Al Qaeda's New Front [site homepage]
homefaqsal qaeda todaymapdiscussion
The Terrorist's Tricks and Counter-Measures

+ Tricks

+  Two terrorists on opposite sides of the globe might agree to open 30 anonymous web-based e-mail accounts with 30 different passwords. On the first of the month the first account is used, on the second of the month the second account is used and so on, until each account is used once.

"It's very difficult to catch, because there is no pattern of use," former U.S. counter-terrorism czar Richard Clarke says. "One-time anonymous accounts are extremely difficult to monitor."

+  One terrorist drafts a Web-based e-mail and instead of sending it, saves it to the draft folder, accessible online from anywhere in the world. The other terrorist can open the same account, read the message, and delete it. The e-mail has never been sent, and cannot be tracked.

+  Many e-mails are sent on public computers, for example in libraries or cyber cafés, making them even more difficult to trace.

+  The language in the e-mails can also be cloaked, says Dale Watson, a 24-year veteran of the FBI who served as the first executive assistant director for counterterrorism. In preparing for the Sept. 11 attacks, suspected hijacker and pilot Mohamed Atta and alleged 9/11 conspirator Ramzi bin al-Shibh pretended to be students as they exchanged e-mails, talking about "architecture" (the World Trade Center), "arts" (the Pentagon), "law" (the Capitol) and "politics" (the White House).

+ Counter-Measures

+  If a jihadist site hosted in another country is not taken down by the government in that country, the U.S. needs to hack the site and bring it down, Clarke says.

+  The U.S. can use active and passive attacks to disrupt terrorists' electronic networks. Active attacks include using computer viruses to infect enemy computers. Passive attacks monitor e-mails and transferred data, and watch traffic patterns.

+  The viruses used in active attacks wouldn't do damage or send mass mailings, but rather selectively collect data and discreetly send the e-mail back to U.S. intelligence. That could include getting address books, or collecting the "cookies" written to the computer's hard drive when the terrorist visits certain Web sites. There are also ways to monitor keystrokes, even if a terrorist uses encryption. Counterfeit e-mails can also used to confuse or subvert communications.

"They certainly can be very effective," the University of Maryland's Lee Strickland says of active attacks. "To escape, [terrorists] have to be lucky every day. We only have to be lucky once."

+  Passive attacks aim to monitor the terrorists' information network, not overtly disrupt it. That includes watching electronic banking transactions, for example, and following e-mail traffic patterns and other data exchanges. Doing so may arouse suspicion and force terrorists to use less efficient modes of communication. "The goal is not only to acquire information in the terrorists' possession, but also to force them to use other forms of communication -- perhaps slower and less effective, or perhaps someone that may be easier to intercept or that may provide more information upon intercept," Strickland wrote in a 2002 report called "Fighting Terrorism with Information."

home + introduction + faqs + al qaeda today + mapping the threat + special reports
join the discussion + interviews + producer's chat + teacher's guide
press reaction + tapes & transcript + credits + privacy policy
FRONTLINE home + wgbh + pbsi

posted jan. 25, 2005

FRONTLINE is a registered trademark of wgbh educational foundation.
photo copyright © corbis
web site copyright 1995-2014 WGBH educational foundation