spoke on
condition of anonymity because they were not authorized to discuss their
methods of communication publicly.
The
changing terrorist behavior is part of the fallout of the release of
dozens of top-secret documents to the news media by Snowden, 30, a
former systems analyst on contract to the
NSA.
The
Office of the Director for National Intelligence and the NSA declined
to comment on the fallout, but the NSA's director, Gen. Keith Alexander,
told lawmakers that the leaks have caused "irreversible and significant
damage to this nation."
"I believe it will hurt us and our allies," Alexander said.
"After
the leak, jihadists posted Arabic news articles about it ... and
recommended
fellow jihadists to be very cautious, not to give their real phone
number and other such information when registering for a website," said
Adam Raisman of the SITE Intelligence Group, a private analysis firm.
They also gave out specific advice, recommending jihadists use
privacy-protecting email systems to hide their computer's IP address,
and to use encrypted links to access jihadi forums, Raisman said.
Other
analysts predicted a two-track evolution away from the now-exposed
methods of communication: A terrorist who was using Skype to plan an
attack might stop using that immediately so as not to expose the
imminent operation, said Ben Venzke of the private analysis firm
IntelCenter.
But
if the jihadi group uses a now-exposed system like YouTube to
disseminate information and recruit more followers, they'll make a
gradual switch to something else that wasn't revealed by Snowden's leaks
- moving slowly in part because they'll be trying to determine whether
new systems they are considering aren't also compromised, and they'll
have to reach their followers and signal the change. That will take
time.
"Overall,
for terrorist organizations and other hostile actors, leaks of this
nature serve as a wake-up call to look more closely at how they're
operating and improve their security," Venzke said. "If the CIA or the
FBI was to learn tomorrow
that its communications are being monitored, do you think it would be
business as usual or do you think they would implement a series of
changes over time?"
Terrorist
groups have already adapted after learning from books and media
coverage of "how U.S. intelligence mines information from their
cellphones found at sites that get raided in war zones," said Scott
Swanson, a forensics intelligence expert with Osprey Global Solutions.
"Many are increasingly switching the temporary phones or SIM cards they
use and throw them away more often, making it harder to track their
network."
The
disclosure that intelligence agencies were listening to Osama bin Laden
drove him to drop the use of all electronic communications.
"When
it leaked that bin Laden was using a Thuraya cellphone, he switched to
couriers," said Jane Harman, former member of the House Intelligence
Committee and now director of the Woodrow Wilson International Center.
"The more they know, the clearer the road map is for them."
It took more than a decade to track bin Laden down to his hiding place in Abbottabad, Pakistan, by following one of those couriers.
No comments:
Post a Comment