Information Operations
Newsletter
Compiled by: Mr. Jeff Harley
US Army Strategic Command
G39, Information Operations Branch
The articles and information appearing herein are intended for educational and non-commercial purposes to promote discussion of research in
the public interest. The views, opinions, and/or findings and recommendations contained in this summary are those of the original authors and
should not be construed as an official position, policy, or Table
decision of
of the
United States Government, U.S. Department of the Army, or U.S.
Contents
Army Strategic Command.
ARSTRAT IO Page on Intelink-U
Table of Contents
Vol. 8, no. 02 (10 – 22 October 2007)
1.
Al-Qaeda: Beginning of the End, or Grasping at Straws?
2.
Mysterious Transmissions Assaulting Israeli Satellite TV Broadcasts
3.
US Army Medics Win Some Hearts and Minds
4.
Information Unit Activated At Norwich Campus
5.
Secret Tech Unit at McChord AFB Guards against Cyber Attack
6.
An Internet Jihad Sells Extremism to Viewers in the U.S.
7.
Sex, Lies and DVDs: Propaganda in the Palestinian Territories
8.
Countering the Art of Information Warfare
9.
Iraqi Insurgent Media Campaign Targets American Audiences
10. Jihadi Forum Users Look for Codes in Bin Laden's September Video
11. U.S.-Financed Radio Stations Try To Reach Listeners in North Korea
12. US Army Enlists Anthropologists
13. New WEP Attack: Caffe Latte Hits Client, Not Access Point
14. Cyber Security Command for India Recommended
15. Countering Information Warfare
16. Congress: Power Grid Defense Is Weak
ARSTRAT IO Page on Intelink-U
Page ii
Al-Qaeda: Beginning of the End, or Grasping at Straws?
By Michael Scheuer, Jamestown Foundation, 10 October 2007
Since early September, there has been a flurry of media reports and commentaries suggesting that
the Saudi religious establishment has turned against Osama bin Laden and al-Qaeda; that a split
has occurred among the Taliban, Ayman al-Zawahiri and bin Laden; and that al-Zawahiri has
pushed bin Laden aside, sidelined him, and seized control of al-Qaeda. Hopefully this troika of alQaeda disasters is deadly accurate, but each merits consumption with a large grain of salt.
The issue meriting the least belief and most suspicion in the West is the reported development of
anti-bin Laden and anti-jihad doctrines among the government-supported Islamist clerics, jurists
and scholars in Saudi Arabia. On September 14, for example, the Saudi Salafi scholar Sheikh
Salman al-Awda published a personal letter to Osama bin Laden—addressing him as "Brother
Osama"—that is critical of the burdens placed on Muslims by al-Qaeda's actions. Sheikh al-Awda
enumerates virtually every problem currently faced by Muslims around the world and appears to
place them at the feet of bin Laden and al-Qaeda. Indeed, it only appears that he is placing them
at bin Laden's feet because Sheikh al-Awda's criticism is not of the fire-breathing variety and he
carefully avoids making any attempt to denigrate bin Laden's character or even gingerly question
his status as a good Muslim. "We are all humans," Sheikh Awda said in reference to bin Laden. "No
matter how much we disagree with any person regardless of his approach, we cannot remove him
from the circle of Islam, unless he commits a sin of unbelief." On this basis, it must be assumed
that al-Awda has concluded that Osama bin Laden is continuing to act within the "circle of Islam,"
which clearly dulls the sharp edge of al-Awda's letter [1].
In addition, al-Awda delineates a version of Islamic theology in condemning al-Qaeda's martial
activities that not only decries war, but makes Islam and its Prophet appear to be pacifist in
orientation. In rewriting Islamic history, for example, the sheikh comes up with the following claim:
"The Prophet, God's prayer and peace be upon him, conquered and subjugated the entire peninsula
without any massacres. In fact, the number of those killed when the Prophet, God's prayer and
peace be upon him, was alive performing his mission—23 years [in length]—was approximately
200 or less, and the number of Muslims among them could be many times as much as their
enemies" [2]. This is simply not true, and one needs only to skim Martin Lings' extraordinary
biography of the prophet—Muhammad, His Life Based on the Earliest Sources—to see the far
greater casualties and deliberate executions resulting from the Prophet's military campaigns [3].
There is every possibility that Sheikh al-Awda's condemnation of bin Laden and al-Qaeda is part of
the Saudi regime's effort to disinform Western governments and publics, and to disguise the fading
domestic authority of the country's religious establishment. Saudi authorities clearly are engaged in
a campaign to create a public record of anti-al-Qaedaism before al-Qaeda's next attack in the
United States. Coming as it does from a man who had been bin Laden's theological role model,
Sheikh al-Awda's letter is meant to convince the West's gullible political leaders and media that
Saudi clerics have changed and now are effectively supporting the West's anti-terrorism campaign.
"Do we not hear the voices of the ulema," al-Awda asks bin Laden in his letter, "the sincere, the
believers, and the worshippers who always remember God shouting and saying the same as the
Prophet, God's prayer and peace be upon him, said when Khalid Bin-al-Walid, the supreme
commander of the Muslim army, made a mistake, 'O God, I dissociate myself from what Khalid
did?...Many of these people, in fact most of them, now say: 'O God, we dissociate ourselves from
what Osama does, and from the deeds of those who work in his name or under his command" [4].
This, of course, is not true on three levels. First, bin Laden and al-Zawahiri have long been waging
an incrementally successful campaign to denigrate the honesty and integrity of what they refer to
as "the scholars of the king," those clerics who will condone anything the Saudi king wants whether
or not it accords with the Quran. Al-Awda, once a pro-Islamist cleric, is now preeminently a
"scholar of the king" and is regarded as such by both the Islamists and many of his own
countrymen. Al-Awda served time after 1994 in Saudi prisons and thereafter emerged much more
Page 1
amenable to the wishes and policies of the al-Sauds, an affect that seems a common post-prison
reality in much of the Muslim world. "My brother Osama," al-Awda wrote in his letter, "brothers of
yours in Egypt, Algeria and other Muslim countries have realized the consequences and dangers of
this road [or jihad], and have found the courage to announce through books, programs, and
internet websites that this road is wrong, and does not leave to the aim, and to ask God Almighty
to forgive them. They have announced their repentance of what has happened" [5]. Sheikh alAwda does not mention that all of these repenters did so after emerging from long residence in
Egyptian, Moroccan and Algerian prisons, and offers no ideas about what caused—perhaps
persuaded is a better word—these men to repent.
Next, the repentant words of Sheikh al-Awda and his now right-thinking clerical colleagues have
little impact on either the Islamists or their supporters, and not much more on the general Muslim
public. This is not because al-Awda and the others are not smart, distinguished and respected men.
It is because they are under the control of the security services of such police states as Saudi
Arabia, Egypt, Algeria, Morocco and Jordan. Islamic law, history and tradition clearly show that
clerics or leaders who repent previously strongly held theological positions while in or after leaving
prison are regarded as having been coerced to do so. They are, therefore, not regarded as credible
and authoritative leaders. Likewise, penitent statements by men living under the control of Islamic
police states are also suspect. In short, al-Awda's letter serves the al-Sauds' disinformation
purposes, but has very little impact on al-Qaeda, its Islamist allies and their supporters [6].
The second issue—a split among the Taliban and al-Qaeda factions led by bin Laden and alZawahiri—also stretches credulity. Stories to this effect have appeared in the London Sunday
Telegraph and Newsweek, and are attributed to Omar Farooqi—who is identified as "a Taliban
liaison officer with al-Qaeda"—and unnamed U.S. and UK intelligence officials [7]. Farooqi's
motivation for providing this information to Western reporters is not described, nor is his rationale
for intentionally trying to damage his Taliban masters and their interests by disclosing the
Islamists' disunity to the West. While there currently is no way to evaluate the accuracy of
Farooqi's claims, realities on the ground in Afghanistan seem to belie them. In just the past month,
for example, President Hamid Karzai's hard-pressed regime has offered to negotiate with the
Taliban; the Taliban and al-Qaeda felt secure enough to hold a conference in Tora Bora, near
NATO's strongest military positions; and Taliban attacks have accelerated in and around Kabul,
including three suicide car bombings in the capital between September 28 and October 6. These
on-the-ground facts do not suggest the Taliban and al-Qaeda are suffering from a debilitating
three-way split [8].
The third issue—al-Zawahiri's pushing aside bin Laden—was broached in the September 9
Washington Post article by Dr. Bruce Hoffman, probably America's most incisive terrorism analyst.
In his essay, Dr. Hoffman argued that "we need to drop our preoccupation with Osama bin Laden"
and understand that America's "most formidable nemesis is not the Saudi terrorist leader but his
nominal deputy, Ayman al-Zawahiri" [9]. Dr. Hoffman claimed that "mounting evidence" shows that
bin Laden had been shoved by al-Zawahiri into "premature forced retirement," and that al-Zawahiri
is now al-Qaeda's main leader, operational strategist and "new public face." As "evidence," Dr.
Hoffman cites the undeniable fact that al-Zawahiri has appeared with much greater frequency than
bin laden in al-Qaeda audio and video tapes, and "Asian intelligence sources" who claim "it has
been two years since bin Laden reportedly chaired a meeting of al-Qaeda's Majlis al-Shura—the
movement's most senior deliberative body."
As an initial response, one could argue that if the foregoing is accurate, the July National
Intelligence Estimate (NIE) was either troublingly ill-informed or disingenuous when it concluded
that al-Qaeda is rebuilt, internationally potent, and operating with bin Laden at the helm. There is
no basis for the NIE to have been as dire as it was if an al-Zawahiri-led coup had just taken place
in al-Qaeda. Counting videos, moreover, hardly seems a sound basis for assessing the status of alQaeda leaders. If it was a reliable tool, then neither bin Laden nor al-Zawahiri would be in the
running for al-Qaeda's leadership because Sheikh Abu Yahya al-Libi has been seen in more videos
in 2007 than either man. As the always precise IntelCenter noted in mid-September, "Abu Yahya al-
Page 2
Libi is now the most visible face of al-Qaeda" [10]. In addition, bin Laden for more than a decade
has demonstrated that he knows something we in the West forgot long ago—the power of silence.
The fact that his recent tapes dominated the media for most of a week shows that bin Laden
remains a master at capitalizing fully on his long periods of silence.
Dr. Hoffman's reference to "Asian intelligence" certainly is interesting, but one must, with respect,
suggest one of four conclusions about its viability: (A) If it is true, U.S. and NATO forces should
have been able to wipe out the Majlis al-Shura and much of al-Qaeda—though not bin Laden—
based on Asian information about the timing and deliberations of the Shura's meetings over two
years; (B) If it is true, and the Majlis has not been destroyed, one of America's Asian allies
apparently did not share highly actionable data with Washington; (C) If it is true, and the Majlis
has not been destroyed, Western authorities must have decided not to attack, perhaps because the
Shura meets in Pakistan; and, (D) The information is not true.
Without the pertinent classified information, we cannot make a definitive evaluation of the "Asian
intelligence" reporting. In addition to the NIE's failure to mention what would inevitably be the
damaging and perhaps fatal impact of al-Zawahiri's takeover, we also have failed to see any
comments from the many al-Qaeda members who have sworn personal allegiance to bin Laden and
have intense personal affection for him. It is nearly inconceivable that such comments would not
have surfaced if al-Zawahiri had forced bin Laden into "retirement." In addition, al-Zawahiri is a
sharp-edged and avuncular personality who is known more for his alienating intellectual inflexibility
and arrogance, Egypt-centrism and imperiousness, rather than such attractive qualities of bin
Laden as his combat experience and war wounds; his personal humility and inclusiveness; and his
soaring almost poetic eloquence in the Arabic language. Al-Zawahiri's personal prickliness was
damagingly divisive when he was the chief of the all-Egyptian group known as the Egyptian Islamic
Jihad—his unilateral decision to join al-Qaeda in February 1998 is only one of many examples—and
these characteristics probably would cause a near-fatal fracturing of the multi-ethnic and
multinational al-Qaeda faster than any other single factor.
Yet, as the saying goes, we should never say never and hope that Dr. Hoffman's sources are
correct. Al-Zawahiri's ascendance from theologian-in-chief—which, as DNI Director Mike McConnell,
said, he has long been—to al-Qaeda's overall leadership potentially would be a major step toward
its final destruction as an effective organization [11]. Aside from the intense animosities that alZawahiri's harsh treatment of bin Laden would earn from the Saudi's loyalists, his arrogance and
Egypt-first orientation would decrease al-Qaeda's focus on the far enemy, the United States.
On this point, it is difficult to find evidence to support Dr. Hoffman's contention that it was alZawahiri who "more than a decade ago, defined al-Qaeda's strategy in terms of 'far' and 'near'
enemies. The United States is the 'far' enemy whose defeat…was an essential prerequisite to the
elimination of the 'near' enemy," the Muslim world's police states [12]. Al-Zawahiri's position
always was that the 'near' enemy—in his case Hosni Mubarak's Egypt—comes first; the EIJ's motto,
in fact, amounted to something akin to "the road to Jerusalem must first pass through Cairo." In
the contest between giving priority to the "near" or the "far" enemy, it was bin Laden who changed
al-Zawahiri's mind, not vice versa [13]. In this light, al-Zawahiri as leader—and the likelihood that
he would favor al-Qaeda's Egyptians for senior positions—would weaken al-Qaeda's U.S. focus and
reawaken the nationalist orientations of al-Qaeda's constituent groups that bin Laden had never
been completely successful in suppressing. This scenario would be undiluted good news for the
United States and it should be ardently desired. There is no evidence at the moment, however, that
we are seeing this delightful scenario play itself out, and we ought to keep in mind what Patrick
Henry once warned against as "the phantom delusions of hope."
Michael Scheuer served as the Chief of the bin Laden Unit at the CIA's Counterterrorist Center from 1996 to 1999 .
Notes
1. Sheikh Salman al-Awda, "Letter to Osama bin Laden," September 14, 2007, www.islamtoday.net, and Turki al-Saheil,
"Reaction to Salman al-Ouda's Bin Laden Letter," Asharq al-Awsat, September 18, 2007.
2. Al-Awda, "Letter to Osama bin Laden," September 14, 2007, op. cit.
Page 3
3. Martin Lings, Muhammad, His Life Nased on the Earliest Sources, Rochester, Vermont: Inner Traditions International,
1983.
4. Al-Awda, "Letter to Osama bin Laden," September 14, 2007, op. cit.
5. Ibid.
6. The recent warning by the Saudi Grand Mufti, Sheikh Abdel-Aziz Al al-Sheikh, against allowing young Saudis to go to Iraq
to fight the U.S.-led coalition and the Shiites is a case in point of the Saudis saying what the West wants to hear. If the
Grand Mufti's strictures were efficiently implemented by the Saudi regime, he and it would be regarded as anti-Islamic by
the bulk of the population, and the country's already numerous anti-al-Saud militants would multiply. A more accurate
gauge of the Saudis' kid-glove handling of jihadis is their recent decision to give $2,600 to each of the 55 Saudis who were
returned by the U.S. from Guantanamo Bay and "temporarily release" them from custody so they could celebrate the endof-Ramadan holiday with their families. See, "Saudi cleric issues warning over Saudi militants," Reuters, October 1, 2007,
and "Saudi to temporarily release 55 former Guantanamo detainees, give them money," Associated Press, October 6, 2007.
7. Sami Yousafzai and Ron Moreau, "Bin Laden losing control of al-Qaeda," reprinted from Newsweek in Pakistan's Daily
Times, September 25, 2007, and "Zawahiri Replaces Bin Laden as al-Qaeda Chief, London Sunday Telegraph, September
16, 2007, reprinted in Ibid., September 17, 2007.
8. Matthew Fisher, "Afghanistan foes ready to tango?" National Post, October 1 2007, and John Ward Anderson, "Attacks by
Taliban increase, approach Afghanistan capital," Boston Globe, September 28, 2007.
9. Bruce Hoffman, "Zawahiri: The man who brought al-Qaeda back," Washington Post, September 9, 2007.
10. Sheikh Abu Yahya al-Libi, "Dots on the Letters," IntelCenter, 12 September 2007.
11. "Zawahiri, not bin Laden, is al-Qaeda 'intellectual leader': intel chief," Agence-France Presse, September 11, 2007.
12. Bruce Hoffman, "Zawahiri: The man who brought al-Qaeda back," op. cit.
13. For a more complete discussion of who influenced who, see Through Our Enemies' Eyes. Osama bin Laden, Radical
Islam, and the Future of America. Revised Edition, Dulles, VA: Potomac Books, 2006, pp. 182-186, and Abdel Bari Atwan,
The Secret History of al Qaeda, Berkeley, CA: University of California Press, 2006, pp. 75-80.
Table of Contents
Mysterious Transmissions Assaulting Israeli Satellite TV Broadcasts
By The Associated Press, International Herald Tribune, 10 October 2007
JERUSALEM: Israeli satellite TV viewers have for the past month had their favorite programs
disrupted by electronic snowstorms, variously said to be caused by the radar of U.N. patrol boats,
Russian spy ships or Israel's military. On Wednesday the satellite TV company was said to be near
collapse.
The interference began on Sept. 6, the day Israeli warplanes slipped past Syria's Russian-made air
defense systems, attacked a military target deep inside the country and escaped unchallenged.
Israeli has maintained an almost total official silence over the strike, which Syria said hit an unused
military installation.
Since then, desperate viewers of "Desperate Housewives," frustrated followers of "The Bold and the
Beautiful" and other TV lovers have been bombarding the switchboard of Israeli satellite
broadcaster "Yes" and have launched a 122 million shekel ($30 million, €21.37 million) class action
suit against the company, for failing to deliver the goods.
The interruptions have led to canceled subscriptions and forced Yes to seek to pacify its half-million
subscribers with free movies. The competing commercial TV distributor, "Hot," uses cables and has
not been affected.
The Haaretz newspaper on Wednesday quoted an unnamed Yes executive as saying the Yes
company would collapse if the interference continues another month. The paper said Yes has
enlisted the Israeli military to trace the source of the problem. The army had no immediate
comment, and the Yes spokeswoman could not be reached.
The prime suspect at the moment appears to be the United Nations peacekeeping force in Lebanon,
UNIFIL, which has ships at sea, just north of Israel.
Israeli Foreign Ministry spokesman Mark Regev said technical experts from the ministry and the
U.N. were in contact over the possibility that UNIFIL was the source of the transmissions, and the
United Nations was ready to cooperate if it was proven responsible.
Page 4
In Lebanon, senior UNIFIL official Milos Strugar said both Lebanese and Israeli authorities had told
the force of electronic problems and the reports were being investigated.
"At the moment it is not clear what is causing the interference," he said.
The Israeli daily Yediot Ahronot on Tuesday pointed to Moscow as another possible culprit, quoting
an unnamed Israeli security official as saying Moscow was suspected of beaming signals at Israel to
try to probe its military electronic capability in the wake of the Sept. 6 raid on Syria and as an
expression of its anger at Israel for making Syria's Russian radar appear impotent.
"I believe that they sent ships to the region equipped with electronic warfare systems...to try and
examine Israel's capabilities in electronic warfare and also to give trouble to those who gave them
trouble," the official said, according to the paper. "The Russians have an entire fleet of electronic
warfare ships that are disguised as merchant ships."
The Russian defense ministry refused to comment on the allegations.
Another Yediot Ahronot story, by the paper's diplomatic correspondent, quoted an unnamed
government official as saying that the answer to the riddle could lie in Israel itself, with the
emissions coming from military radar.
Table of Contents
US Army Medics Win Some Hearts and Minds
By Fawzia Sheikh, Inter Press Service News Agency, 10 October 2007
KANDAHAR, Oct 10 (IPS) - Colourfully-clad Afghan villagers with dirty, barefoot children sit outside
a makeshift coalition clinic in a tiny village in Kandahar province, impatiently awaiting their turn to
see the medics.
Today, the common ailment medical staff report is children infected with worms, their distended
stomachs and diarrhoea are tell-tale signs of a life lacking proper hygiene. Running water is scarce
in this impoverished part of the country, which has seen the brunt of fighting in the six-year war.
By the end of the day, Capt. Maureen Sevilla of the South Carolina National Guard and her
colleagues have dispensed several boxes of multivitamins to help alleviate the problem, often
handing the supplements to children only slightly older than their sick siblings. Sometimes their
parents are nowhere to be found.
United States and coalition efforts to win the Afghan people's trust by offering free medical
assistance and undertaking reconstruction projects like roads and schools have prompted locals to
be more cooperative, revealing roadside bombs and Taliban members, U.S. commanders say. But
these attempts have failed to stem some Afghans' views that little progress is being made six years
following the country's invasion.
Nonetheless, coalition forces are pleased with their efforts.
Following one medical outreach operation villagers quickly changed their mind about American
troops, whom the Taliban had described as "bad", said Maj. Charles Blankman, a U.S. army
physician's assistant located at a forward-operating base outside of Kandahar airfield, a small
facility of military personnel located beyond the main military base.
"It does a lot of good ... for counterinsurgency operations," Blankman said of the medical services
offered to Afghans. "People are very thankful to you". The medical outreach programmes, though
limited, convey to civilian Afghans that their government wants to help them, he added.
In all cases, the coalition tries to "put an Afghan face" on the clinics by soliciting the help of Afghan
doctors and nurses, he continued. The coalition usually travels with 30 to 40 Afghan police officers
who undertake security, searches and hand out humanitarian assistance supplies such as food and
even coloring books, while Western troops try to remain in the background, said Blankman.
Blankman's forward-operating base carries out two such medical clinics each month depending on
the security situation of a particular area, but is reluctant to publicise events for fear the Taliban
might find out.
Page 5
It is at these types of community outreaches that U.S. army Col. Thomas McGrath, commander of
the Afghan Regional Security Integration Command- South based at Kandahar airfield, hopes to
obtain information about the insurgency from local Afghans.
"When people feel they have security, they're more likely to give up intelligence," McGrath said in
an interview with IPS, echoing a well recognised principle of counterinsurgency.
Coalition forces recently distributed leaflets in an eastern town urging people to identify Taliban and
set up a hotline that received 200 or 300 calls in a couple of days, he said. Three or four tips
typically become successful leads, he explained, adding the sheer number of calls indicates locals
want economic viability, schools and hospitals.
"The funny thing (is) the Taliban were calling too and they were pissed," he said. He said the next
day the Taliban, thousands of who have been killed over the last six months, planted an explosive
device close to the U.S. military base in an effort to reassert themselves.
In certain southern Afghan towns, however, villagers have refused to share information with
coalition forces, telling them that, "'I can't, because you're going to leave here and they'll cut my
head off,'" McGrath explained. Afghans live in constant fear of the Taliban, who recently executed
police officers in a nearby town square "just to spread terror," he said.
In some cases Afghans have paid mob protection money to the Taliban, who have also demanded
food and shelter from villagers and disperse when the coalition arrives, according to a U.S. air force
intelligence officer. He spoke on condition of anonymity.
In an effort to separate the insurgents from the general population -- and thereby gain more
intelligence from civilians who feel more secure -- the U.S. military is also investing in biometrics
programmes allowing forces to take a census of towns and villages, McGrath added. This initiative
includes obtaining electronic fingerprints, photos, addresses and phone numbers, making it more
difficult for Taliban to slip undetected into an area, he said.
Coalition forces entering a new area need to win over the village elder controlling the town before
the other residents will follow suit, the intelligence officer told IPS.
One way to curry favor is through rebuilding initiatives financed by the Commanders Emergency
Response Programme fund, a military programme providing funds for U.S. troops to assist Iraqis
and Afghans with critical reconstruction and assistance projects. Commanders on the ground are
able to provide assistance in a streamlined fashion, which means money is immediately available to
respond to needs.
CERP projects, undertaken by Afghans, have included building roads, schools, mosques, wells,
clinics, among other things. Western military efforts to establish the Afghan government's
legitimacy by helping it to focus on the needs of its people and impose security has received mixed
appraisals across the country.
Isa Mohammed, an 18-year-old farmer with a wife in southern Afghanistan's Zabul province, said
he believes life is better now than under the Taliban regime of the 1990s, pointing to the
construction of roads and hospitals over the years. Prior to the election of President Hamid Karzai,
the country had no economy but now farmers may export grapes, almonds, wheat and other
commodities, he said.
Other Afghans, however, are disenchanted by the state of the country several years after the hated
Taliban regime was toppled in 2001. This is particularly so following a spate of bomb attacks over
the last few weeks in the capital Kabul, known for being much quieter than the volatile south.
Yet, busy downtown thoroughfares indicate the inherent danger of life in Afghanistan -- a heavily
armed society where restaurant patrons check their weapons at the door and criminal gangs
abduct victims for money -- has still not deterred them from going about their normal business.
"I prefer the Taliban for peace," declared Dr. Razia Kamal, a 28-old-year-old gynaecologist shopping
at the Faryad Trading Center on Flower Road with her younger sister Raihana, 20, in the middle of
Ramadan (Ramzan). Her parents escaped to Pakistan years ago and only recently returned, but she
is unsure whether she will remain in the country of her birth if violence persists.
Page 6
When reminded that the Taliban would severely curtail educational and job opportunities for her if
it resumed power, Kamal responded: "When women are not living, what education is there for
them? Life is more important than education."
Sabghat Ullah, a 28-year-old clothing store owner, lamented the fact that Americans and other
foreigners came here to stabilise Afghanistan but peace from Taliban terror was still elusive. "Two
days, two explosions," he grumbled. "No country is stopping them."
Table of Contents
Information Unit Activated At Norwich Campus
By Wilson Ring, Associated Press, October 14, 2007
NORTHFIELD -- The Vermont National Guard formally activated a new unit Saturday whose mission
will be to train Air Force personnel to fight wars in cyberspace.
The 229th Information Operations Squadron will be based at the National Guard armory on the
campus of Norwich University.
"If you don't know what information operations is, it's the future”, Maj. Gen. Michael Dubie, the
adjutant general of the Vermont National Guard, said at Saturday's ceremony.
The Vermont Air National Guard's role in training military came after the Sept. 11, 2001, attacks on
the United States, Dubie said.
"Within about, I would say, two, 2 1/2 years (of being given the mission), the Air Force told us they
couldn't operate without us," said Dubie.
As an example of the power of cyber warfare, Dubie pointed to a cyber attack on the computer
systems of the government of the European nation of Estonia.
Estonian government officials said more than 1 million computers from around the world were used
to attack the country's computers. The attacks targeted government offices and corporations,
including the Baltic country's six major banks.
"There are attacks every day on our government infrastructure; there are attacks every day on our
government Web sites”, Dubie said. "We can't operate without the systems of our cyber network."
The 229th will train airmen from around the world via the Internet, said Vermont Air National
Guard Master Sgt. Bill Cunningham.
Before the creation of the squadron, the people involved with the information technology training
were on loan from other guard units, Cunningham said.
"Information operations is the way of the future," Cunningham said. "It's a way we can leverage
information and put some non-kinetic options on the table in the war fight."
Kinetic options refers to traditional warfare using bombs and bullets. Information operations are
more than just working with computer networks.
"Instead of bombing a target maybe we will talk to the populace, win some hearts and minds, tell
them how best to surrender," Cunningham said.
Table of Contents
Secret Tech Unit at McChord AFB Guards against Cyber Attack
By The Associated Press, Seattle Times, 15 October 2007
TACOMA, Wash. — The Air Force is recruiting for a [] Reserve unit at McChord Air Force Base for
cyberspace warfare.
The job of the 262nd Information Warfare Aggressor Squadron is to protect military computer
networks from online attacks.
The unit was commissioned in 2002 and has about 100 members. Their day jobs are mostly as
computer techies. Like other reservists they put in one weekend a month and two weeks a year on
duty at McChord.
Page 7
A spokesman for the Natural Guard base at Camp Murray, Major Philip Osterli, says the unit is
defensive in nature and does not have a charter to conduct computer attacks.
This year, at the urging of Congressman Adam Smith, the defense budget includes $800,000 to
design a new operations facility for the 262nd at McChord.
Table of Contents
An Internet Jihad Sells Extremism to Viewers in the U.S.
By Michael Moss And Souad Mekhennet, New York Times, 15 October 2007
When Osama bin Laden issued his videotaped message to the American people last month, a
young jihad enthusiast went online to help spread the word.
“America needs to listen to Shaykh Usaamah very carefully and take his message with great
seriousness,” he wrote on his blog. “America is known to be a people of arrogance.”
Unlike Mr. bin Laden, the blogger was not operating from a remote location. It turns out he is a 21year-old American named Samir Khan who produces his blog from his parents’ home in North
Carolina, where he serves as a kind of Western relay station for the multimedia productions of
violent Islamic groups.
In recent days, he has featured “glad tidings” from a North African militant leader whose group
killed 31 Algerian troops. He posted a scholarly treatise arguing for violent jihad, translated into
English. He listed hundreds of links to secret sites from which his readers could obtain the latest
blood-drenched insurgent videos from Iraq.
His neatly organized site also includes a file called “United States of Losers,” which showcased a
recent news broadcast about a firefight in Afghanistan with this added commentary from Mr. Khan:
“You can even see an American soldier hiding during the ambush like a baby!! AllahuAkbar!
AllahuAkbar!”
Mr. Khan, who was born in Saudi Arabia and grew up in Queens, is an unlikely foot soldier in what
Al Qaeda calls the “Islamic jihadi media.” He has grown up in middle-class America and wrestles
with his worried parents about his religious fervor. Yet he is stubborn. “I will do my best to speak
the truth, and even if it annoys the disbelievers, the truth must be preached,” Mr. Khan said in an
interview.
While there is nothing to suggest that Mr. Khan is operating in concert with militant leaders, or
breaking any laws, he is part of a growing constellation of apparently independent media operators
who are broadcasting the message of Al Qaeda and other groups, a message that is increasingly
devised, translated and aimed for a Western audience.
Terrorism experts at West Point say there are as many as 100 English language sites offering
militant Islamic views, with Mr. Khan’s — which claims 500 regular readers — among the more
active. While their reach is difficult to assess, it is clear from a review of extremist material and
interviews that militants are seeking to appeal to young American and European Muslims by
playing on their anger over the war in Iraq and the image of Islam under attack.
Tedious Arabic screeds are reworked into flashy English productions. Recruitment tracts are issued
in multiple languages, like a 39-page, electronic, English version of a booklet urging women to join
the fight against the West.
There are even online novellas like “Rakan bin Williams,” about a band of Christian European
converts who embraced Al Qaeda and “promised God that they will carry the flag of their distant
brothers and seek vengeance on the evil doers.”
Militant Islamists are turning grainy car-bombing tapes into slick hip-hop videos and montage
movies, all readily available on Western sites like YouTube, the online video smorgasbord.
“It is as if you would watch a Hollywood movie,” said Abu Saleh, a 21-year-old German devotee of
Al Qaeda videos who visits Internet cafes in Berlin twice a week to get the latest releases. “The
Internet has totally changed my view on things.”
Page 8
An Internet Strategy
Al Qaeda and its followers have used the Internet to communicate and rally support for years, but
in the past several months the Western tilt of the message and the sophistication of the media
have accelerated. So has the output. Since the beginning of the year, Al Qaeda’s media operation,
Al Sahab, has issued new videotapes as often as every three days. Even more come from Iraq,
where insurgents are pumping them out daily.
That production line is the legacy of one man: Abu Musab al-Zarqawi, the former leader of Al
Qaeda in Mesopotamia who was killed in June 2006 by American bombs.
Mr. Zarqawi learned the power of the Internet in prison, according to a former associate who was
imprisoned with him in Jordan a decade ago. Mr. Zarqawi’s jailhouse group of 32 Islamists sought
to recruit other prisoners by handwriting a newsletter, Al Tawheed, when it discovered a larger
audience.
“We sent them outside, to brothers in Europe and England,” who posted the newsletters on militant
Web sites, the associate said, asking not be identified because he said he is involved with Islamist
activities.
In Iraq, Mr. Zarqawi embraced the video camera as a weapon of war. “He made the decision that
every group should have a video camera with them, and every operation should be taped,” said a
Palestinian militant who went to Iraq in 2005 to teach foreign fighters from Morocco and parts of
Europe how to build bombs and stage roadside attacks.
Two Lebanese intelligence officials confirmed that the Palestinian, who goes by the nom de guerre
Abu Omar, had worked with Mr. Zarqawi in Iraq, and he played a video of foreign fighters in Iraq for
reporters of The New York Times.
Abu Omar, 37, a muscular man who carried a Glock 21 pistol tucked into the belt of his camouflage
pants during an interview at his home in Lebanon, said Mr. Zarqawi also had him tape his
bombmaking classes so his expertise would not be lost if he were killed.
“We had two cameramen, people who learned how to do this before they came to Iraq,” Abu Omar
said. “And after filming, we had different houses in the area where we made the videos.”
Dahia al-Maqdassi, 26, a Palestinian who said he produced insurgent videos in Iraq two years ago,
said, “In every city in Iraq they had a little office where someone did film operations.” He described
his “media section” as a house near Falluja where 6 to 10 people worked. “We finished the film and
then sent it to jihadi Web sites,” Mr. Maqdassi said.
Propaganda Rap Video
One of the most influential sites is Tajdeed, which is based in London and run by Dr. Muhammad
Massari, a Saudi physicist and dissident. Over lunch at a McDonald’s near his home, Dr. Massari
said Mr. Zarqawi’s insurgent videos from Iraq inspired local productions like “Dirty Kuffar,” the
Arabic word for nonbeliever. The 2004 rap music video mixed images of Western leaders with
others purporting to show American troops cheer as they shot injured Iraqi civilians.
Dr. Massari, who helped promote the video, said similar crossover productions soon followed and
made their way to his Web site.
“I never touch the videos that are on my forums,” said Dr. Massari, who wears a long white Arabic
robe. “Someone with Al Qaeda uploads them, probably at Internet cafes, to password-protected
sites. Then they call a friend, say, in Australia or Brasília, and say, ‘Hi Johnny, your mom is
traveling today.’ That is the code to download the video. It goes up and down like that a few times,
with no trace, until someone posts a link on my site.”
Last spring, Al Qaeda made what analysts say was a bold attempt to tap potential supporters in the
United States. In a videotaped interview, Ayman al-Zawahri, a bin Laden lieutenant, praised
Malcolm X and urged American blacks and other minorities to see that “we are waging jihad to lift
oppression from all of mankind.”
Page 9
The tape quickly found an audience. Mr. Zawahri “cares about black people,” wrote a blogger with
Vibe, the American hip-hop and urban culture magazine, which claims 1.6 million visits a month.
“At least, I think that’s why he’s quoting Malcolm X in his latest mix tape, which dropped last
weekend.”
Umar Lee, a 32-year-old Muslim convert from St. Louis, offered a stinging critique of Mr. Zawahri
on his blog for Muslim Americans, criticizing “the second-class status many blacks live in right in
the Arab World.” Soon, Mr. Lee’s blog churned with commentary on the parallels between Arab and
black American radicals.
A four-minute version of the hourlong Qaeda video, entitled “To Black Americans,” has logged more
than 1,800 views on YouTube in the four months since it was posted.
Among those who posted a link to the YouTube version was Mr. Khan, the North Carolina blogger
who said he was struck by the simplicity in the messages of both Al Qaeda and Malcolm X. “They
are geniuses for having the ability to mold their ideology into simple yet influential messages that
can reach the grass-roots level,” he said.
Mr. Khan produces his blog anonymously, but was identified by The Times through the e-mail
account he used in previous online discussions. (Pictures he had posted online helped The Times
distinguish him from another, unrelated North Carolina resident, about 10 years older, who has the
same name.)
In an interview at a local mosque, where he sat on a prayer rug wearing a traditional Arabic robe,
Mr. Khan traced his increasing militancy.
His blog has attracted enough notoriety that vigilante groups opposed to jihadi sites have gotten
him shut down a few times in recent months. He said he was somewhat surprised he had not been
confronted by government authorities, although, he said, “I’ve never told anybody to build bombs.”
His early postings, beginning in 2003, promoted strengthening Islam in North America through
nonviolent confrontations. But with the escalating war in Iraq, bloodshed became a recurrent
theme.
He described his favorite video from Iraq: a fiery suicide-bomber attack on an American outpost.
“It was something that brought great happiness to me,” he said. “Because this is something
America would never want to admit, that they are being crushed.”
Asked how he felt living among people who had sent soldiers to Iraq, Mr. Khan said: “Whatever
happens to their sons and daughters is none of my concern. They are people of hellfire and I have
no concern for them.”
A Teenage Transformation
Born in Riyadh, the capital of Saudi Arabia, Mr. Khan was 7 when his family moved to New York City
and settled into the Queens neighborhood of Maspeth.
He mirrored his teenage peers, from their slang to their baggy pants, until August 2001 when, at
age 15, he said, he attended a weeklong summer camp at a mosque in Queens, which was
sponsored by a fundamentalist but nonviolent group now known as the Islamic Organization of
North America (IONA).
“They were teaching things about religion and brotherhood that captivated me,” Mr. Khan said. He
said he went back to school knowing “what I wanted to do with my life: be a firm Muslim, a strong
Muslim, a practicing Muslim.”
He prayed more regularly. He dressed more modestly. He stopped listening to music except for
Soldiers of Allah, a Los Angeles hip-hop group, now defunct, whose tunes like “Bring Islam Back”
continue to have worldwide appeal among militant youths.
He also befriended members of the Islamic Thinkers Society, a tiny group that promotes radical,
nonviolent Islam by leafleting in Times Square and Jackson Heights, Queens.
After moving with his family to North Carolina in 2004, Mr. Khan said, he attended a community
college for three years and earned money selling various products, including kitchen knives.
Page 10
But he began spending chunks of his days on the blog he created in late 2005, “Inshallahshaheed,”
which translates as “a martyr soon if God wills.” The Internet traffic counter Alexa.com, which
rarely is able to measure the popularity of blogs because they do not have enough readers, ranked
his among the top one percent of one hundred million Internet sites in the world.
If Mr. Khan’s extreme rhetoric has won him a wider audience, it has caused him problems at home.
Last year, his father tried to pull him back to the family’s more moderate views by asking an imam
to intervene.
“I tried to bring arguments from the Koran and scholars, and said, ‘Whatever you are thinking it is
not true,’” said Mustapha Elturk, a family friend and the leader of IONA, the Islamic organization
that first inspired Mr. Khan. But Mr. Khan did not budge, he said.
Mr. Khan said he separated from IONA over one matter: the organization would not support violent
jihad without the endorsement of a Muslim nation’s leader, which Mr. Khan argues is unnecessary.
Mr. Elturk said, “His father and family are really scared that he might do something.”
Attempts to Shut Down Blog
From time to time, Mr. Khan said, his father also cut off his Internet access and, to placate him, Mr.
Khan recently added a disclaimer to his blog disavowing responsibility for the views expressed on
the site.
He has also been fending off citizen watchdogs who are working to knock sites likes his off the
Internet. Twice in September his blog went dark when his service provider shut him down, citing
complaints about the nature of his postings.
Mr. Khan has now moved his blog to a site called Muslimpad, whose American operators recently
moved from Texas to Amman, Jordan. Their larger forum, Islamic Network, is the host of
discussions among English-speaking Muslims. One of their former employees, Daniel Maldonado,
was convicted this year in federal court of associating with terrorists at their training camps in
Somalia.
Mr. Khan said that he had dreams about meeting Mr. bin Laden and that he would not rule out
picking up a weapon himself one day. In a recent essay, he argued that jihad was mandatory for all
Muslims, and he cited three ways to fulfill this obligation: join fighters in Iraq, Afghanistan or
Algeria; send them money; or promote militant videos as part of the jihad media.
For now, he said, he is fulfilling his obligations by helping other Muslims understand their religion.
Recently he posted a video of a news report from Somalia showing a grenade-wielding American
who had joined the Islamists.
“He is an example of a Muslim who follows the Religion of Islaam,” Mr. Khan wrote.
Table of Contents
Sex, Lies and DVDs: Propaganda in the Palestinian Territories
By Frida Ghitis, World Politics Review, 10 Oct 2007
JERUSALEM -- Ever since this June's open warfare between rival Palestinians of Fatah and Hamas in
the Gaza Strip, the accusations, recriminations, smears and hoaxes have been flying wildly in the
Palestinian Territories. In addition to the violence that still pits supporters of the Islamic Resistance
Movement, Hamas, against followers of the more secular Fatah, the parties have launched
elaborate publicity campaigns to bolster their own side and discredit the other in the eyes of fellow
Palestinians and the rest of the world.
One of the hoaxes, designed to make Fatah look more reliable to the West and to Israel, even
made its way into the pages of the Washington Post. Others, targeting Palestinian audiences, play
on that society's conservative social values and the already-tarnished reputations of long-standing
political and paramilitary leaders. But perhaps the most dramatic of these efforts, a hoax that was
uncovered before it got very far, sought to heighten fears that Hamas will turn Gaza, where it has
ruled since overpowering Fatah last June, into a Taliban-style enclave of religious extremism.
Page 11
Since Hamas took over Gaza, it is true that more women are wearing the Hijab, or Islamic veil. It is
also true that there have been some attacks on Christian Palestinians, and that Internet cafes have
been burned.
Not content with the existing facts, however, Fatah supporters concocted an elaborate scheme to
dramatize -- complete with horrifying video footage -- what life under Hamas has become. They
invited the Palestinian affairs reporter from the Jerusalem Post to Fatah's General Intelligence
Headquarters in Ramallah to screen the gruesome footage of the lynching of a 16-year-old in Gaza,
killed for dishonoring her family. The reporter, Khaled Abu Toameh, viewed the pictures and
contacted the "witnesses" in Gaza whose number he was given by Fatah. He was horrified. "After
more than 20 years in the business, and just when you think you've seen it all," he wrote in an
article that appeared online, "there's always something that shocks you more than ever."
The online article, however, was suddenly pulled. The story was a hoax. A girl was stoned to death
for falling in love with the wrong boy, but it happened last April in Iraq, not in Gaza.
Fatah is not the only group smearing its rivals. In Gaza, Hamas is circulating a DVD it says comes
from video found in old Fatah offices they overran in Gaza, showing pictures of Fatah officials
having sex with men and boys. Hamas is also showing documents it says it seized from the
Palestinian Preventive Security Offices, including one entitled, "A Large Number of Homosexuals."
The documents and the images were reportedly part of a blackmailing scheme.
Fatah is not taking the charges lying down, so to speak. They claim to have found, among other
displays of sin and corruption, a Hamas religious cleric, an imam, having sex with a boy in the
basement of a mosque, no less.
Not all the campaigns involve sex, lies and videotapes -- or DVDs. The one common element is an
effort to show the other side as corrupt and dangerous, while showing one's own side as
upstanding and preferable by comparison. The other common thread is the effort to weave a
deception into already existing fears -- or hopes.
That's where the Washington Post comes in.
As the date for a November meeting of Middle East players in Annapolis approaches, the West -and many in Israel -- have pinned their hopes on Fatah and its leader, Palestinian Authority
President Mahmoud Abbas. For the dream of peace to become a reality, two things will have to
happen. First, Israel will have to withdraw and hand over territory it now controls to the
Palestinians. Secondly, the Palestinians will have to prevent those territories from being used as
launching pads for attacks against Israel, which is the reason Israel holds the territories to begin
with.
In order to show his willingness and ability to keep the peace, Abbas participated in a hoax that
was uncovered in Israel and reported without correction in the United States. In a Sept. 30
interview, the Washington Post asked Abbas how Israel could compromise, given the continuous
attacks on its cities. His response: "Last night (our security forces) seized two rockets. We handed
them over to the Israelis. We are very worried about these deeds and I think we can put an end to
all this. Our security apparatus is ready to stop all kinds of violence."
The trouble is that Abbas was reporting something that did not happen. Or rather, a lie that grew
out of a tiny grain of truth.
The original report said the PA had seized rockets ready to be launched into Jerusalem. In fact,
there were no rockets. PA officials found some metal pipes that children had been playing with and
handed those over to Israel forces. No real weapons or even potential weapons changed hands,
according to Israeli officials.
Perhaps Abbas was fed the misinformation by his people. But his effort to show his organization as
a muscular force for peace fell short. Either he knew he was telling something that wasn't true, or
he was deceived by his own people. Either way, this is not a sign of strength.
In the flurry of PR campaigns and counter-campaigns by Hamas and Fatah, this instance had its
intended effect in the West.
Page 12
The non-rocket non-story was an effort to show the West and Israel that Fatah is preferable to
Hamas. That hardly required any effort. It was also an attempt to portray Fatah as a true partner
for peace. That may not be all that far from the truth. In fact, the PA, governed by Abbas in the
West Bank, has on occasion prevented attacks on Israelis who strayed into their territory.
But this particular publicity campaign to portray Fatah as a reliable partner for peace was so
warmly received because there is such a longing among those who want peace for Fatah to be
exactly that.
Table of Contents
Countering the Art of Information Warfare
By Peter Brooks, Family Security Matters, 16 October 2007
While France, Germany, the UK and the US do not see eye to eye on everything, there is one thing
they probably can agree on: the growing problem of Beijing's intrusions into their government
computer systems.
Indeed, in the last few weeks, all four capitals have pointed an accusatory finger at Beijing for
attempting to infiltrate - or having succeeded in penetrating - their diplomatic or defence
establishment computer networks.
While snooping by the People's Liberation Army's (PLA) cyber-soldiers on unclassified government
websites and e-mail might be expected, the recent rash of incidents shines a spotlight on a
burgeoning game of Internet cat and mouse.
In the case of China, Beijing's increasing aggressiveness (indeed, ham-handedness) and capability
to infiltrate the computer networks of key countries is setting off alarms across the security
establishment - and rightfully so. Take the US: while modern warfare is increasingly dependent on
advanced computers, no country's armed forces are more reliant in the Digital Age than those of
the US. This is both a great strength and a damning weakness.
Today, the US Department of Defense uses more than 5 million computers on 100,000 networks at
1,500 sites in 65 countries worldwide. Not surprisingly, potential adversaries have taken note of the
US's slavish dependence on bits and bytes.
In an average year, the Pentagon suffers upwards of 80,000 attempted computer network attacks,
including some that have reduced the US military's operational capabilities.
Also, in the last few years, the US Army's elite 101st and 82nd Airborne Divisions and 4th Infantry
Division have been "hacked".
While it is difficult to determine the source, according to the Pentagon, most attacks on the US
digital Achilles' heel originate in China, making Beijing's information warfare (IW) operations an
issue we had better pay close attention to.
IW, including network attacks, exploitation and defence, is not a new national security challenge.
Cyberwarfare was the rage in the late 1990s, but has faded since 9/11 in comparison to the
mammoth matters of Islamic terrorism, Iraq and Afghanistan.
IW appeals to both state and non-state actors, including terrorists, because it is low-cost, can be
highly effective and can provide plausible deniability of responsibility due to the ability to route
strikes through any number of surrogate servers along the way.
An IW attack can launch degrading viruses, crash networks, corrupt data, collect intelligence and
spread misinformation, effectively interfering with command, control, communications, intelligence,
navigation, logistics and operations.
Not surprisingly, rising power China is serious about cyberwarfare, making the development of a
robust IW capability a top national-security priority. China's military planners recognise US - and
others' - dependence on computers as a significant vulnerability.
Page 13
The PLA has invested heavily in developing its cyberwarfare capabilities, including openly
expressing a desire to develop information warfare expertise - and boasting of its growing
sophistication in the field.
The PLA has incorporated cyberwarfare tactics into military exercises and created schools that
specialise in IW. It is also hiring top computer-science graduates to develop its cyberwarfare
capabilities and, literally, creating an 'army of hackers'.
Despite its unprecedented military buildup, the Chinese realise, for the moment, they still cannot
win a conventional war against the US and are, naturally, seeking unorthodox - or asymmetric ways to defeat the US in a conflict over Taiwan or elsewhere.
China is developing weapons, including the so-called 'assassin's mace' that will allow China to
balance the US's military superiority by attacking 'soft spots' such as its high-value computer
networks.
The idea that a less-capable foe can take on a militarily superior opponent also aligns with the
thoughts of the ancient Chinese general, Sun Tzu. In his Art of War, he advocates stealth, deception
and indirect attack to overcome a stronger opponent. Overlaying the still-influential Sun Tzu onto
modern Chinese military thought could lead one to conclude the PLA believes a Chinese 'David'
could, in fact, slay a US 'Goliath' using an asymmetrical military option such as cyberwarfare.
The PLA's US target list is expansive, including command, control, communications, computers and
intelligence nodes, airbases and even aircraft carrier strike groups - China's bête noir in a Taiwan
contingency.
Industrial espionage against government and private defence research, development and
production concerns is also a priority for Chinese cyber-spies, cutting costs and time in support of
Beijing's massive effort to develop a world-class defence industry.
Even more troubling, however, is the assertion among analysts that potential Chinese cyber-strikes
are not limiting themselves to just diplomatic and security-related targets. Private-sector financial
and economic institutions may also be on the PLA's hit list.
Nor is China limiting itself to the US, France, Germany and the UK. Beijing is looking for cyberdominance over other key potential regional rivals such as Delhi, Moscow, Seoul, Tokyo and Taipei.
Wellington also recently reported an incident.
China's IW efforts and activities provide a cautionary tale to US and other policymakers.
Fortunately, many governments have devoted significant resources to cyber-security, including
measures against terrorists and amateur hackers.
The recent Chinese intrusions, however, clearly demonstrate remaining vulnerabilities and IW is
here and now, making it increasingly important - and complementary - to the broad spectrum of
modern warfare.
A 'digital Pearl Harbor' for any country is by no means a certainty, but then again, no one believed
that terrorists would fly aircraft into buildings. The time to take heed of the cyber threat - Chinese
or otherwise - is now.
Table of Contents
Iraqi Insurgent Media Campaign Targets American Audiences
By Chris Zambelis, Jamestown Foundation, 16 Oct 07
Since the September 11 attacks, the internet has emerged as a pillar of radical Islamist
propaganda efforts against the United States by al-Qaeda and other groups. Extremist websites
and chat forums provide radicals and sympathizers with moral and theological justification for acts
of violence and terrorism, acts framed as legitimate self-defense against what is widely perceived
as a U.S.-led campaign against Islam. The internet is also a platform for disseminating tactical,
operational and strategic expertise, to include instructions on constructing explosives, analyses of
battlefield lessons learned and discussions on targeting selection. Perhaps most importantly, the
Page 14
internet enables like-minded militants to associate and communicate anonymously in cyber social
networks. This process reinforces their sense of purpose and duty and encourages solidarity with
the greater cause. Up until recently, however, the overwhelming majority of extremist websites
catered to Arabs and the Arabic-speaking Muslim community, with only a limited number of
websites providing modest sections in English and other languages. This is no longer the case.
Led by the Islamic Army in Iraq, a host of English-language websites linked to Iraqi Sunni insurgent
groups are on the forefront of efforts by militants to reach beyond their traditional support base
and target foreign audiences, namely the American public, by providing English mirrors of their
Arabic websites. The Islamic Army in Iraq is joined in this campaign by the Mujahideen Army, Ansar
al-Sunnah, the al-Fataheen Army, the Islamic Front for Iraqi Resistance and the Islamic Resistance
Movement in Iraq (HAMAS). These groups operate under the auspices of the Reformation and Jihad
Front, an insurgent umbrella group that has been critical of al-Qaeda-linked militants in Iraq,
especially the Islamic State in Iraq (http://iaisite-eng.org; http://www.reformandjihadfront.org).
Websites and chat forums linked to al-Qaeda tend to focus on radical ideological and theological
discourse aimed at attracting recruits to their global cause. In contrast, Iraqi insurgents affiliated
with the Reformation and Jihad Front use Islamist rhetoric combined with Iraqi nationalist discourse
to relay regularly updated reports in English from the battlefield to American audiences. For
example, a section titled "Military Operations" provides a virtual play-by-play account of alleged
insurgent attacks against U.S. and other forces. These reports include the mode and scope of a
given attack, as well as its exact time and location. They also include detailed assessments of U.S.
casualties. A section titled "Filmed Operations" allows users to peruse a list of videos of insurgent
strikes available for download, while the "Media Releases" section allows users to download
propaganda videos and other materials in English. The website also includes regularly updated
sections providing English translations of political statements and other reports. The quality of its
graphics and presentation, as well as the amount of information presented, reflect the group's
Arabic website (http://www.iaisite.org).
The al-Boraq Media Organization—another website linked to the Islamic Army in Iraq—also includes
an extensive English section (http://www.alboraq.info). The website of what is alleged to be a
prolific sniper linked to the Islamic Army in Iraq—nicknamed "Juba" by U.S. forces—also includes
English commentary, including claims of responsibility for the deaths of 668 U.S. soldiers and
videos of sniping operations for download (http://www.baghdadsniper.net). The Islamic Army in
Iraq's website also contains a link titled "Lee's Life for Lies," named after PFC Lee Kendall Tucker, a
U.S. soldier whose USB flash drive was found by insurgents in January 2007. Insurgents used
authentic data available on the flash drive, such as PFC Tucker's social security number, along with
false information to create a phony letter that was presented as having been authored by the
soldier. The letter, which is read aloud in a video available for download using voiceover narration in
American-accented English, describes a hopeless situation for U.S. forces in Iraq amid scenes of
insurgent attacks and other chaos (http://d3130.servadmin.com/~leeflash/; http://www.leeflash.blogspot.com).
The proliferation of sleek English-language websites targeting American audiences reflects a
greater awareness on the part of Iraqi insurgents of the value of influencing domestic American
public opinion. Certainly, one aim of these websites is to reach out to American Muslims and others
who neither speak nor read Arabic. However, the websites linked to the Islamic Army in Iraq
appear primarily concerned with tapping growing domestic popular opposition to the war in Iraq in
the United States by depicting the situation on the ground as hopelessly dire for U.S. forces. The
updated play-by-play accounts in English of alleged insurgent attacks and U.S. casualties, coupled
with sleek presentation and video, allows the insurgents to speak directly to American audiences.
By claiming responsibility for specific attacks resulting in U.S. casualties, the insurgents are also
able to portray themselves as driving the tempo of the conflict, regardless of what the reality is on
the ground. Given recent trends, militant groups in Iraq and elsewhere are increasingly likely to
expand their propaganda efforts online through the use of English-language websites.
Table of Contents
Page 15
Jihadi Forum Users Look for Codes in Bin Laden's September Video
By Abdul Hameed Bakier, Jamestown Foundation, 16 Oct 07
After a relatively long video absence since October 2004, Osama bin Laden resurfaced on
September 8. In the wake of his speech, jihadi forum users continue to discuss his statement and
are eagerly analyzing whether the speech contained codes about a possible upcoming large-scale
terrorist attack.
The responses to bin Laden's speech on the forums are ranging from prayers for his ultimate
triumph over the "Jews and Crusaders," to various translations of his text in order to reach as
many audiences as possible. Two users, however, posted some interesting interpretations of his
speech on the http://muslm.net forum. A user by the name of "al-Asadi" claimed that, for the first
time, al-Sahab productions incorporated a code into bin Laden's video, which contained a special
encryption sequence only available to a few al-Qaeda operatives. Al-Asadi further stated that since
bin Laden only mentioned once that his speech was the last ultimatum to the United States and its
allies means that a new terrorist strike is imminent. Al-Asadi then boasted that his own posting
also contains codes, and claimed that "the signs of the raging storm that precedes the calm are
materializing." He then mocks the director of the CIA and warns that "we will see you in 2008," and
signed his name as "Asadi, the Amir of Washington."
In addition to al-Asadi's postings, another user by the general nickname "Windows XP" attempted
to "break" bin Laden's supposedly coded speech. XP makes note that after 2:08 minutes into the
speech, bin Laden says, "The effects and signs of that are not hidden. Since the 11th…" Then the
video-feed pauses until 2:15, while the audio feed continues. XP claims that these numbers are
significant and must be a signal to mujahideen in the United States. The user makes a number of
similar claims throughout his posting, while ending on a final point that refers to 14:00 minutes
into the tape, when the picture goes stagnant and bin Laden mentions the Kyoto Protocol for global
warming. XP claims that the letters in "Kyoto" and the timing refer to some sort of coded
instructions. While some forum users agreed with his analysis, others found the hypothesis of a
"coded speech" ridiculous.
In response, some users reacted angrily at the discussion of the possible codes, and argued that
revealing jihadi secrets in public forums would damage the jihad. Instead, they encouraged all
users to disseminate bin Laden's speech to the American people through English-language forums
in order to bypass "American censorship." A number of users acquired the English version of bin
Laden's speech and posted it on the forum boards so that it could be distributed. On the
http://muslm.net forum, users posted the English version and then posted various responses from
Americans from English-language forums. They then capitalized on instances where some people in
the English-language forums appeared to agree with some points in bin Laden's speech, and they
included the following posting: "As for what Osama says in this latest speech, I agree with a couple
of things: mainly concerning the fact that we haven't held any of our leaders accountable for
atrocities they have committed or allowed, that the American people ignored intelligence and
allowed the Bush administration to take hold as it has, and that the American people stupidly
elected this man into office twice, pretty much sealing our fate and the fates of our soldiers."
In conclusion, although the analysis of bin Laden's speech by various jihadi users is probably
baseless, it portrays their strong desire to see mass terrorist attacks against the United States. On
the other hand, the attempts to circulate bin Laden's ideas in American forums is a new trend and,
if sustained, could mount to a form of psychological warfare against U.S. citizens.
Table of Contents
U.S.-Financed Radio Stations Try To Reach Listeners in North Korea
By Tim Johnson, McClatchy Newspapers , 15 Oct 07
SEOUL, South Korea | In isolated North Korea, the only legal transistor radios have dials
permanently set to government stations.
Page 16
But smugglers and itinerant traders bring an increasing number of radios into North Korea,
according to anecdotal reports, and that is gratifying news for three tiny broadcasters that beam
information north of the border.
Each night, the three U.S.-financed radio stations crackle onto the air, trying to reach North
Koreans who are brave — or reckless — enough to tune into foreign newscasts in defiance of the
North’s Stalinist regime.
“Greetings from the voice of hope,” began one recent newscast from Open Radio for North Korea.
“We are trying to reach you to provide you with information.”
The three Seoul-based broadcasters — Open Radio for North Korea, Free North Korea Radio and
Radio Free Chosun — each receive about $200,000 annually from the National Endowment for
Democracy, a nonprofit body financed by Congress to promote democracy worldwide.
The broadcasters have different styles and offer different programming.
North Korean defectors operate Free North Korea Radio, which takes a combative line against the
Kim Jong Il regime. Radio Free Chosun broadcasts educational and news programs, and Open
Radio for North Korea offers discussions about democracy and civic affairs.
In some ways, the stations broadcast to a black hole.
They don’t know how many people tune in, and feedback from listeners is extremely limited. All
three broadcast only an hour or two a day. But all think that those who tune in include disaffected
citizens, and maybe some high-level cadres in Pyongyang who are worried about what may be in
store for the world’s last totalitarian regime.
“They know there is no future for their government. So they have to be ready for the change,” said
Young Howard, executive director of Open Radio for North Korea.
For decades, radios have been treated as potentially subversive instruments in North Korea. By
state fiat, all radios are fixed to the frequencies of government propaganda broadcasts. Those who
tinker with radios to get foreign broadcasts face punishment. In the past, that punishment could
include being sent to a labor camp.
Change is in the air, though. Prices of radios in China have fallen to $5, and customs officials
appear to be easing up on the flow of traders across the northern border with China, earning bribes
on the increased trade.
On rare occasions, refugees contact the stations once they flee North Korea, expressing gratitude
for the broadcasts and saying they lifted their spirits.
Kim Seong-min pulled out a handwritten letter that read in part: “Thank you. I got information
from your broadcasts. You are very brave and smart.”
Table of Contents
US Army Enlists Anthropologists
By Kambiz Fattahi, BBC Persian Service, 16 Oct 07
The Pentagon is pulling out all the stops in Iraq and Afghanistan.
It is sending "mine-resistant, ambush-protected" vehicles into the battlefield. It is also using
cutting-edge biometric technologies to identify insurgents.
But that is not all. The US military has developed a new programme known as the Human Terrain
System (HTS) to study social groups in Iraq and Afghanistan.
The HTS depends heavily on the co-operation of anthropologists, with their expertise in the study
of human beings and their societies.
Steve Fondacaro, a retired special operations colonel overseeing the HTS, is keen to recruit cultural
anthropologists.
Page 17
"Cultural anthropologists are focused on understanding how societies make decisions and how
attitudes are formed. They give us the best vision to see the problems through the eyes of the
target population," he said.
But very few anthropologists in the US are willing to wear a uniform and receive the mandatory
weapons training.
In fact, a group known as the Network of Concerned Anthropologists has already circulated a
pledge of non-participation in the Pentagon's counter-insurgency efforts.
'Collective genius'
The Human Terrain System currently includes six teams embedded in military units at the brigade
and division levels in Iraq and Afghanistan.
Each team is composed of at least one social scientist, usually an anthropologist, a language
specialist, and retired army personnel or reservists from special operations, intelligence, and civil
affairs backgrounds.
"You have social scientists to understand the deep complexity of the problems on the ground in the
society and the military personnel who then take that information and help apply it to the military
decision-making process," says Col Fondacaro.
"Together they bring collective genius to the problems," he adds.
The cost of this "collective genius" is about $400,000 (£200,000) annually for each civilian member
of the team, including the soaring cost of kidnapping insurance.
As with many programmes, the Pentagon has partially outsourced the HTS, and defence contractor
BAe Systems hires the social scientists.
'Weaponised anthropology'
Winning the trust of the indigenous populations "is at the heart of the struggle between coalition
forces and the insurgents", BAe's job advertisement for field anthropologists emphasises.
But it has not convinced many anthropologists in the US.
Last year, their largest professional organisation, the American Anthropological Association (AAA),
called for an end to the Iraq war.
Since then, AAA has set up a national commission to review the involvement of anthropologists in
national security work.
Many anthropologists in the US consider it unethical to work with the HTS teams. They are worried
about the potential risks to the human subjects of their studies.
"I feel the need to protect the safety, well-being and interests of those who shared with me their
knowledge and histories. My ultimate responsibility is to protect them," says a social anthropologist
specialising in the Middle East.
A vocal critic, Roberto Gonzalez, professor of anthropology at San Jose State University, accuses
the Pentagon of trying to, as he puts it, "weaponise" anthropology.
He believes that HTS units are likely to operate "as full-blown counterinsurgency teams akin to
what the British employed in the colonies over a half-century ago".
'Alienation'
But Col Fondacaro dismisses such criticism, insisting that the programme is misunderstood.
"This is different from anything we have faced before. It is a new doctrine, new organisation, new
task, and new purpose. People are uncomfortable with new things," he says.
Col Fondacaro believes that since the Vietnam War, many social scientists in the US have been
alienated from government service.
He acknowledges that recruiting a qualified social scientist is a significant challenge.
"There is a very brave and very courageous group of young anthropologists helping. They are
taking significant risks professionally and physically," he says.
Page 18
One of these is Dr Marcus B Griffin, professor of anthropology and sociology at Christopher
Newport University in Virginia, who blogs actively from Iraq.
"I am working out regularly. I cut my hair in a high and tight style and look like a drill sergeant... I
shot very well with the M9 and M4 last week at the range," writes Dr Griffin.
Dr Griffin is not a Middle East Expert. He says on his blog that he specialises in human populations,
the environment, and food.
For Dr Montgomery McFate, a main architect of the HTS, anthropologists' "unique set of skills,
methodologies and perspectives" are key.
"If the lead social scientist in the team does not have a background in the Middle East, other
members must have a strong background in the region to make up for that person. It is a team
effort," says Dr McFate, a cultural anthropologist.
She rejects the criticism that she is trying to "militarise" anthropology but rather "anthropologise"
the Pentagon.
Rapid expansion
US Defense Secretary Robert Gates has authorised $40m (£20m) to expand the Human Terrain
System.
The US Central Command (Centcom) is looking to increase the programme's number of teams in
Iraq and Afghanistan from six to 28.
According to Col Fondacaro, the new teams will be larger; they will have nine members, including
two social scientists.
He also says that officials at the new US Africa Command (Africom) and the US Pacific Command
(Pacom) have also indicated interest in the Human Terrain teams.
The programme, which was being tested on a small scale, is now set to be expanded very quickly
despite the strong objections of many anthropologists.
Table of Contents
New WEP Attack: Caffe Latte Hits Client, Not Access Point
By Glenn Fleishman, Wi-Fi Networking News, 17 October 2007
InfoWorld has a write-up on an upcoming Toorcon presentation by Vivek Ramachandran and Md
Sohail Ahmad: The AirTight Networks researchers have developed an attack they call Caffe Latte; it
uses a laptop’s attempts to connect to WEP-protected networks as the jimmy that lets the cracker
into a position to force the laptop to issue tens of thousands of WEP-encrypted ARP requests, which
are used to crack the network key. Caffe Latte lets the attacker then act as a man in the middle,
providing Internet access from another network while examining the victim’s computer or installing
payloads. This attack can be used anywhere: while whiling away your time at a cafe, you could be
cracked, hence the fancy name.
The application of this attack is interesting, because although the article and
Ramachandran/Ahmad’s Toorcon description talk about business use of WEP, actual WEP use by
corporations is pretty limited. Most companies of any scale are using some form of 802.1X or other
credential-based logins which can’t be subverted by this attack. Companies in retail and logistics
are apparently the most vulnerable, because early Wi-Fi built into retail point-of-sale systems and
scanners used in warehouses are still in wide use, and can only support WEP. If a cracker can
associate the cracked key with a company by scanning the victim’s hard drive or using other
intrusion tools, then they can go to that company and enter their network at will, too. That’s what
led to the TJ Maxx/Marshall’s parent company break in.
The broader implications are that if you ever attached to a WEP-protected network and stored the
key, your laptop is now vulnerable to this attack. This may lead people to turn their Wi-Fi radio off
when not actively attached to a network when out in public. (It’s a good idea for reducing battery
drain, too, of course.) The researchers are using an older form of WEP attack, it seems like, as they
Page 19
suggest it could take up to 30 minutes to break the WEP key in this manner; other researchers
revealed a method that works in as little as under two minutes back in April.
The vulnerabilities exposed by this attack arise because the IP ranges associated with Wi-Fi
networks are often considered trusted networks by firewall software. Most firewall software
requires that you agree or disagree that a particular network range represented by a Wi-Fi network
that you connect to is trusted or untrusted. I suspect most users add the network to their trusted
category when they connect to a network, assuming it to be safe—maybe the case when it’s a
home network. Which means that popular private addressing ranges starting with 10.0 or 192.168
are already approved in your firewall. With the attacker managing to appear to your computer like
a WEP network it’s already joined, they may not be blocked from probing for the many weaknesses
typically found on most Windows computers through outdated software and drivers.
Table of Contents
Cyber Security Command for India Recommended
By Naavi, Blogger News Network October 17th, 2007
India is celebrating 60 years of Independence. At this point of time it is natural for us to focus on
the security of the nation. In the current Digital era where “Governance” as well as “Business” is
increasingly being led by ICT, the discussion on security of the nation is not complete without a
discussion of the Cyber Space in which e-Governance and e-Commerce take place.
Our attention is usually drawn on “Cyber Security” when we hear about “Cyber Crimes”. Our first
thought on “National Cyber Security” therefore starts on how good is our infrastructure for handling
“Cyber Crimes”.
In the corporate sector, the focus of “Cyber Security” is more on “Information Security” and
prevention of unauthorized access to the Corporate Information systems or denial of access to the
systems by authorized persons.
The e-Governance and e-Commerce sector as well as the Individuals who use Computers and
Mobiles are also concerned about Cyber Crimes and how it affects them.
A question arises whether there is any role for the Corporate sector or the common Netizens in
“National Cyber Security”. After all, the civilians normally are not required to go to fight at our
physical borders and therefore are not very much involved in the national security process.
Similarly, private sector companies also have only a peripheral role in the national security in the
physical space.
The situation in the Cyber Space is however different. While we normally say that Cyber Space has
no boundary, it also means that beyond the cyber space of every individual, there lies an
international cyber space. Every time a Netizen sends and receives a data packet on the Internet,
he is going out of the National Cyber Space and wandering in International Cyber space. There is
therefore a far bigger role for individual civilians and Corporate sector in the national Cyber Space
security. Consequently, the strategy for National Cyber Space has to be different from that for the
physical cyber space.
Some Recent Incidents
If we reflect on some of the recent incidents of Cyber Security breaches, we can get an idea about
how the security threats arise.
Recently, a Swedish security professional by name Dan Egested created a sensation by finding out
e-mail passwords of about 100 senior Indian Government officials including several embassy
officials and DRDO officials and posting them on the Internet. The e-mail passwords gave access to
confidential correspondence between the Government and the officials and could have some
repercussions on national security. A matter of greater concern was the realization that any person
with a reasonable security knowledge could have accessed similar information earlier and some of
them could be terrorists who are trying to destroy our country.
Page 20
Another incident which was of significance was the report that the website of one of major Banks
had been hacked and infested with malicious codes that downloaded about 22 Trojans to any
individual who visited the home page of the Bank. Some of these Trojans could be “Key Logger”
Trojans and the security of thousands of Bank customers were compromised due to the breach at
the Bank’s server level.
A third incident of importance to occur recently was the dramatic demonstration of the power of
SMS/Phone spoofing through websites. In a well published TV programme, a Chartered Accountant
from Ahmedabad showed how he could put through a call in the name of the home minister of the
country to another minister.
A fourth incident of significance was the fact that the web server of National Police Academy,
Hyderabad was found to have been penetrated and a phishing website had been hosted there on.
Close on the heels of this incident, on the International scenario, it was reported that one ISP in
Russia was making a business of hosting facilities for Cyber Criminals and over 50% of the global
phishing sites had been hosted by the network. It was interesting to note that to use the services
of this ISP, the privileged clients had to demonstrate a track record of “Identity Theft”. A question
arises if in the interest of the Indian Netizens, can the Indian State take any action to stop this
service provider from facilitating attacks on Indian Netizens. Their activity is nothing different from
our neighboring countries hosting terrorist camps and training for which we do discuss if we have a
“Right of Hot Pursuit”.
These incidents indicate the high levels of risks that Indian Cyber Space is encountering today.
They also highlight the fact that the security professionals in the various organizations that have
been attacked have failed in securing their networks and exposed the country to grave risks.
How Do We Respond?
Having observed such incidents, the next question that arises is what is our response to them?. Are
we now wiser and have we identified what remedial measures we need to take to prevent such
incidents in future?
While the Government is expected to have its own resources to take protective measures, the
common man when affected would run to the Cyber Crime Police stations for relief. Unfortunately,
our Cyber Crime police stations have not been able to come up to the expectations of the public.
Many times, the Police have refused to register cases and often made the complainant run from
pillar to post to even lodge a complaint. The confusion arises since some Cyber Crime Police
stations do not recognize any crime coming under IPC as Cyber Crimes even if they have been
committed with the use of Cyber tools. They are under the false impression that they exist only to
take care of offences under Information technology act alone. Public are therefore losing faith in
the Law enforcement’s ability to protect Cyber space.
Lack of Coordination between Security agencies
In the few cases where Cyber Crime cases have been initiated, lack of coordination between
different Police stations have frustrated the investigation. In some cases when the investigation
trail goes abroad, CBI is not coming forth with its own support and the investigations reach a dead
trail.
When Cyber Crimes are committed with mobile network, it is often difficult to convince the mobile
service providers that they are responsible for assisting the Police in the investigation. Many of
them do not even recognize mobile crimes as Cyber Crimes and therefore fail to appreciate their
legal obligations.
In the private sector, whenever crimes are reported, companies are more concerned about their
own reputation than public good and they do everything within their powers not to register a
complaint nor enable a proper investigation. This is particularly true of Bankers who hide any
frauds that occur in their network for the fear of losing public confidence.
Page 21
The software developers in the country contribute in their own measure to the insecurity in the
Cyber space by supplying software that has many security weaknesses and leave it to future
security patches to correct the bugs which they should have corrected at the beta level.
Some software developers hide under the IPR claims to shield their source codes and prevent the
user from making a proper security assessment. Many security professionals believe that major
software vendors deliberately keep a backdoor entry to the software for apparently legitimate
purpose but with dangerous possibilities.
Threat in the Critical IT Infrastructure Security
Apart from the security threats that are visible in the above incidents, there is another lurking
danger where our critical IT infrastructures such as the missile launching stations, the defense
support IT systems etc could be under threat of an Electronic warfare. There are serious reports
about China specializing in such Cyber Space warfare which could be a potential threat to the
Indian security.
This realization that there is a security threat to the country’s armed forces has already been
recognized by many other countries. USA has been one of the first to set up a Cyber Space
Command to assist its defense forces in defending against an external cyber threat and also enable
USA to launch a cyber war on another country. Perhaps the US Cyber Command would now be
thinking about neutralizing the Russian Business Network which appears to be a global cyber crime
node.
A recent seminar in Vietnam attended by many countries such as Australia, Malaysia, Singapore etc
explored the need for National Cyber Security and some of these countries are already in the
process of developing a national cyber space security strategy.
In India efforts in the direction of a national cyber security strategy are not so far visible. The
Government of India has set up CERT-In as a division of the Ministry of Information Technology
which is being nurtured as the nodal security agency in India. NIC which has been involved in many
e-Governance projects and should be a natural choice for ensuring cyber security in e-Governance
project does not seem to have made much progress. CDAC has been involved in certain research
projects and is not in the forefront of strategizing a national cyber security plan. Private sector is
concerned only in its needs to get ISO certified. Nasscom is focusing on building a security
organization for BPOs which is in the early stages of planning.
There was one serious attempt to develop a national cyber security agency five years back when Dr
Abdul Kalam before being elected as President of India initiated the formation of the Society for
Electronic Transaction Security which later paled into the background.
A serious adverse consequence of an inadequate state response to perceived national security
threat is the emergence of private tech savvy individual hacker groups who try to counter hack
foreign websites known to be inimical to the national interests. This “hactivist” tendency however
presents the danger of degenerating into Cyber Naxalism and needs to be regulated.
Components of the Security Plan
When we look at the National Cyber Space we need to look at the following different components of
Cyber space since the security requirements of each of these segments may be different.

Security of the Critical IT Infrastructure of the Government

Security of e-Governance infrastructure

Security against Cyber Crimes

Security of Information in the industry infrastructure

Security of Individual desktops/electronic devices
Analyzing all these efforts, it appears that the biggest challenge ahead of us is to develop a
synergistic cooperation between different security organizations in such a manner that the national
cyber space remains secured. If such a collaborative structure is to be built up then there is also
the issue of whether it is feasible for the Government sector to join hands with the private sector
Page 22
with a common objective of securing the common cyber space. Effective Public-Private sector
cooperation is therefore one of the key challenges to be faced in building the national cyber
security infrastructure.
Towards Finding a Solution
In order to find a solution to the need for developing a national cyber security infrastructure, the
following structure is suggested.
The National Cyber Security Infrastructure may be headed by a “National Cyber Army Command”
as a Unified apex authority responsible for Cyber Space Security of India.
This may have one direct command called “Critical Infrastructure Defense Force” which will
supervise the Cyber space risks of the National Defense forces.
Additionally there may be four other sub divisions which will guide and supervise the Cyber space
security requirements in four other segments through different cooridnating agencies.
These subdivisions may be
1. Non critical Government Cyber Asset defense force
2. Indian Cyber Crime Police Service
3. All India Federation of IS Managers
4. All India Federation of Information Insurance Agencies
The “National Cyber Army Command”would be equivalent to the fourth division of the defense
forces consisting of the Army, Navy and Air force. It would however be different in the sense that it
would also provide leadership to the other security agencies in the Cyber space. To draw an
anomaly, it is like the Army being also in charge of the Police outfits in the country. The concept
would be a “Unified Command” for all Cyber Security requirements.
The “Critical Infrastructure Security Force” would cover the security requirements of the armed
forces as well as select installations of national importance such as the nuclear power stations,
rocket launching station, AIR and Doordarshan etc. This subdivision will be the equivalent of the
Cyber Command which USA has envisaged and will mainly have the military objectives.
All other assets of the Government such as the e-Governance support infrastructure will come
under “Non Critical Government Infrastructure” and its security may be handled by Cert-In. NIC
may limit its role to provision of IT services.
In order to make the Cyber Crime Policing more effective, an Indian Cyber Crime Police (ICCP)
Cadre should be created and all state Cyber Crime police stations should be merged in this all India
police force. The officials in this cadre should have a separate career plan and should be
professionally managed outside the political control of the state units. The CBI’s Cyber Crime unit
should also be merged with the ICCP service which should have its own police stations wherever
required. Local police force and the ICCP should exchange support and help each other whenever
required.
The above three sub divisions will operate in the public sector.
In the private sector, two self regulating bodies may be encouraged to be formed one for the
industry infrastructure security and the other for the individual security. The industry level
Information Security Managers should coordinate their efforts through an All India Federation of IS
Managers. This should be a self regulating body such as the CII.
The individual desktop security should be driven by the initiatives of the private sector security
product companies . Preferably the Information Insurance industry should be developed in India
and a consortium of Information Insurers should drive the desk top security initiatives through
appropriate incentivisation of security implementation.
Individual programmes to be undertaken by each of these sub divisions would include Education,
Product development, Standardization and Certification, Regulatory measures, etc.
Page 23
In order to continue the debate further, it is suggested that a “Think Tank” be formed out of the
expert participants of the Cyber Security Seminar who may develop a recommendatory note to be
submitted to the Central Government within an appropriate time frame.
Table of Contents
Countering Information Warfare
By Peter Brookes, The China Post, October 18, 2007
While France, Germany, the UK and the U.S. do not see eye to eye on everything, there is one
thing they probably can agree on: the growing problem of Beijing's intrusions into their
government computer systems.
Indeed, in the last few weeks, all four capitals have pointed an accusatory finger at Beijing for
attempting to infiltrate -- or having succeeded in penetrating -- their diplomatic or defense
establishment computer networks.
While snooping by the People's Liberation Army's (PLA) cyber-soldiers on unclassified government
Web sites and e-mail might be expected, the recent rash of incidents shines a spotlight on a
burgeoning game of Internet cat and mouse.
In the case of China, Beijing's increasing aggressiveness (indeed, ham-handedness) and capability
to infiltrate the computer networks of key countries is setting off alarms across the security
establishment -- and rightfully so. Take the U.S.: while modern warfare is increasingly dependent
on advanced computers, no country's armed forces are more reliant in the Digital Age than those
of the U.S. This is both a great strength and a damning weakness.
Today, the U.S. Department of Defense uses more than 5 million computers on 100,000 networks
at 1,500 sites in 65 countries worldwide. Not surprisingly, potential adversaries have taken note of
the U.S.' slavish dependence on bits and bytes.
In an average year, the Pentagon suffers upwards of 80,000 attempted computer network attacks,
including some that have reduced the U.S. military's operational capabilities.
Also, in the last few years, the U.S. Army's elite 101st and 82nd Airborne Divisions and 4th
Infantry Division have been "hacked."
While it is difficult to determine the source, according to the Pentagon, most attacks on the U.S.
digital Achilles' heel originate in China, making Beijing's information warfare (IW) operations an
issue we had better pay close attention to.
IW, including network attacks, exploitation and defense, is not a new national security challenge.
Cyberwarfare was the rage in the late 1990s, but has faded since 9/11 in comparison to the
mammoth matters of Islamic terrorism, Iraq and Afghanistan.
IW appeals to both state and non-state actors, including terrorists, because it is low-cost, can be
highly effective and can provide plausible deniability of responsibility due to the ability to route
strikes through any number of surrogate servers along the way.
An IW attack can launch degrading viruses, crash networks, corrupt data, collect intelligence and
spread misinformation, effectively interfering with command, control, communications, intelligence,
navigation, logistics and operations.
Not surprisingly, rising power China is serious about cyberwarfare, making the development of a
robust IW capability a top national-security priority. China's military planners recognize U.S. -- and
others' -- dependence on computers as a significant vulnerability.
Table of Contents
Congress: Power Grid Defense Is Weak
By Lisa Vaas, eWeek, October 19, 2007
In the wake of the Idaho National Laboratory test that blew up an electrical generator with a
simulated cyber-attack and revealed the fragility of the nation's electrical infrastructure, a
Page 24
congressional panel on cyber-security is calling for an investigation into how well electric sector
owners and operators have implemented security mitigations developed by the U.S. Department of
Homeland Security and Department of Energy.
The danger is growing, many say, given the increasing number of touch points between the United
States' power infrastructure and the wild and dangerous world of the Internet.
"Once largely proprietary closed systems, control systems are becoming increasingly connected to
open networks, such as corporate intranets and the Internet. As such, the cyber-risk to these
systems is increasing," said Rep. Jim Langevin, D-R.I., chairman of a House of Representatives
cyber-security panel, in an opening statement for an Oct. 17 hearing devoted to the cyber-threat to
utility control systems and the stronger regulations that are necessary to secure the electric grid.
According to Langevin, what's at stake is a power system worth more than $1 trillion, comprising
more than 200,000 miles of transmission lines and more than 800,000 megawatts of generating
capability that serves over 300 million people through the United States and Canada. The effective
functioning of this infrastructure is highly dependent on control systems, which are computer-based
systems used to monitor and control sensitive processes and physical functions.
"Intentional and unintentional control system failures on the bulk power system could have a
significant and potentially devastating impact on the economy, public health and national security
of the U.S.," Langevin said in his opening statement, which is posted here.
"For a society whose every function depends on reliable power, the disruption of electricity to
chemical plants, banks, refineries, hospitals, water systems and military installations presents a
terrifying scenario. We will not accidentally stumble upon a solution to these problems. Instead, we
must dedicate a lot of hard work and resources to secure our systems," he said.
To that end, the Federal Energy Regulatory Commission has proposed implementing a set of
reliability standards developed by the North American Electric Reliability Corp. However, members
of the cyber-security committee have found those standards to be woefully inadequate, Langevin
said. "The NERC standard focuses on the reliability of the bulk power system as a whole, ignoring
the homeland security impact that loss of power in a region can have," he said.
The House committee faults the standards for a failure to cover a "significant number of assets"
that are critical to keeping the nation's electricity flowing—specifically, they neglect any
requirements regarding electric sector owners and operators securing generation units, distribution
units or telecommunications equipment.
"But we know from countless real-world examples that these units are highly vulnerable to
intentional and unintentional cyber-events," Langevin said. "Knocking any of these units off could
affect the power supply to our nation's critical infrastructure."
The proposed NERC standards would require certain users, owners and operators of the grid to
establish plans, protocols and controls to safeguard physical and electronic access to systems, to
train personnel on security matters, to report security incidents and to be prepared to recover
information.
The Idaho National Lab's formerly classified demonstration of blowing up a generator, revealed by
Homeland Security officials in September and subsequently aired in part by CNN, was a dramatic
illustration of how control systems can be used to inflict critical damage onto physical structure—
specifically, a turbine.
That scenario has been tested and known about for some time, according to Amit Yoran, CEO of
NetWitness and former director of the DHS' National Cyber Security Division. The reality is a bit
more complicated, however, than the sensationalistic, smoking-equipment video clip reveals, he
told eWEEK in a recent conversation.
"Utilities and equipment that rely on control systems—[i.e.,] computer or electronic equipment
attached to mechanical equipment—broadly in the power sector or in other utilities or other critical
infrastructure, that's a very complex system or set of systems, and their interaction is very
complicated, not only in the case of power if you're talking about generation, or transmission, or
Page 25
distribution, all these things are very complicated in and of themselves, and when you start
intertwining them, it gets very complicated.
"[Add to that] regulatory issues, industry standards and best practices, [and] sometimes seemingly
competing requirements between availability and redundancy and what we think of as a standard
that says you shalt not set a password on this system because if Joe is at home or hit by a bus and
power goes down, we don't want people to have to crack a password to get power."
Thus the systems that control the grid get increasingly interconnected, Yoran said, and the
disparate lines that were once more or less stand-alone get put together and deployed in ways that
"may be lacking from a security perspective," he said.
Still, nobody should assume that one turbine blowing up in the controlled situation of a lab should
be taken to mean that all control systems are vulnerable to this type of attack, he said.
"Many infrastructures have both electronic as well as physical measures to protect equipment, for
public or operator safety. They have spillover valves, auto shut-off valves. Some of those are not
electronic; some have mechanical protective measures. I don't think a valid conclusion is because
one turbine is destroyed all critical infrastructure is vulnerable to this attack. It's important, it's
dramatic, it's a good indicator of a bad-case scenario, but it shouldn't be interpreted as a pervasive
and definitive conclusion for all control systems."
At any rate, getting control systems vendors to comply with a rigid set of standards doesn't fit in
well with the reality of the world of control systems, Yoran said. Control systems themselves have
complex and long deployment cycles. A control system may be an application with a warranty that
the control system vendor put together and offered on a particular operating system where the
control system was tested and validated. As vulnerabilities are discovered, those who run control
systems run into scenarios wherein they well might void their warranty, such as when a security
patch is applied. Thus, in some cases, operators are caught between a rock and a hard place,
having to choose between improved security versus the desire for a valid warranty and support
services.
"The control system world is a very complex one. We can't say, 'Charge forward and by next
Tuesday patch everything and we'll be protected.' It takes a lot of detailed study of control systems
and interactions with the infrastructure before" the grid overall can be improved vis-à-vis its safety
from cyber-attack, he said.
The NERC is well aware of the complexity of the situation. Joseph McClelland, director of the Office
of Electric Reliability at the FERC, said at the Oct. 17 hearing that overly prescriptive standards run
the risk of becoming a "one-size-fits-all" solution that ignores "significant differences in system
architecture, technology and risk profile."
"A major concern with cyber-security is the prevalence in the industry of 'legacy equipment' which
may not be readily adaptable for purposes of cyber-security protection," he said. "If this equipment
is left vulnerable, it could be the focal point of efforts to disrupt the grid."
Replacing the grid's antiquated equipment or retrofitting it to incorporate cyber-security protection
could be costly, McClelland said, "but a successful cyber-attack could damage our bulk-power
system and economy in ways that cost far more."
The Homeland Security's cyber-security czar Greg Garcia reportedly said on Oct. 17 that his agency
will be passing out cyber-security self-assessment guidelines to control systems operators, will
offer training to workers in the field, and will be distributing suggestions for mitigations against
real-world attacks similar to the one enacted on the Idaho National Lab video.
Table of Contents
Page 26