From The Middle East Media Research Institute (MEMRI)

Special Dispatch-Jihad & Terrorism Studies Project
April 20, 2007
No. 1552

Has an Organized Campaign to Shut Down Islamist Websites Begun? Islamist Forums Claim It Has

To view this Special Dispatch in HTML, visit:
http://www.memri.org/bin/opener_latest.cgi?ID=SD155207 .

In the past weeks, several rumors have been spread over Islamist websites about Western intelligence agencies' intention to shut down Islamist forums. As one Islamist put it, "We are all aware of the Zionist-Crusader campaign that has been launched against the Islamist websites... The most recent [manifestation of this campaign] is... the effort of American intelligence to completely eliminate websites that distribute communiqués [by the mujahideen] and films [documenting] attacks of the Iraqi resistance, or which encourage so-called terrorism.... As part of this campaign, [the Americans are also] threatening TV networks that broadcast videos [documenting] attacks... or that report on [Coalition] casualties not reported by the U.S. military."(1) Islamist forums reacting to the recent disabling of one Islamist website and one Islamist forum claim that these are two manifestations of a single united U.S. campaign against Islamists.

I haven't seen any sign of that. If you troll the deeper currents of the Internet there is some polarization between whack em's and help em's.

The sample of one and one is a bit of stretch to apply to a larger population.

Hi Selil,

I haven't seen any sign of that. If you troll the deeper currents of the Internet there is some polarization between whack em's and help em's.

The sample of one and one is a bit of stretch to apply to a larger population.

Oh I agree that the sample size is terrible. Still, it may be indicative of a shift in perception that may drive some of these boards into more hidden zones.

Marc

I would be surprised if kiddiescript hackers have not crashed more than one of these sites. They love a challenge. Especially, one that will probably not have any repercussions.

"Especially, one that will probably not have any repercussions." (-luv that , I truly do)

The problem is the Internet itself. I can post on this forum using a server in Vietnam and my IP would indicate such. It would be difficult to subpoena an Internet provider, government, or company server in Vietnam and places like that. Heck, hackers love using servers in the Middle East for the same reason. You can bring down a site, and I'm sure that is going on both on and off the record as well as with kiddiescripters but they can get their sites back up in no time at all. What was once just a group of universities connected together has gotten way out of control. The Internet has taken on a life of its own. It doesn't really change much except it increases the pace. The place for espionage and propaganda at light speed. I'm afraid because of this pace that desperate measures may be in store. Time, not impatience, will be a factor in decision making. Lets just hope it doesn't come down to having to turn an entire region into a sheet of glass. The next leaders may have to be of the Curtis LeMay variety. Not by choice or because we are getting impatient but because time itself is a factor. I'm sure we are looking at what happened to Japan. From a vicious and discriminating empire to a culture and nation that tries its best not to fire a shot in anger. In the end, the opportunity cost was worth the decision to speed up the clock for the end of that war during that time and place. It created other problems later but solved the problem of Japan.

23 July Federal Computer Week - DOD Takes Aim at Jihadist Web Sites (http://www.fcw.com/article103262-07-23-07-Print) by Sebastian Sprenger.

Pentagon officials may be mum publicly about efforts to halt the spread of jihadist Web sites, but military and other intelligence agency officials say privately they are trying to limit the online recruiting and information dissemination efforts of militant Islamist groups.

A spokeswoman for the new Air Force Cyberspace Command declined to say whether the issue is on the command's agenda, but Air Force Secretary Michael Wynne seems to be looking to the command for solutions. "The pervasive nature of pro-jihad Web sites represents a tangible and highly visible example of how our adversaries use elements of cyberspace against us," he wrote in an article for the spring 2007 issue of the service publication Air & Space Power Journal.

Web sites aimed at attracting new generations of Islamic militants have multiplied steadily in recent years, and their number is now estimated to be in the thousands. Although tech-savvy extremists are known to attack Western computer networks through hacking and other means, many experts consider the silent spread of easy-to-set-up anti-American propaganda Web sites more dangerous because the military finds it difficult to stop...

Would it really be better, from an IO and IC perspective, to drive these sites into less visible formats than open websites? We can barely catch the most significant variables of the material out there now.

A smarter option would be slick psuedo-jihadi of our own to spread disinformation, fratricidal factional strife, intra-jurisprudential controversies and so on and network-maap the traffic.

Zenpundit,

I still owe you that coffee...

On topic we (google, yahoo, dogpile, etc.) can see about thirty percent of the Internet (optimistically). Darknet for example on SWC is the area that the registered users, admins, and selected individuals have access to. Darknet is the other side and is where a lot of the coordination, training, and planning activities of the adversary are likely occurring. This can happen on forums, wiki's, IRC, and p2p networks. Like a periscope breaking the surface the recruiting efforts and open Jihadist websites portend much more danger below the surface that their targets may not see.

The openly communicating enemy of the state may expose substantial and influential information simply by the volume of what they are saying. Driving them to ground will only piss them off, and result in little if any security.

Do not forget about Deep Web.

I stumble onto many "questionable websites", and I only do it for a hobby:rolleyes:.

Not sure where the Army is going with this, but even if you do find the websites, what next? And something Army may not think of and I am sure the XXX would beg to differ (another one of those turf struggles):D on just which sites get shut down or monitored.

TAKES AIM :eek: They just keep hopping onto another IP address.

I would compare this to tossing one of those ping pong balls at those fish bowls at a county fair. Darn thing bounces around all over the place until it either goes off table or lands in bowl. After a couple dozen balls when you do land one in the bowl, they don't give you that one, they grab some fish in totally different tank and slaps it in a plastic bag and hands it off to you, and now your like, Now what?:wry:


Deep Web Research Resources and Sites (http://deepwebresearch.blogspot.com/)

A Subject Tracer™ Information Blog developed and created by Internet expert, author, keynote speaker and consultant Marcus P. Zillman, M.S., A.M.H.A. for monitoring deep web research resources and sites on the Internet.

Hi Selil,

The openly communicating enemy of the state may expose substantial and influential information simply by the volume of what they are saying. Driving them to ground will only piss them off, and result in little if any security.

There are a couple of other implications as well. First, these sites can be used to track narrative changes as they emerge and, in some ways, are a fantastic source of predictive intel. Second, the legalities of attacking these sites are interesting. Certainly if they are located on servers in the US they can be shut down - at least for the n2 seconds it takes for the mirror in some other country to pen up :wry:. What if they are in Finland or Kenya or Nigeria?

Personally, I don't care if thy are PO'd - "bad cess" to them as my grandmother would say. I would far rather use their own necessities against them in a proactive way.

Marc

Actually I think the FBI likes to keep some of them up so as to monitor them. A bit hard on those who visit just for curiosities sake(Hey, I've done it once or twice myself), but of course they can probably sort those out from regulars.
All this sounds like a great spy movie. Have someone who has a personal crusade to squish terrorist websites. And Someone Finds Out...

There is zero need for a specific "OSINT analysis" discipline; as I stated before, it falls easily within the skillset of the traditional intelligence analyst.

I agree with you that the traditional intelligence analyst has the skill set, but I haven't see the toolkit, and think I have seen evidence they don't have the toolkit. What is new and needed, is an "Information Trooper" al Qaeda and even the Taliban have seen the Internet as a new Theater of operations, and USA is starting to recognize it. We are not winning the war for the Hearts and Minds, nobody can stop USA militarily but the war for hearts and minds is something different.. The Terrorist have around 4,000 web sites now, and put out video of an atack winth in 15 min in some cases. On the internet anything posted enough times over a long enough period of time will be believed as the truth.. USA is loosing an Info/Media war with a man hiding in a cave. The most advanced and savvy MEDIA AND technological country in the world. The decision ot leave up or take down a terrorist site among the civilian irregulars now has some clarity. For a Military/Intelligence to take down a terrorist server they need an approval from Bush, there are still no rules for engagement. On the hacking/bot side USA has about a 3 to 5 year lead over the Islamic hackers. We need to be exploiting that lead. USA's soft war, is almost non-existent. Or your cover is almost perfect. Soft wars are cheaper and have much less blowback. I welcome you observations and any info you can safely share. Bill

The decision ot leave up or take down a terrorist site among the civilian irregulars now has some clarity. For a Military/Intelligence to take down a terrorist server they need an approval from Bush, there are still no rules for engagement.

Command and control of civilian irregular computer network operators (http://mypetjawa.mu.nu/archives/190516.php) is almost an oxymoron. In meat space the ODA commander doesn't command the G Chief. He figures out ways to persuade the G Chief that following the advisor's advice was the G Chief's idea. There ARE G Chiefs in cyber space (http://muninn-quotheraven.blogspot.com/2007/07/youtube-smackdown-how-to-guide.html). Are there Regular digital outreach team LNO's with enough rapport and cred to get a productive jihadi site left up?

All,

Figuring out 'the lay of the land' in any country has been greatly facilitated by the rise of the internet: google, google earth, news/general podcasts, etc. ESRI products and custom software like falconview are helping to rapidly visually translate portions of this knowledge into something usable. Database creation, management, synchronization and useage give some pretty amazing products.

There are a variety of G-Chief's ( http://en.wikipedia.org/wiki/Russian_Business_Network and http://news.zdnet.com/2100-1009_22-5969516.html ) who are successfully using this technology and others on a large scale and there are obvious economic benefits to doing things remotely and with a computer assist.

Technology does not replace the well trained man on the ground however, and I would argue that time in country for decision makers helps to contextualize the information gathered/provided and makes for far better decisions.

Steve

Would it really be better, from an IO and IC perspective, to drive these sites into less visible formats than open websites? We can barely catch the most significant variables of the material out there now.

A smarter option would be slick psuedo-jihadi of our own to spread disinformation, fratricidal factional strife, intra-jurisprudential controversies and so on and network-maap the traffic.


This is exactly right. Why would we want to make it harder for us to watch them? Its much easier to monitor the Internet than sort through sail mail, monitor cellphones, or catch a messenger. I would hope that all the ideas you stated are already being implemented? One argument people make is that they can recruit via the Internet and motivate people through images of attacks on US personal. While this may be true, at the same time, we can monitor who visits these sites and geographically analyze the major nodes and networks of the regular visitors. GIS would be a great tool for this type of analysis. I'm pretty sure our intelligence people must be doing this already. Anyway, good post.

One more thing, and this might sound a little too "sci-fi" or crazy but here goes. Someone should develop the technology that would enable us to send some sort of "shock" through the system or even something that could cause an explosion at the enemy's computer[s]. A known enemy, would think he was visiting a "friendly" site and when he clicked on to the site, he would feel something very unpleasant. This may be impossible, as I know very little about computer networks or computer technology, but I thought I'd mention it anyway?

This is exactly right. Why would we want to make it harder for us to watch them? Its much easier to monitor the Internet than sort through sail mail, monitor cellphones, or catch a messenger. I would hope that all the ideas you stated are already being implemented? One argument people make is that they can recruit via the Internet and motivate people through images of attacks on US personal. While this may be true, at the same time, we can monitor who visits these sites and geographically analyze the major nodes and networks of the regular visitors. GIS would be a great tool for this type of analysis. I'm pretty sure our intelligence people must be doing this already. Anyway, good post.

We don't know the identity of visitors or members to these sites since they post under pseudonyms. And their use of anonymizers like TOR (and more sophisticated tools) defeats geographical analysis.

One more thing, and this might sound a little too "sci-fi" or crazy but here goes. Someone should develop the technology that would enable us to send some sort of "shock" through the system or even something that could cause an explosion at the enemy's computer[s]. A known enemy, would think he was visiting a "friendly" site and when he clicked on to the site, he would feel something very unpleasant. This may be impossible, as I know very little about computer networks or computer technology, but I thought I'd mention it anyway?

This sort of thing is very difficult due to the fact that someone could be broadcasting a site or link through a zombie system (more or less a third party computer that's been taken over by an outside network). You might also end up frying a casual surfer or someone who just blundered into an area (not to mention your own guys who were out gathering and didn't get the word...:eek:).

Interesting idea, but in many ways it may be better to let some of this stuff stay out in the open so you can monitor and track it.

I recently completed a project looking at the OSI 7 layer model. The concept of the paper was to identify a variety of methods to obscure or remove all traces of the orginators message. This is a project related to my PhD research on cyber warfare. The idea of traitor tracing (usually watermarks and encryption) being expanded to other methods of tracing or identifying rogue entities in an organization. Looking at the OSI 7 layer model we can remove every trace, at every level, between two end points of any communication. And, even if detected it is encrypted in such a way as any message would be OBE before forced decryption. Literally keyboard of sender to monitor of receiver the message is untraceable. For some reason people don't want me to publish the paper. I wonder why.