Archive for the ‘AQAP’ Category
Inspire 17 Train Derail Operations
Inspire is back trying to “inspire” the jihadi’s after taking a forced hiatus after many of the AQAP magazine’s creators got whacked by some raptor hellfire missiles. The latest installment is a call for those would be “lone wolves” in the USA to take up arms against our trains it seems. As usual from Inspire we have the normal calls to jihad using their interpretations of the Koran to push the agenda of radical terrorism. The long winded screeds on the rationalization of killing civilians is just that, long winded, and overall does not conform to anything but their own desires to kill and maim anyone who does not believe as they do. Honestly, I think if Saladin came back from the dead and saw this shit he would be bitch slapping them all the way back to Medina but here we are today again dealing with AQAP and AQ as Da’esh’s alleged caliphate crumbles and the movement dies a slow death.
To be honest the actions of those who claimed to be with Da’esh here in the States were to me just mentally unstable persons who needed an outlet to feel important and not impotent, so they went on rampages. Da’esh has never had the reach in the states that they seem to have had for a brief time in Europe but now they are marginalized enough to say that they are not a serious mass casualty threat in the way that AQ and AQAP still is. As terrorist groups go AQ and it’s subs has a far better grasp of OPSEC and operations as well as money and capabilities that we should still be worrying about. With this issue of Inspire not only do we see that they have re-constituted their graphics department but also that they also see the power vacuum that is taking place as Da’esh declines and becomes more marginalized.
Not only are they seeing their opportunity, they are also kind of calling out Da’esh as well in this issue for stealing their ideas down to the fact that Da’esh whole cloth plagiarized their magazine format and ideas for their own with the Dabiq knockoff’s they pimped over the years. It is amusing to watch as AQAP calls out Da’esh with the graphic above and chides them over failed operations as well as calling into doubt the operators choices like that of Sideeq (Orlando) for going after only “one” group. Basically they spent some time on the graphic to slap Zarqawi’s monsters for their lack of righteousness and operational planning. All in all it is just a slap fight between the overly pedantic AQ org with Ayman as their leader and Da’esh, with their Schrodinger’s Imam Baghdadi. The problem is that the precepts of both of their movements are advocating this open source jihad that AQAP invented, something that is now even being used by the white supremacists in actions like those in Charlottesville VA this last weekend.
This the new old problem that we always have been facing but never seem to be able to grapple with on how to stop. These magazines are passed out online and end up in many places including archive.org for anyone to grab. I got this one from <REDACTED> when it came out over the weekend but seriously, the genie is out of the bottle with this stuff. With this latest iteration though, the AQAP has given a lot of thought to honing their exhortations to open source jihad with a simple yet effective attack and vector; trains. The choice of trains is kind of a change for the AQ set in that for the most part they have advocated going directly for people and places where they congregate in the past. Now, with train attacks they can maximize damage and buzz with events that could not only cause deaths but mass deaths as well as huge news coverage.
Train attacks to me always remind me of T.E. Lawrence and the attacks he and the Arabs carried out on Turkish trains in WWI. These actions really did help stop Turkey from retaining power in the region during the war using asymmetric destruction of trains and tracks to damage or halt the supply chain for the Turks. In this modern scheme put forth by AQAP, they have moved the bar lower in many ways by not calling on their lone wolves to create and use explosives as much as use a tool to derail the trains in hopes of a 1970’s car flip explosion kind of thing. I have to say though, were they able to carry off the attack that they direct their followers to perform it could be rather messy depending on the train and it’s load.
The device the OSJ is proposing is a tool that the railroads have themselves but may be harder to acquire so these guys have plans to make your own in your mom’s kitchen (old joke) Anyway, the device is called a derailer, a simple piece of metal that attaches to the tracks. It’s function is simple enough, it raises and diverts the wheels off the track and boom, derailment. This has been used as a stopgap for runaway trains I hear and other functions that I do not care to go Google up right now. In this case though the Inspire folks want their minions to use it to derail trains off of high cliffs or into buildings from what they allude to in the magazine. Of course their solution to making one seems a bit too low tek DIY and might just smash into bits as the train hits it from what I am looking at.
I will not go into detail on the fabrication of the device they present to the lone wolves but suffice to say that I believe the percentage of success from this thing are low in my opinion. Perhaps if they had access to a serious 3D printer and some strong plastic maybe but not what they have laid out in this issue. However, I could be wrong and others out there may do their own mods to the fabrication process to make something more sturdy. If the thing works then it could be problematic and we could see some derailments come to pass. So yeah, the tech may work and the magazine spends some more time after the fabrication phase into the planning and carrying out of the attack phase with targeting advice that includes quite a bit of open sourced information on the railroads in the USA.
Recently at BlackHat myself and Kodor talked about OSINT being used to attack infrastructure by targeting leaked documentation and information. Well, it seems that the Inspire folks have the same idea here. In laying out the attack scenarios they give up some key points on the railroads, their weak spots, and the collateral damage from various scenarios of attack using the derailer. They also allude (as you can see from the picture above) that the attack is easier to hide and harder to detect if done properly. Honestly I think that last bit will be easy to see, I mean are they expected to run into the derailment and grab their tool back? One would assume too that unless you do a real job of it, one would leave forensically viable evidence in the device too so it could be tracked back to the culprit(s).
Frankly I should think that the DHS and other groups have a copy of this open on their desktops too right about now and working up some TLP’s for the railroads and authorities. I hope that is the case because this one is easy enough for the usual lone wolf jihobbyist to try at home and not blow themselves up without much effort. The question for me now is where will these guys try this? The exhortations are to do so with the most flare to cause the most fear. Honestly if they wanted to just be a pain in the ass and mess with the supply chain they could go out anywhere in the wilds where tracks are and pull this off. I guess time will tell but a recent link sent to me at least has this idea in the forefront of the minds of the security wonks for railroads.
Let’s hope they take this Inspire’s scenarios as seriously.
K.
Cyber Jihad Marketing: Yelling FIRE! In A Crowded Theater
Recently, a reporter that I know came to me asking if I would look at this ICIT-Brief-The-Anatomy-of-Cyber-Jihad1 and give input on it. They wanted to have my opinion because the firm that wrote it was seeking a reporter to flog it on their news site. I told the reporter after looking at the “analysis” this exact quote; “This report is the marketing equivalent of yelling fire in a crowded theater” Well, it seems that CNBC bought it though and my hand has been forced to write about this travesty. ( CNBC Report that forced my hand ) I told the reporter to back away slowly and to their credit they did. CNBC not so much. So here I am going to outline how this report is full of marketing and cognitive bias and wild assumptions. Oh, and that is if you can get past the hyperbolic language in the first graph…
I shit you not..
Cyber Caliphate & Junaid Hussain:
The report goes on a long time talking about Da’esh and their origins. While much of that data is right on the report starts to go off the rails once they begin talking about the “cyber” part of the picture. They start off by talking about Juny and his cybering, the defacements out there, and the propaganda war that is still ongoing by the likes of Da’esh, AQAP, Boko Haram, etc. Which is all fine, mostly accurate, but then they start to talk about “possible capabilities” after they just pretty much said “They aren’t that capable” Cognitive dissonance much there guys? The truth of the matter is that to date, the propaganda war is the biggest and most dangerous war here, not the so called cyber war that this “analysis” is pimping. I have been following this stuff since 2001 and Juny is the new Younis Tsouli really, both were/are moderately skilled in hacking but not much more than that. Both were much more a propaganda figures, and more dangerous in that capacity than any of their hacking skills. In fact, in the case of Younis, he got the heat and popped for that very reason, he was making a splash and attracting followers. Juny had that very same skill set and became much bigger a deal because he caught the zeitgeist for the jihobbyists out there with his mouth on Twitter. This is why he was killed with a hellfire, not because he hacked any big databases or got the real dope from some hack. In short, both were a danger because they had followers, and those followers were radicalising off of their jihadi bluster online and caches of propaganda from the main marketing teams of their respective terrorism groups. (AQ for Younis and Da’esh for Juny)
Of course the report would not be scary enough without the “Cyber Caliphate” an operation that Juny lamented was just him, no one else, before he got whacked on Telegram. That’s right kids, Juny was pimping something and making shit up. Once Juny got whacked you know what happened? Groups of guys like Team Fallaga took up the mantle and went on to deface pages like the dickens! “OOH SCARY DEFACEMENT BRO” While the report states this, and some of the other information I just mentioned, they then go on to analyse and say that these guys aren’t capable now but someday… SOMEDAY they could be. Oh really? You don’t say! Sure it is possible but it is not likely. Given that most APT activity takes money, time, and cohesion, the jihadi’s are all over the place and usually small disparate groups of skiddies, not solid hackers. So, the scare tactic of analysis is way off the mark in this report and this is why I told the reporter to step back slowly from their pitch. If this group had left it at that, it could happen but it is not likely I would have had some respect for them. Instead they chose the other scare the client into buying shit route. As for Cyber Caliphate and all their other silly acronyms, none have shown that they are a credible threat to much else than an insecure web page. No real data has been hacked and their “data drops” of enemies to kill have all come from open sources on the internet. Sure, is it problematic that they are doing this? Sure. Is it a clear and present danger of cyber capabilities that they could strike the grid next?
No.
Just stop.
Jihadi Helpdesk
PSSSST hey morons.. There is no Helpdesk
I need not say more right?
… But I will.
DO YOUR GOD DAMNED HOMEWORK AND QUITE THE FEAR MONGERING FOR MONEY!
CYBER JIHADI DARKNETS
Of course these guys could not miss an opportunity to scare and of course they had to use the scary “Dark Net” or “Deep Web” I have been on the dark net for a long time and I will tell you I have found a few sites but nothing there is that scary. In fact, to date, the sites either have been hacked soon after and taken down, or just sit unused. So really, the dark net is no threat here. Sure, the jihadi’s are using technology to obfuscate their chats now and trying to hide in the “deep web” of un-spidered content but the reality is most of this stuff is non operational. What the jihad today (Da’esh) wants mostly is to radicalize and activate those in the US like Omar Mateen without even really having contact with them.
So, the darknet… Not so much a terrorist haven kids. Sorry
https://krypt3ia.wordpress.com/2015/11/18/daesh-darknet-under-the-hood/
Overall Analysis of Scare Marketing and Cognitive Bias
This report is a travesty of a tissue of what if’s that really is just a pulp thriller wannabe disguised thinly as a marketing piece cum serious analysis of Jihad online.
Please believe none of it.
Dr. K.
ASSESSMENT: X-Ray Machine Exploits and TIP File Manipulation
Exploiting The X-Ray Machines, TIPs, & TSANet:
A few years ago I worked with a startup who’s main goal was to protect the L3/Smith/Rapiscan machines from compromise from physical and network attacks. At the time the claim was made that the systems were not connected to any networks and were in fact islands and that this type of attack was not a real problem. Of course in the process of assessing these machines (one of them in a garage with an explosives expert) it became quite clear that these machines were wholly insecure and likely to be compromised at some point to allow things through the system. The connectivity issues aside, the physical access to the systems could be procured by saboteurs working in TSA and local compromise of the weak OS (Win98 as well as Xp based as the article states in Wired) could be carried out locally with a USB drive. So when looking at the threat-scape and reporting back to TSA and the makers of these machines it was clear that this type of attack could be possible but my issue was whether or not there was a probability of it being used as an attack vector. When talk was started about networking these machines as well as others (i.e. bomb sniffers) to the TSANet the startup changed their direction a bit and began to work the idea of a SOC to monitor the machines and the network to insure no tampering had been carried out. Unfortunately though the TSA and other entities did not really buy off on the idea and in fact the technologies on the systems did not make it easy for any kind of monitoring to be carried out. I went on my way having had a good insight into how TSA/DHS/Detection machines worked and had fun with the explosives expert messing around with the technologies and talking about red team exercises he had carried out in the old days with simulants. Then I saw the article in Wired yesterday and hit up my explosives and machine experts who got a bit unhappy with the article.
Exploit to Terrorism:
The Wired article on the whole of it is correct, it is quite possible to insert those already pre-made images into the system because that is how it is supposed to work. The article though mentions being able to insert socks over a gun for example in an image to cover up the fact that the gun is there. This one point was vehemently refuted by the guys I worked with as too hard to pull off live and that, as I agreed, it would just be easier to pass along a similar imaged bag image itself instead of trying to insert an image into an image to obfuscate things. I think perhaps that the reporter got that idea a bit wrong in translation but perhaps the researchers thought they could pull that off. Either way, this issue brings up a larger issue of the exploit itself being used at all. In hacking and exploits like terrorism often times the attackers opt for the path of least resistance approach. In this case I personally don’t see this type of attack as the first go to for any attacker. It think it would be much more advantageous and easier for the attackers to insiders to allow things to get past the systems or bypass them altogether to effect their goals. This type of attack has been seen before within the airports security mechanism with regard to thefts and smuggling so it is a higher likelihood that if AQAP were to attempt to board a plane with guns or other explosives, they would use insiders to pass that through the system without being seen by any X-ray or bomb detection at all and not attempt to hire hackers to compromise a networked or physically access a machine to pass a gun or guns through the TSA line. This also is why at the time of 9/11 the 19 went for very low tek solutions of box cutters to overtake planes and use them as missiles against buildings, it’s just the path of least resistance.
Failure Rates on X-ray and MM Wave Results:
Meanwhile the TSA has never been seen as a bastion of security by the public from day one. As time has progressed the people of this nation have realized that much of the function of the TSA seems to be to harass the passengers and provide a simulacra of security that really isn’t there. How many times have you dear traveller passed things through security, primarily the color x-ray Smith/L3/Rapiscan machines without even trying? I have gone through TSA on many occasions with forgotten knives and other things that are forbidden and TSA completely missed them on the scans. Once again I would point to the systems being insecure or the processes being lax that would lead to compromise of the overall security and not so much a hack on a Smith machine for a terrorist attacks success. A recent OSINT search in Google turned up an interesting document of an assessment of Hartsfield, Atlanta’s airport by the OIG that shows just how this airport at least was not following processes and procedures that would make an attack much easier for the prepared aggressor. There are other documents out there and you can go dig them up but the point is that if you are not carrying out the policies and procedures, the technologies will not prevent their being bypassed. Additionally, there are issues around the technologies accuracy as well that have been addressed by the makers of the machines and the government so these systems are in no way foolproof and it requires vigilance to make them work well. The net/net here is that the technology can fail, be tampered with, or bypassed altogether without the need for an exotic and technical exploit series to be carried out on them to forward a terrorist attack.
ANALYSIS:
My analysis here is that yet again the research is valid but the hype around the revealing of such research at places like the recent Kaspersky Security Analyst Summit is just a way to garner attention. Much like the issues with the power grid and physical attacks which I profiled last on this blog, we are enamoured with the idea of cyber attacks as a vector for terror but the realities are somewhat more mundane. A physical attack or an insider attack is much more probable in this case as in the power systems attacks as the main modus operandi not an elaborate hack to insecure machines that will require access to begin with. At such time as we have networked all of these machines (remember many are islands presently) then we will have to address these issues much more closely and yet still, this attack vector may be sexy to the hacker set, but not so much to the terrorist set today. The machines are insecure though, the researchers are bang on about that and these issues should be addressed but then you have to look at the government procurement process as well as the corporations that do not want to have to re-architect their systems completely. It was a pain to try and get these makers to add API’s to their code in order to allow for remote monitoring by a SOC so think about telling them then that they have to not only harden their systems but also re-architect them completely to run on more advanced systems than WIN98. I would also point you all to the recent revelation that 94% of the ATM’s in the world still run on Windows Xp… How about an upgrade there?
K.
ASSESSMENT: Virtual World Recruitment and Operations of Jihadi’s In WOW
Virtual Worlds vs. The Internet or Darknet:
A recent post on Wired had a bold claim in the title; “U.S. Intel: Osama Bin Laden Avatar Could Recruit Terrorists Online for Centuries” that made me snort then giggle then facepalm. Once again we see that the government has been watching too many Hollywood movies and listening to too many cyber snake oil salesman. This current regurgitation stems from a newly declassified report that was requested by the IC on virtual worlds and terrorism (aka jihad) and makes some far fetched assertions about technologies that just aren’t there yet. Presently though we do have the internet and it can be seen as a virtual world in and of itself, and that is not even covering the idea of darknets. The report though really covers the idea that virtual worlds, i.e. game universes are the place where jihad will bloom as well as many sundry other types of illicit activities. While this idea is a common plot for B movies it has not really been the reality within the virtual reality of games like WOW (World of Warcraft) In fact a recent dump from “Snowman” (Ed Snowden) showed how the NSA had teams of individuals trawling WOW and other games seeking terrorists to little or no avail. Most took this as yet another invasion into the privacy we all thought we had, but some of us just had to laugh because we were in fact also tasked with looking for the AQ set in the same games as well.
So while the government think tankers and scientists were creating this report others were in fact looking not only in the game environments for secret comm’s but also within the internet itself. There are many boards online since 2001 that have sprung up and gone away as I have reported on over the years. The internet is the virtual world today and will likely be it in the future, we will just interface with it a little more organically with things like Google Glass or some other HUD devices. So yes POTUS and the IC, the terrorists are in the virtual world of the internet, just not so much are they plotting the end of the West in WOW or Second Life. In fact, to date they have yet to really make inroads into the Darknet as well so really, they aren’t hiding all that much with super secret sites, after all, they have to advertise to get recruits, this is why they came up with Al-Malahem in the first place.
Jihad Online:
To date the Jihadi’s have been on the learning curve as to how to leverage the internet. Much of their message gets lost outside of the insular community-scape of their lives as Muslims in the would be caliphate. Many sites are out there for the jihadi’s to talk to each other and they are mostly not very secret about them. Sure there are sites that are a little more stealth but in general the web is being used on one level to radicalize and proselytize. On the other end of the spectrum the C&C for Jihad is as easy as setting up an email and using encryption to send instructions back and forth. In fact, they now have chat rooms and programs for some point to point chat as well so really they are learning but I would hardly say that they are as cyber aware or capable as say an Anonymous cell today. I have written a lot over the past 13 years about this topic and investigated many sites and while it is a threat as a means of communicating and having a command and control base, I have also seen great gaff’s in OPSEC as well that lead right back to these notional jihadi’s (like the IP address in the tutorial video on how to hack of their own system) Sure, the jihad is online but it is not as Gibsonian as the paper linked above would make it out to be nor do I think it will be so in the near future.
Virtual Sociology and Psychology:
The paper linked above however is correct in some of its assessments on the future of the internet and technology to allow us to interface with it. We are creating more and more ways to interface with the data we love to share and as time goes on we will be more awash in a sea of it every waking moment of the day. This also leads to social and psychological developments on how we act as societies and people as well. I have written about this in the past as well and while this stuff is interesting the contentions in the paper are starting to come to pass. There is a section on criminality that we are seeing actually happen in the darknet with places like Silk Road, and all the criminality that seems to be flourishing in the darknet. This is happening now because TOR and the darknet implies that you can actually transact there in secrecy and keep your privacy, this leads to a dis-inhibition effect that leaves the user thinking they are invincible… Or more to the point invisible. This of course is now being shown not to be completely true with the arrest of The Dread Pirate Roberts (v1) and the take-down of the Silk Road (v1) site in the darknet. All of this too has to be taken into account when trying to kluge the idea that the internet or more to the point WOW is going to be the ground zero for terrorism. As the jihadi’s have seen with their efforts online it is hard to actually recruit and radicalize people simply through slick magazines and slogans, especially when you are asking a Westerner to strap explosives on and kill themselves in the name of jihad. The psychology of interaction when not in person is a problematic one so yes, the idea of a virtual you interacting in a metaverse while entertaining, is likely not going to actuate offline behaviour and actions.
What The Government Sees As Future State:
Once again the government and the politicians are getting spoon fed notions that there is a great dystopia about to take place where William Gibson novels are the reality. There’s a terrorist in every chat room and a dark cyber plot in each packet passed over the net. While once again this makes a great B movie, I have to once more say poppycock! It always amazes me what the government and military types will swallow from some think tanker’s delusion as reality and a clear and present danger. Since we have had the revelations that the NSA did in fact have people trawling in WOW, and I myself was tasked at one point to look into it as well we can extrapolate that people in power saw this and other like reports as the gospel. It is just an assumption here as well that as the net convergence continues and we begin using wearable computers with HUD interfaces that the government will be seeing more terrorists on every street corner as they are trying to type with their haptic gloves and it’s sad really.
ASSESSMENT of Jihadist Recruitment and Operations Online & In Virtual Worlds 2001-2014:
The assessment is this, as you see above, there was no real evidence of these games or virtual worlds being used for terrorism. Sure there is criminality going on but hey that happens everywhere and with every technological solution offered. Will there be terrorism on the net in the future? Sure. Are people plotting and planning things online now? Yes. Is it the Gibsonian novel that they seem to be making it out to be in the report linked above? Not so much. As for this notion that the avatar of Bin Laden will be exhorting and recruiting terrorists for a hundred years online and in the game verse? No. While there have been a couple games put out by jihadi’s in the past this has not proved to be something that worked for the masses and brought more to jihad. This notion of the Bin Laden avatar is just ridiculous and quite the one dimensional approach to thinking about the online world and the nature of the jihad.
K.
Inspire 10: Changes In Attitudes.. Changes In Lattitudes…
XXXXXXXXXXXXXXXXXXXXXXXXXXXX
We Are All Usama
Well the boys out of Yemen have created a new-ish version of Inspire Magazine and put it out for the masses of “Lone Wolves” in the West.At least that is their hope for their target audience though I am afraid that it is much more likely that the real readers are analysts like me and the press in reality however. This go around though they are in fact making some strides towards having a more “Western” and compelling message for those weak enough of mind to buy into their arguments of why a Muslim must perform Jihad.One of those exhortations is the phrase “We are all Usama” which somewhat resembles other catch phrases in past Western movements such as the 99% OWS movement today of “We are the 99%” What it shows is that the creators of the magazine are becoming more savvy to the ways of propaganda and are likely at home right now studying Goebbels and the films of Leni Riefenstahl for clues on how to get their brand across. Speaking of branding this whole magazine idea has been a leap forward for their means of trying to propagate their radical ideas and with each one they get a little closer to content that can actually sway the weak minded and this is almost worrisome… Almost. For the most part the magazine is still a ham-fisted attempt at trying to sway the believers into action but there are areas of subtlety that I think people should pay attention to.
Some New Twists
On the whole this is the same magazine that we have seen in the last 9 iterations. There are the usual citations of the Koran and Muhammad that attempt to focus in on the demand of Jihad by him as well as how through it you will gain rich rewards with him in the afterlife. However in this issue we have some new angles;
- We have a Muslima section by “Umm Yahya” *Mother of Yahya* that attempts to move Muslim women to push their men to jihad
- We have the “We are all Usama” catch phrase that has been set up to be a kind of TURK182 graffito to be splayed anywhere and everywhere
- A less strident tone overall that attempts to cajole the audience
- The use of ethics discourse on how the West is corrupt
- The coining of new portmanteau words such as Zio-Crusade and Zio-Crusaders
- Mirroring the political campaigns of the West using imagery and propaganda techniques
It seems that since the death of Samir the AQAP Al-Malahem group also had a new player in Askar Abu Yazeed who has since been killed in a drone attack. He may in fact have been one of the creators of some of this new spin but I can also assume that they have had plenty of time to try and come to grips with their issues of messaging in the interim. As I have said before in reports on issues 1-9 they have been grappling with a way to get their message to those Westernized Muslims and sway them to action. So far they have had very limited success with this and thus they are working the problems out with propaganda tools and psychology. As the Al Qaeda aegis wanes and the movement keeps having to move (or expand as they see it) to other countries like Mali (also mentioned in this issue as a great victory for them in their minds) I believe that the core group thinks the only way to revive the movement is to get a win on Western soil and that means to charge up the “lone wolves” of the Americas.
This also applies to any Westernized group and in fact the issue also makes this point clear that their main targets are America, England, Germany, and to a lesser extent anyone who sides with America. Generally though AQAP wants to move those on the cusp of action into it now by more subtle means as well as the overt. This magazine has a little of both in there which should be something we pay attention to in the CT community. It’s not just a war of bullets, it’s now a war of minds seeking to control others to get them to radicalize and act. AQAP has wanted that pivot point for some time and since AQ has been marginalized they want it even more. So much so that a new pivot has been introduced on the jihadist boards online where they set forth a plan to train people in the Pakistan and other areas then send them back to the West to train others in terror. No longer are they asking the proto jihadi to come to them nor are they saying to make bombs in mom’s kitchen (this did not work out well) they are instead becoming more tactically savvy. Will these tactics win out in the end and lead to some lone wolf carrying out a plan to fruition? I am not so sure but one has to pay attention to the message here to understand where the battle is going. I have to say that this issue was the closest one for me to something that would indeed get someone to move closer to action out of them all.
Subtleties
At the end of the day I have to say that the AQAP group is becoming more savvy and thus more of a limited danger. I say limited danger because I can only foresee a few jihobbyists being moved by these magazines to literal action. The psychology and sociological gaps between experiences here in the West as opposed to those in the lands of the Ummah are large and so radicalization here is a tough nut to crack. One of the more notable things in this issue are the subtleties that have been employed by the writers. They have begun to use manipulative means of guilt such as an article about those still sitting behind the shahid (meaning those who have not taken action and become martyrs) to chide those reading the magazine. They also have begun using the Muslima angle rather adroitly with the article by Umm Yahya which starts off stating that she would love to be a mujahideen and would gladly become shahid. It goes on to wind its way to exhort the other Muslima out there to urge their men to become jihadi’s and fulfill their greater destiny. It’s a sly way to get a synergy going with those true believers to act and it’s really the first time I have seen this out of the AQAP/Malahem machine. Overall I don’t believe that this will win hearts and minds that in turn will beget lone wolf actors but I cannot discount the odd whacknut who buys it hook, line, and sinker either. I guess it’s just the next wave in the jihadi propaganda war that will mostly be played out online… And that is just fine with me because it is still one that never will be won by AQ.
K.
A Few Words On Body Bombs and Security Theater…
//BEGIN
//UNCLASS
Has AQAP Been Watching “The Dark Knight” Or What?
It seems lately that the officials out there “in the know” have decided to allow a leak about a certain 15 page report alleging that Al-Asiri, the mad bomber/designer and much described “genius” of terror, has been attempting to perfect a design for an internal “body bomb” Now, no one really knows if this is indeed “the truth” or just how far Asiri may have come in his plans to create these surgically implanted bombs. However, what one can extrapolate from the press on this thing and the sources on “background” willing to talk, is that this seems to be more of a propaganda ploy than anything else on the face of it.
While I have no doubt that this vector of attack has been on the minds of AQ for a long time, so too has the use of CBRN, but to date, they have not been able to do anything in those areas and in fact the BIO warfare program they tried to start was a miserable failure. So, do we really see them getting to the point where a convincing as well as operational “body cavity bomb” is actually put to the test? I suspect that it may be some time until such a plan is put together and operational but as the media would have it now, as well as those leaking the “details” here, they seem to be saying FEAR NOW!
The Case for Surgically Implanted Munitions: Possible, Crazy, Exceedingly Hard to Pull Off
Now that we are all abuzz about the “surgically implanted bombs” lets take a look at the actual nitty gritty of how this would have to be conceived and acted on to work.
- You have to have a willing shahidi… Well, there are some out there so there you go. One that is willing to have srugery as well as recuperation time, well, ok… Harder but possible
- You have to have a sealed, self contained system that will not bleed (inside the device) and make it malfunction
- You have to have explosives that are high power and yet only require small amounts to be of use
- You have to have no metal parts to pass through the magnetometer
- You have to have a surgeon or surgeons willing to do the cutting and sewing (Well Ayman is a Dr. after all too so…)
- The device will have to be hidden enough inside the body so as to not alert others and preclude mobility issues (i.e. small, though the BVD bombs seem to be so as well)
- Your detonator has to be either chemical or electric/remote (timed or say an RF device) I lean toward chemical for these but who knows
The Case for FUDDERY as A Means to an End For BOTH Sides
So, what we have here though seems to be a lot of clucking about bombs inside of people and the fear mongering that goes on with some quarters of the intelligence community feeding this all to the media. SOFREP, a site concerned with SOF (SPECOPS) had this story out there last week and now it seems to be making the rounds with backup data (background from anonymous sources) that the mad bomber is in fact working on this with a cadre of doctors. Of course one can only assume that this “data” is perhaps coming from the recent mole that got into AQAP posing as a suicide bomber and stole their new prototype BVD bomb.
If true, then yes, sure, they had plans and were trying to make a bomb system that would be hard to detect, I mean, how many MRI’s are at the airports now huh? If this data did not come from the mole though (and there is data that this has been floating around now since at least last fall, way before mole man) then why now is this being thrust upon the media? Or, now that I think about it, there was that arrest of the guy with the pr0n that had the stegged “future work” file in there.
AH HA!
I am willing to bet that is the provenance of the file in question. Ok, so, there you have it. We have the plans and.. What.. Why release this to the public? I mean, what real purpose does it serve other than to scare the populace into submission? In the SOFREP report there is mention of something along the lines of “So how do you feel about your L3 machine now?”Uhhh, just fine really, I mean, it won’t help me if there is a surgically implanted bomb, but it gets much of the rest of the stuff when used properly. I am guessing that the impetus here was to make the TSA look good, by saying “you think you are hassled now, but look at what the jihadi’s are planning!”
Honestly, sure, it could happen, but the odds are slimmer than one might think I think and this seems to be a play here to manipulate the public mindset. Others have called the same foul on the play here but I just wanted to put it down here and sort through all the issues to ascertain where the truth might lie. In this case, for me, it seems like this story serves the purposes of both sides. For one, the security services here and the politicians both get a win by leaking data to sow fear, a fear that was ever so well used in the past (like G’Dub’s admin) and others to sway thought and perhaps lessen resistance to certain things. On the other side, this also works for AQAP because even if they are planning it, they are causing us to create even more elaborate Rube Goldberg devices to stop them, costing us more money and time.
It’s a win win for all of them.. FUD it seems is a booming business.
So, IF They Make These Bombs Happen Then What?
In the end, it comes down to this; “What are we going to do?” Do we really expect that we will now install MRI’s and X-Ray machines in the TSA lines to scan our internal organs as well as the sniffer/blower/wand/m-wave that we already have? This is a means of bombing that would be hard to detect if done well and certainly would not easily be seen under clothes or even with an M-Wave scan if it is not protruding/bulging the persons body in some way. Hell, for that matter, AQAP should just be looking for morbidly obese shahidi candidates huh?
Certainly, leaking this data to the news serves little purpose than to perhaps get people (including those on the hill) to buy into new measures and monies to appropriate them? It would not make one whit of difference in the current protection scheme now would it? Frankly, if AQAP and A-Asiri have been working on this, and it were a major threat, I personally would not have been dropping this to the media. Keep the intel secret (as the report is alleged to be) and keep it out of the public eye…
Unless you all think that by leaking this data you are retarding the chances that AQAP will try this method? I really don’t think that will be the outcome here.
In the end.. I call shenanigans.
K.
//END
//UNCLASS
AQ Air: Mostly Hot.. Not So Interesting.
AQ Air: Trying to Fill The Inspire Shoes
With much hubbub on the news services, the release of the new “AQ Air” magazine was announced on the newly re-formed and restored jihadi boards online this week. The thought behind the “magazine” really was to be something to replace Inspire, which, after the deaths of Samir and Anwar has fallen off the map. It’s not known if the others involved with inspire behind the scenes are even alive nor if they plan on resurrecting production, but this release by Abdullah Dhu al-Bajadin is no Inspire, nor should it inspire much of anything frankly.
The magazine is really just a series of powerpoint slides exported to a pdf and consist of the process to create chloroform on the cheap or, should we say in your mom’s garage? The intent here is to incite others to create the chloroform to use on airplanes perhaps? It’s really unclear as to the whole use of the airline motif other than perhaps as a link mentally to the AQ in NY picture that came out the week before and created such a stir with the NYPD and the media.
Overall though, this “magazine” is no more than a childish attempt to garner attention, sow fear in the overly fearful, and perhaps attempt to get some jihobbyists to think about making chloroform and using it in some grand plan to attack America.. Frankly, they’d have an easier time just knocking over a veterinarian or something to get the chloroform rather than spend all the time trying to be Muhammad Nye The Science Guy.
The Files
The magazine wasn’t the only thing bundled in the drop by Abdullah though. In the rar file that was uploaded to multiple locker sites were five video files that were taken from the internet and re-purposed for the release. The videos in the raw, can be found on Youtube and other places and were made by what seems to be a German youth. Arabic script has been placed under the video and for the most part there is little to no narration, but background noise, including a German radio broadcast can be heard in at least one of the videos on the production of chloroform.
Metadata from the files shows that they were handled on a Windows machine using the following saoftware:
- chloriform.pdf file created 4.6.12 7:44pm
- Created on Windows Xp
- Created with pdfFactory pro 3.52
- Video files are in Real Video format without metadata
Conslusions
There is nothing to be really seen here frankly in my opinion. Unless this guy gets some real help with making this the next “inspire” it will just be another series of pdf files of powerpoint slides on how to make explosives or chemicals which are all over the internet. Inspire was a magazine that had much more content around the meaning of jihad for these guys and attempts at slick propaganda than this could ever aspire to. Thusly, this is a non starter for the media and perhaps that’s why it dropped from the news cycle so quickly. Abdullah though, he is another story, he has been around for some time making bombs and will continue to do so until we capture or hit him with a Hellfire missile launched from a predator.
We will keep an eye on him but, this is piffle and should be treated as such.
Oh, and loved the use of the daytime soap to show how to administer the chloroform.. I am sure General Hospital is happy that you did.
K.
Jihadi Information Warfare: The Next Wave
Jihad Post Anonymous
In the recent past I have written how I had been seeing movement toward more E-Jihad actions by the jihobbyists online at sites like Shamikh. Well, another look has provided me with more fodder for this idea including actual direction from online sources like TNT_ON on how to support hacking attacks ongoing between the likes of 0x0mar and others in the alleged “Middle East Cyber Wars” More and more of the postings on the boards out there have transitioned from bomb making and sabre rattling over sleights to how to’s on infowar involving hacking. It seems to me, that Anonymous has let the genie out of the bottle on this one and now the Jihadi’s are following suit after watching all of the hand wringing and distress from the likes of Anonymous and AntiSec’s antics.
Not only have the jihadi’s taken to this idea more and more because of what is going on with AntiSec, but also it is finally fulfilling their desires to hit the infidels without having to strap on a bomb vest themselves. This is something I have written about in the past with regard to what Samir Khan and Al-Alawki were trying to foment with Inspire magazine and failing to reach the next gen of jihobbyists who are more self centered and unwilling to act for fear of the repercussions. Now, with the hacking model of AntiSec, they have seen that they can do damage AND not necessarily be caught (right away at least) as well as not have to blow themselves up in the process.
It’s a win win for the jihobbyists and AQAP (the new AQ) and add to this the recent video by the old man Zawahiri (get off my lawn!) to the jihadi masses to start working on Syria as the next field of battle. A correlation of this is a post on Shamikh that shows TNT going on about helping with comm’s in the area for AQ and the revolution there. The battle to destabilize the regime and perhaps have an AQ?Salafist win when the power vacuum occurs is high on their minds, and by facilitating things they see themselves helping the fight that will win the day for the global caliphate.
Backtrack 5 and Jihadi’s … Now There’s A Mix.
As an effort to get the global cyber jihad going, tutorials are popping up all over the net along with certain Islamic hacking sites offering not only how to’s but also software and targets. One of the more interesting developments is how the jihadi’s are now going mainstream hacking with the use of things like Maltego, and Backtrack 5 as well as using sandboxed USB drive operating systems. This is not your old jihobbyists online, its changing before your eyes. Now, this is not to say that all of these folks are becoming sophisticated hackers, but, one need not necessarily be one in order to sow chaos or hack a site nowadays right?
There have been tutorials on SQLi as well as how to use Metasploit online for a long time, but only recently have I seen them being translated into Arabi and placed on the technical forums. This means to me, that even the low end of the technically capable can now boot up their tools (courtesy of the security community) and viola, hack a site… Of course, what they plan on doing after that is not clear. So far these guys have not figured out the full Anonymous model’s relevance to the global jihad.. Yet… I think though, that as Anonymous/Antisec moves along further, and the words of OBL reach their cognitive centers, they will understand that even this realm of warfare can be used to hit the infidels in the pocketbook, sow fear, and serve as the digital side of the kinetic attacks that the core of AQ would love to perpetrate for large effects..
Short answer.. Digital Warfare in support of actual kinetic attacks on infrastructure.
Maltego and Jihad.. Hmmm..
TNT_ON and AQ Comm’s Support for Syria
SQLi, The Anon’s Love It, Why Not Jihadi’s!
The Take Away
I have been pointing this out for a while now and the jihadi’s have been evolving. While the Arab Spring goes on and the changes are sweeping those countries in the Middle East, the jihad has begun to take notice of this area and asked its acolytes to learn. The E-jihad is budding in tandem with their thirst for power vacuums in places like Syria and Yemmen where they hope to take over by winning the popular sentiment. What they fail to see though is that they are not as loved as they think they are.
Meanwhile, in looking at Islamic/Muslim/Jihadi hacker sites, I am seeing the rise of a new player in the Anonymous space… Perhaps even they have become a part of that space and are working within. After all, Sabu keeps playing the Palestine Liberation card in his imagery and speech…
How long til the zeitgeist catches on with the kiddies…. The defacements ongoing and the dumps of credit cards are only the beginning I think…
Now we can add Jihadi’s to the list of players in the great game of “Cyberwar” *cough* hate that term still…
K.
Paradigm Shifts: Global Salafi Jihad and “The Group of Guys”
Global Salafi Jihad
The idea of Global Salafi Jihad has been something that I have been thinking about since the demise of OBL and now Anwar and his cohorts at Inspire (Malahem) and it seems reasonable to me that this is the natural next step in the jihad movement. The term “Global Salafi Jihad” denotes that the jihad has switched from the loosely based Salafist ideals put forth by AQ and is shifting back to the more rigid beliefs of the Salafist.
The exhortations of AQ online and other, have been curtailed since the deaths of OBL and Alawki with the media wings only putting out the usual rhetoric that it has been unable to substantiate with actions. It would seem that in the case of the Western jihadi’s that they hoped to induce into jihad, the AQ team has failed to really produce the desired effect and have waves of Western jihadi’s who activate and wreak havoc here and abroad. In fact, there have been 176 cases of self radicalized jihadi’s in the US and only 2 of them actually went on to physical attack mode with firearms.
So, it has been a lackluster performance and AQ knows this. It is my thought that the next turn will be more toward radicalizing actual Muslims with the tenets of Salafi belief. Whether or not this will take the shape of online exhortations or the more localized indoctrination at mosques is the real question. Again though, shifting back to this position I feel, is the only way to go about getting their desired goal of creating zealots who are willing to become shahid for their cause. It is finally becoming clear to them that the Western kids are just that, Western, and not really inclined to doing much other than talking about jihad as living out those fantasies online, much as they do with video games.
With the true believers though, the ones who have been trained in madrassa’s by wrote with Salafist beliefs, those are the core that they seek to manipulate and use to their own ends. This means that the pivot I believe, will be more of a focus back to the core Salafi ideology while manipulating the recruits with propaganda on how the kafir have invaded the lands (the usual line)
Net/net this means a kind of indoctrinal brainwashing… One that really will pivot back to the lands of the Ummah as the training grounds. This however will not be the true ideal of “Global Salafi Jihad” but it will be the only way I think that they can see toward keeping their movement relevant and alive.
The Group of Guys Theory and Jihad
The other aspect of this line of thought is that the theories of Dr. Marc Sageman will come to play and there will be “groups of guys” who will coalesce together in places to eventually take up jihad and Salafi beliefs. Dr. Sageman’s premise is that for the most part, the jihadi’s that have come about and actually carried out attacks were not trained in madrassa’s from childhood, but instead tended to be 2nd generation Muslims living in countries that are not predominantly Muslim. In fact, many of these guys were not radical at all until they began to feel a certain discontent with where they were in life and sought to learn about their heritage. There seemed to be something missing and when they started looking, they came across the AQ doctrine and gravitated toward it for a few reasons.
- Romanticism
- Fraternity within their group
- Adventure
Much of the same ideas play out in the online jihad as well, but seem to not get the real life spark that is required for the actors to really activate and play their part in reality as opposed to their idealized and fantasy life that they can easily sublimate their desires with online without having the danger angle. In the cases that Dr. Sageman looked into, these players got together and as a cell, in person, worked out the details and egged each other on to actually doing something in real life.
And this is a key difference today.
Going back to the online jihad, we see this egging on and inspiring speech within the bulletin boards, but the reality is that each and every one of these players is alone in a room somewhere typing on a keyboard. Once disengaged from the internet, they do not have the physical presence and the motivation to actuate.
Post UBL, Anwar Alawki, & Inspire Magazine
Since the death of Anwar Alawki and his cohorts, Inspire magazine has been off of the digital shelf. This magazine was the closest that the AQ set had gotten to being hip and cool enough to garner attention from the Western kids. Now that it is gone, the one conduit to perhaps creating more lone wolves went with it. However, even this magazine had issues with trying to get the masses to heel to and do their bidding. This is something that they also lamented a bit in the propaganda and planning materials and I have written about in the past.
Now that this is gone, and as far as I know there are no players to fill the void, this has dealt a real blow to the online jihad and once again tips it back to the old model of Salafi jihad taking over where the Mtv AQ set has left off. This is problematic for AQ as the Salafi mindset is more than certainly not one that the Western mind and the kids here today really get, so, I am sensing an overall failure to inspire the kids with it sans something like Inspire Magazine. The question then becomes is there anyone to step up here? Perhaps Gadahn, but, he is really not that inspired himself nor inspiring for that matter.
The right word for Adam is pedantic I think.. He and Ayman are much the same in reality… Uninspiring old men yelling at the world to get off their lawn.
The Failures of Social Networking in Jihad
The use of Net 2.0 and Social Media however has been an important feature to the online jihad. Today there are numerous sites out there with Jihadi content and themes. These sites as I mentioned above, have only nominally created any kind of serious jihadi’s though. The problem with these sites though from my perspective is that C&C for those who would self activate or those “groups of guys” out there who create their own cell autonomously, can get direction and support from these sites.
I would say that 95% of the traffic on these sites are just kids playing “Jihad” online but there is a very real aspect of command and control here that should be recognized. Inspiration as well is another key factor to look at too as these sites can attract those seeking excitement and direction. Those that want to get indoctrinated can then easily get the materials and the chat to move further toward their evolution of becoming the next wanna be shahidi making a crude device in their basement or chatting with others about aspirations of shooting up a mall.
Fortunately, the use of these sites has been a boon to the likes of the FBI as they are able to obtain attribution on their users as well as insert players into the game to lead them into traps and roll them and their aspirational plans up with stings. However, as I pointed out earlier, it seems that nothing can replace the actual proximity of individuals to each other in real life to get them to actuate their plans beyond just talk.
This is a key factor and why I now feel that the online jihad is a failure and will continue to be so. You can network all you want, but human nature plays a key role here. It’s easy to just sign off, create a new ID and be anonymous online as people jeer at you. In real life, that social embarrassment and pressures involved in real life social interactions are the main reasons that others have re-enforced each other to acts of jihad.
The Network As Battle Space for Jihad
The paradigm change though I fear has been fomenting with the likes of Anonymous and their online movement. If the jihadi’s actually acquire online skills in the hacking sphere as well as figure out how to inspire and energize the more savvy believers online, then we have more problems. Recent events with regard to ICS and SCADA system vulnerabilities has shown that there is a potential for online mischief that AQ could leverage. These types of attacks would not be world ending and nothing close at all to what happened on 9/11, but instead would further the tenets that OBL laid out with regard to a “Death of a Thousand Cuts” type of warfare against the US.
It is my belief that this is potentially the new battlefield that AQ could leverage where the Western kids who gravitate toward jihad would be willing to take up digital arms. This paradigm would work for both the AQ core and the wannabe’s out there online who are unwilling to blow themselves up for Allah. With the idea that the internet offers anonymous ways to attack the powers that be (ala Anonymous) then I believe that AQ has a greater chance of inspiring followers to action and thus to potential real world acts of digital terrorism.
Acts that would not cause mass casualties on the whole, but would cause the government here to spend much more money and time on the “digital war on terror” and once again put fear into the populace who will now worry that their water will be cut off, or polluted with feces. Only these types of attacks, with real world consequences will be at all effective in furthering the jihad. Defacement of pages etc, is just skiddie stuff that will serve no greater purpose. Just one hack though on a power plant or more likely a water facility in podunk illinois will set the media and the chicken littles into a tizzy though, and that will be a media win for the jihad.
Once this happens and is claimed by the likes of online jiahdi’s then we will have a problem because this will give them the air that they desire and AQ will leverage that.
Running on Empty, AQ’s Message is Losing Steam
Generally though, I am feeling of late that the AQ message has been diluted by the deaths of key players and the squeeze we have placed upon the organization. The marketing of AQ to the masses online has been damaged with the loss of Alawki and his boys (inspire) even though they were still grappling with a working formula for their brand of jihad online. Now that the old man (Ayman) is in charge, I expect that the dictum will fall back to the Salafi system of thought, and that is a tough one for the Western kids to get in line with.
Unless AQ gets hip or learns that the digital space is up for grabs and acts on it, I frankly see the movement as going back to its roots. There will be an amount of time where AQ will have to inculcate more jihadi’s out of the next generation of kids in madrassa’s and this will take time. More and more the movement will have to be relegated to the steps of the tribal lands where it will fester.. Unless Pakistan gets in line and dismantles the ISI support for them and cleans out Waziristan.
Not too likely at present.
So, the core will go on. They will continue to try and get their message out, but it will go to the net 2.0 generation who really aren’t so much into blowing themselves up nor are they that devout.
Looking Forward Into The Jihad
So where does that leave us? I think that overall, we are going to see another shift in AQ and Jihad in general. The online jihad experiment has failed and I think the smarter ones in AQ know this. They will go on to re-tool and re-group while trying to avoid being hit by a hellfire launched from a predator. The only problem that I can foresee is the idea that they will learn something from the Anonymous movement and work more within the digital sphere.
Not so much recruitment… Until they have a success with a digital attack… Then the jihadi skiddies will come out of the woodwork.
Until then, we will have some more “get off my lawn” dispatches from Ayman.. And that’s about it.
K.
AQAP and Al-Malahem Post 9.30.11
It seems that a drone/air attack in Yemen has taken out two key players in the AQAP and Al-Malahem Media organizations in the deaths of Anwar Al-Awlaki and Samir Khan. Awlaki, the American “cleric” who made his way to Yemen to be the spiritual and charismatic head of AQAP (Al Qaeda in the Arabian Peninsula) evidently was in close proximity (and makes sense given their org) to Samir Khan, former American as well, who became the creator and editor of “Inspire Magazine” and the Al-Malahim Media group. This one strike will place AQAP as an organisation as well as Al-Malahem, into a tail spin from losing their mouthpiece and their propagandist.
…And I am just fine with that.
Hey Adam.. You’re next pal.
It is interesting timing for all of this too as the “media jihad” as it was called in the last issue of Inspire, was for all intents and purposes, still just spinning up in many ways. Samir and Adam and others in their crew had just really been getting into the swing of being the media arm of AQAP with Inspire and the videos etc. They had been groping along on how to really carry all this out up till now, though, it seems like the last issue of Inspire was a haphazard and perhaps hurried issue? The content was thin and seemed to me like they had been otherwise occupied.. One wonders why… Perhaps their ranks were on the run? Today’s news might in fact be the end game to that puzzle huh?
In all though, I think that this will deal a great blow to AQ and AQAP’s media arm. We will be seeing less out of them and I am pretty sure that it will take some time for them to get others to take over the rolls who are adept at it. Most of all, there will likely be no other charismatic leader like Awlaki showing up soon. Ghadan is not all that and we have seen little of him lately, so I am assuming that they will be quiet for a while.
Time will tell.
Now, as to why this is REALLY important, well, as you saw in my analysis of the Inspire 7 issue, the “media jihad” is really their only way to resuscitate the jihad in many ways as I see it. They have been really trying to fight this recruitment battle on the internet with all their magazines, sites, and videos. Now, the real media wing that has been so prevalent in trying to create more Rezwan Ferdaus’ is now hurt pretty badly. Just as is the spiritual leadership (more rhetoric to me) of Awlaki was a beacon for the likes of Rezwan or someone else like the michiganmujahid who often writes about his hard on for Awlaki. So, my one real hope is that not only did we remove the problem of a couple of influential guys, but also cripple the media org at the same time.
Meanwhile, on another side note to this story… For anyone and everyone talking about the assassination of a US citizen, I would have you know this. He was no longer a citizen by my standards. He left the US, he joined AQAP in a lead roll, and he renounced his citizenship in videos on a couple occasions. So, no, we did not assassinate a US citizen. We instead assassinated a NON STATE actor in an action during a two front war.
End of story.
K.
Krypt3ia 