Archive for the ‘Mapping Internet Jihad’ Category
Leaderless Jihad and Open Source Jihad: A Marriage Made In Hell.
In 2013 I wrote about leaderless jihad and the “Stand Alone Complex” Now we are seeing this type of leaderless, “inspired by” thought virus playing itself out on the national stage. Last nights attack using a lorrie was something that was presaged by two issues of Inspire Magazine back in 2010 and 2014. There isn’t much to it really to gather some weapons, steal a truck, and then plow it into a crowd but it has taken this long for the insidious idea to take root in the collective unconscious of the would be jihadi’s. The days of a more rigid and trained “jihad” are being eclipsed by would be unbalanced individuals seeking attention and reinforcement of their sick ideas through the media, the internet, and our collective inability to look away from a tragic scene on a glowing screen.
2014 Inspire
2010 Inspire 2 “Ultimate Mowing Machine”
Soft targets were always the preferred avenue of attack but now they are becoming seen as a top priority for security forces since the attacks in France and other places like Bangladesh. While Dahka on the face of it had a contingent of more trained individuals the attack last night is as simplistic as they come. This is what is really scaring the populace and the security services because now it seems that the authors and actors of these acts are in fact just one guy and not a cabal that they could perhaps track using pervasive surveillance. A cell of one is hard to track and certainly if they self radicalize by just downloading Inspire magazine and watching YouTube, well, what can one do? There are no easy answers here in the world of detection and prevention.
So here we have it, I have been pointing this out for a while and at first it was AQAP trying to inspire “OSJ” or Open Source Jihad. Now Dabiq and Da’esh are carrying it on and furthering it with the media zeitgeist that ensues with each attack. The net effect here is that these people are selfradicalizing with the help of the media’s obsession on covering ad nauseum these acts. The pervasive hand wringing and talking heads only serve to whet the appetite of the would be jihobbyist into action. Forget the Inspire magazines and the videos, just watch CNN and that is enough it seems. This all is very much like the plot line to “The Laughing Man” arc of Ghost In The Shell. An act carried out on the media instilled others to carry out like acts to be on the media and further the idea(l) as well as serve as a means to self fulfil the actors need for attention and satisfaction.
This is pure psychology at work and there are a host of reasons and syndromes that could likely be pointed at to rationalize it’s happening. The fact of the matter is that now we are seeing it play out rather bloodily on the streets of the world in furtherance of an idea and ideal set that lends itself to the like minded.. Or should I say mentally ill? Yes, I would say mentally ill. These actors are acting out and likely have some borderline tendencies to start with. These people feel outcast in their societies or out of place within the societies they are living in as a second generation citizen. It is a complex thing to nail down and I suggest that anyone who might want to delve into it further read “Leaderless Jihad” by Marc Sageman.
We need a more nuanced approach to the GWOT and I am afraid we won’t get that…
K.
JIHADI’S HOLD LEGION OF DOOM CON CALL!! WOULD YOU LIKE TO KNOW MORE?
AZIJ XXRZ HMCKIDACVA GZ UZZW!
The Legion of DOOM!
Yesterday the camel’s back finally snapped in my head after reading a post on Harper’s Magazine entitled “Anatomy of an Al Qaeda Conference Call” which the author called into question the whole story that was put out by the Washington Times and their “anonymous sources” The paper claimed that Ayman Zawahiri and all the heads of the various jihadi splinter groups got onto their polycom phones and their SIP connections to have a “concall” as we say in business today.
You all may remember the heady headlines in the last couple weeks where the mass media picked up on this story and began scribbling away on how the so called jihadi “Legion of Doom” dialed in for a sooper sekret meeting to plan the end of our Western Civilization. Now, I am sure some of you out there have seen my screeds (140 chars at a time more so recently) on just how we get played too often by the media and the government on some things but this, this is just epic stupid here. If you or anyone you know believed any of this claptrap coming from the media please seek psychiatric attention post haste.
Let me tell you here and now and agreeing with the article cited above, that the “LOD” did not have a skype or asterisk call to plan our downfall. At the most they likely had a meeting of the minds in a chat room somewhere within the jihadist boards out there or had a server set up somewhere for them all to log into an encrypted chat. I lean towards the former and not the latter as they usually lack subtlety online. Though, given the revelations from Mssr “Snowman” I can see how the prudent Ayman would want this to be on it’s own server somewhere and for people to authenticate locally and encrypted on a system that does not keep logs… But I digress…
Suffice to say that a group of leaders and minions thereof got together for a chat on <REDACTED> and that they talked about plans and ideas (from hereon I am going to coin the term ideating) for the destruction of the West and the raising of a new global caliphate. Does that sound familiar to you all? Gee, I can’t seem to put my finger on where I have heard that one before. … So yeah, there was a meeting, there were minions, and there were plans but here’s the catch; NOTHING WAS SAID THAT ALLUDED TO A REAL PLAN! No, really, there wasn’t any solid evidence that prompted the closing of the embassies all over. It was a smoke and mirrors game and YOU all were the captive audience!
As you can see from the article cited there seems to be a lot amiss with all of this now that some reality has been injected into the media stream of derp. Why was this all brought to you in the way it was put out there by the media? Was it only the demented scribblings of one reporter seeking to make copy for his dying paper? Or was there more to it? Was there a greater plan at play here that would have the media be the shill to the duping of the public in order to make them see say, the NSA in a different light in these times of trouble for them?
Makes you wonder huh?
DISINFORMATON & OPSEC
So yeah, a story comes out and there are “sources” sooper sekret sources that are telling the reporter (exclusively *shudder with excitement*) that the Great Oz of the NSA has intercepted a LIVE call with the LOD and that it had scary scary portents for us all!
WE. ARE. DOOMED!
That the NSA had help prevent a major catastrophe from happening because they had the technology and the will to listen in on a conversation between some very bad dudes like Ayman and the new AQAP leaders plotting and planning our cumulative demise.
*SHUDDER*
The truth of the matter though is a bit different from the media spin and disinformation passed on by the so called “sources” however. The truth is this;
- The “con call” never happened. There was no set of polycoms and Ayman is not a CEO of AQ.
- The fact is that Ayman and many of the other “heads” of the LOD were not actually there typing. It was a series of minions!
- The contents of the “chat” were not captured live. There was a transcript captured on a courier that the Yemeni got their hands on and passed it on to the Western IC. (So I have heard, there may in fact be a chance they captured the stream using this guys acct) the Yemeni that is, not so sure it was us.
- As I understand it, there was nothing direct in this series of conversations that gave any solid INTEL/SIGINT that there was a credible threat to ANY embassies.
There you have it. This has been WHOLLY mis-represented to the Amurican people. The question I have is whether not there was an agenda here on the part of one of the three parties or more.
- Right wing nutbag Eli Lake
- The “anonymous sources of intel”
- The “anonymous sources handlers”
These are the key players here that I would really like to get into the box and sweat for a while. After the madness was over and sanity let it’s light creep into the dialog, we began to see that these so called sources were no more or less better than “CURVEBALL” was during the run up to the Iraq war. In fact, I guess you could say they were less effective than old curveball because we did not actually go into another half baked war on bad intelligence this time did we?
Another question that should be asked here is why was this information leaked in this way to the press on an ongoing operation that I would say might be pretty sensitive. I mean, you have a channel into a chat room (or *cough* con call as the case may be har har) that you could exploit further and yet you decide to close all the embassies and leak the fact that you have closed said embassies because you intercepted their sooper sekret lines of communication?
*blink blink*
Holy what the Hell? What are you thinking POTUS and IC community? Oh, wait … Let me ideate on this a bit….
- The intel community is in the dog house right now because of the SNOWMAN FILES yup yup
- So a WIN would be very very good for PR wouldn’t it? I mean you don’t have to hire a PR firm to figure this one out right?
- HOLY WIN WIN BATMAN! We tell them we foiled their plans using sooper sekret means that the public hates for infringing on their “so called” rights and we can win hearts and minds!
Could it be that simple?
All joking aside though, think about it. Why blow an operational means of watching how the bad guys are talking UNLESS it was never something you really had access to in the first place right? You could win all around here (though that seems to be backfiring) IF the Yemeni passed this along and it was after the fact then how better to make the AQ set abandon the channel by saying you had access to it?
Right…
How better also to try and get a PR win by alluding (ok lying lying lying with pantalones on fire!) that you had compromised (you being the NSA and IC here) said channel! I guess overall the government thinks that the old axiom of “A sucker born every minute” still applies to wide scale manipulations of stories in the media to sway thought huh? Oh and by the way, if any of you out there think this is just too Machiavellian I point you to all those cables dropped by Wikileaks. Take a look at the duplicity factor going on in international realpolitik ok?
Political Wag The Dog
It seems after all once all the dust has settled that either one of two things happened here;
- Eli Lake did this on his own and played the system for hits on his paper’s page
- Eli Lake was either a witting or un-witting dupe in this plan to put out some disinformation in a synergistic attempt to make the IC and the government look good on terrorism in a time where their overreach has been exposed.
It’s “Wag The Dog” to me. Well, less the war in Albania right? I suggest you all out there take a more jaundiced eye to the news and certainly question ANYTHING coming from “ANONYMOUS SOURCES” on NATSEC issues. It is likely either they are leakers and about to be prosecuted, or there is a cabal at work and DISINFORMATION is at play using the mass media as the megaphone.
Sorry to sound so Alex Jones here but hell, even a clock is right twice a day.
K.
AQ Air: Mostly Hot.. Not So Interesting.
AQ Air: Trying to Fill The Inspire Shoes
With much hubbub on the news services, the release of the new “AQ Air” magazine was announced on the newly re-formed and restored jihadi boards online this week. The thought behind the “magazine” really was to be something to replace Inspire, which, after the deaths of Samir and Anwar has fallen off the map. It’s not known if the others involved with inspire behind the scenes are even alive nor if they plan on resurrecting production, but this release by Abdullah Dhu al-Bajadin is no Inspire, nor should it inspire much of anything frankly.
The magazine is really just a series of powerpoint slides exported to a pdf and consist of the process to create chloroform on the cheap or, should we say in your mom’s garage? The intent here is to incite others to create the chloroform to use on airplanes perhaps? It’s really unclear as to the whole use of the airline motif other than perhaps as a link mentally to the AQ in NY picture that came out the week before and created such a stir with the NYPD and the media.
Overall though, this “magazine” is no more than a childish attempt to garner attention, sow fear in the overly fearful, and perhaps attempt to get some jihobbyists to think about making chloroform and using it in some grand plan to attack America.. Frankly, they’d have an easier time just knocking over a veterinarian or something to get the chloroform rather than spend all the time trying to be Muhammad Nye The Science Guy.
The Files
The magazine wasn’t the only thing bundled in the drop by Abdullah though. In the rar file that was uploaded to multiple locker sites were five video files that were taken from the internet and re-purposed for the release. The videos in the raw, can be found on Youtube and other places and were made by what seems to be a German youth. Arabic script has been placed under the video and for the most part there is little to no narration, but background noise, including a German radio broadcast can be heard in at least one of the videos on the production of chloroform.
Metadata from the files shows that they were handled on a Windows machine using the following saoftware:
- chloriform.pdf file created 4.6.12 7:44pm
- Created on Windows Xp
- Created with pdfFactory pro 3.52
- Video files are in Real Video format without metadata
Conslusions
There is nothing to be really seen here frankly in my opinion. Unless this guy gets some real help with making this the next “inspire” it will just be another series of pdf files of powerpoint slides on how to make explosives or chemicals which are all over the internet. Inspire was a magazine that had much more content around the meaning of jihad for these guys and attempts at slick propaganda than this could ever aspire to. Thusly, this is a non starter for the media and perhaps that’s why it dropped from the news cycle so quickly. Abdullah though, he is another story, he has been around for some time making bombs and will continue to do so until we capture or hit him with a Hellfire missile launched from a predator.
We will keep an eye on him but, this is piffle and should be treated as such.
Oh, and loved the use of the daytime soap to show how to administer the chloroform.. I am sure General Hospital is happy that you did.
K.
Jihadi Sites Fall Down… Go Boom… Again.
3.22.12
Mohammed Merah, kills 7 people and plans on killing more but is cornered in his home. He is tracked by his IP address when he attempts to buy a scooter online. Merah holds up in his apartment for 30 hours before being killed in a gun battle. The French put out the word that they are going to crack down on Jihadi online content, or much more to the point, if they catch you looking they are going to arrest you.
The laws are still being haggled over.
3.23.12
On or about the 23rd of March, the sites that are usually monitored by certain people and organizations began to wink out of existence online. The sites started to have trouble then just went offline. It was obvious at the time for me and some others that these were not just the run of the mill DDoS attacks, but instead, the sites had been either RM’d offline by attackers or they had been yanked offline by the increasingly twitchy admins.
The sites stay down and are supplanted by the likes of As-Ansar for traffic, but basically, the boards go quiet… Paranoia builds.
3.27.12
Muhrad Hussein Almalki is arrested in Valencia Spain. He was the admin of “Ansar Al-Mujahedeen network” and praised Merah for his killings online. His online name is أمين المكتبة It is suspected that the librarian is in charge of more than one of the sites that eventually goes down.
4.3.12 to 4.5.12
On the 3rd of April, the domain for shamikh1 and its server is moved to a hosting service in the Caribbean. On the 5th of April the site comes up again. The admin sends out an email to all members:
السلام عليكم ورحمة الله وبركاته
بشرى سارة
عودة شبكة الجهاد العالمي
الإدارة
All of the data from the site is back online and it seems the backend has been cp’d elsewhere before the takedown occurred.
4.6.12
Some of the sites have returned like Shamikh others have not. Out of the 5 it seems that at least a couple are still down and others seem to be under attack in other areas. Almadad is now under attack it seems and is as of this looksee down.
Questions:
At first I thought that perhaps players within the patriot hacker movement may have been involved, and perhaps they did after all, but, it seems to me more so now that the timing of the events all point toward a concerted action by governments. The hacking of the sites likely was done via bad installs of the PHP and SQL installations on the boxes that the databases resided on. There must have been actionable intelligence on some actions that the AQ boys and girls were planning or, the powers that be decided it was time for an interruption. You see, at least one of the main sites is back and it would seem they are back in business pretty quickly. Of course they have had this happen in the past and have moved servers and domains quickly enough.
Now, the questions though are the following:
- Was this takedown the work of governments
- If it was government and the dbases are all back up as they were before… Then this means that they are compromised. They seem unchanged
- The admin’s were twitchy enough before with all of the attacks by the jokey’s of the world and other <REDACTED> things that happened. So how are they going to react now?
- If this was the patriot hacker movement, then why no bragging?
- Did DGSE have anything to do with this? They seemed pretty motivated given the chatter online post the Merah incident that they planned some actions soon in France
- Last time there was a big takedown, there was a large roll up of players soon after… Should we expect some more now?
Conclusions:
- I lean toward a government sanctioned action perhaps using those patriot hackers.. But more likely it was a group of “SPOOK” hackers
- The sites had been compromised for some time and the word was finally given by whatever government service/agency/power to pull the plug
- They knew the sites would return, it is possible that someone took over for the likes of the librarian but… One has to wonder if maybe shop has been set up as a honeypot
- If it’s not a honeypot, then it shows the resiliency of the movements within the technical area and that they can stand up a site fairly quickly and seem to have a DR program up
Interesting times indeed. I would keep an eye on the news for a couple of things…
- Some very specific drone strikes
- Arrests
- VERY jumpy admins of other sites.
K.
COMING SOON! FUD FUD FUD!
ZOMG A JPG OF… WELL…NYC THREATENING AQ ATTACKING NYC! FLEE!
The picture you see above showed up on the As-Ansar sight on the 2nd of April and was posted by عاشق الشهاده2 Ansari Mojtahd and to date has stirred up quite the feather or three. It seems the NYPD, the NYFO of FBI and the news have all gotten bent out of shape because some 24 year old kid is getting jiggy with his Photoshop CS5 on Windows and posting stuff to As-Ansar, one of the lesser AQ affiliated sites on the internet. I too saw this file come along on the 2nd and thought “ORLY NOW!?” but, after looking at the user data of the poster and his history, I decided to file it in the “propaganda with some flair” file and not much more.
Then I woke up today and checked Twitter….
Great GOOGLY MOOGLY! Ray Kelley is getting all over this as is everyone and their brother because the jihobbyists wanna post pictures that are basically glorified digital postcards about coming back to NY like a rock band. Look people, it’s just a graphic ok? Look at the user and look at the venue, this guy is not Geobels and certainly not Samir Khan ok?
CHILL.
Threats And Allegations
Ok, so, yes AQ would love to hit NY again and they tried with Faisal… Well, actually that was more Pakistan and the ISI perhaps with the Taliban and not so much AQ or AQAP (do your fact checking folks) yes yes yes, they want to hit us again. This picture is just one in a series of pictures that this kid has created for As-Ansar, really, I swear he is looking for a job at As-Ansar more than anything else. Just look at the work by Googling the user name and hitting the “images” tab ok? He’s practising his Photoshop skills.
Now, of course he put it out there.. The infamous picture now that has everyone all freaked out is just a picture, a kind of calling card I think not a definite plan on how they plan on attacking NYC. Hell, this is not even a “credible threat” ok? Wakey wakey NYPD. Sure, look into the guy, look into his posts and definitely see if he has more connections etc online that could paint him as a player but really, going on the news about it?
“Shark jump much there Fonz?”
Aspirational Content Using Photoshop ZOMG! We’re DOOMED!
Alrighty, so this is “aspirational” as I have told the media who have contacted me. This means that they aspire to this, as nebulous as that aspiration can be from an image like the one above. This in NO WAY means we are doomed or that NYC will be seeing an attack like 9/11 again directly relating to this piece of so called artwork. Sure, the kid may indeed want this to happen, he may “aspire” to helping the cause by creating propaganda that might “inspire” others to acts of violence against NYC, but, what is the likelihood of this with this image alone?
Not much.
Ok, the kid may be on his way to becoming more adept at this and sure, he has a slick 3D skill set there with that Adobe product on his Windows box, but, so what. Anyone today could really do the same thing. The crux of the issue is whether or not this kid is going to move further up the ladder and attempt to take over where Samir and others left off with “Inspire Magazine” All informatics thus far about him that I have seen point to “not so much” This doesn’t mean though, that after all of this hullabaloo over his nice pictures that someone won’t offer him the position right?
Talk about self fulfilling prophecies huh? Nice work Ray, NYPD, FOX, and others.
Over-React Much News Media and NYPD?
While I am on the Ray and NYPD thing.. What the Hell man? Really? This did not warrant this attention and posturing on the part of the NYPD.. Whoa, wait a minute.. Unless that is if you are playing damage control over all of the crap you guys have been caught up in over Muslims and invasion of privacy etc. Oh yeah, now that makes sense to me.
“Look at the birdie! Look at the birdie! LOOK AT THE GOD DAMN BIRDIE!”
Yeah, now I understand this.. That and the mindset here is that anything at all constitutes a clear and present danger….
Duh.
This Is What Happens When There Are Fewer Sites Online For The Kids To Play On
Meanwhile, another fun fact in this little passion play of stupid is that this site is one of the few left on the internet at present. It seems about 12 days ago, hackers of unknown origins, be they state sanctioned or other, began taking down all the main AQ sites out there. Now, there are none of the big boys out there to be seen so the little guys like As-Ansar get all the attention.
Thus you have this little debacle.
Let me give you all a hint. If those sites were taken down in concert by a government then they must have had a reason. If it was other players (vigilante’s) then you have done nothing to help the cause by taking down sites that others were monitoring to keep tabs on these fools. Time will tell what the real truth of the situation is, but soon you will see the sites come back online (very soon for one of them) so what have you really done? You have just made them scramble to make new domains and they will be back like cockroaches.
… And some of them will just burrow further into the darknet and other places where it will be harder to watch them…
Thanks.
No, This Kid Is No Threat
In the end, this should be an object lesson for the talking heads, the media, and you gentle reader. This was blown WAAAAAAYYYY out of proportion and any of you out there who thought it was an existential threat need to start digging those bomb shelters again in your back yards. This was piffle, and if anything you just made a star out of this 24 year old….
Nice work.
K.
Asymmetric Warfare and Tugjobs
The SANS Report: The Jester: A Lesson In Asymmetric Warfare
Post: The Jester Dynamic: A Lesson In Asymmetric Warfare
This report made its way to my desktop last night via a tweet and I just had to read it. Of course after I had read it I felt dirty from the tugjob that SAN’s basically put together on Th3j35t3r and his crusade to annoy the Jihobbyists and Jihadi’s offline by DoS’ing them offline for half an hour at a time. So, I just felt compelled to respond to this report and the inevitable sausage love fest that it portrays Jester’s “work” in the light of reality instead of fanboi love.
First off, let me say that Jester and I have history. Back in the day, when he first started his campaign he/they decided to hit my personal box because it had “jihadist” materials on it. What Jester mentions and is not elaborated on in the report is that his “mistake” was “blue on blue” as he calls it, meaning that he hit me without really doing any kind of preliminary foot-printing as to who I was and what I do. Instead he just decided to mouth off playing up that I had been compromised and that I hosted materials, thus “TANGO DOWN”
After exchanges with me, as ever my diplomatic self 😉 he decided I needed more attention and DDoS, which was all well and good because I was the first to have traffic to give to others to look at for his modus operandi. Anyway, suffice to say that eventually there was a detente between us, but my opinions stand as to his campaigns real uselessness to the real operators out there working to defeat jihad online. In short, I think its a futile exercise and in the end, more of a publicity stunt than anything substantial in the war on terror.
SANS just doesn’t seem to really touch on the facts of how many sites are out there and how much still goes on even with Jester’s dos campaigns… Nor do they really have any substantial backing to some of the claims they allude to with regard to party van’s being sent out for Anon players.
SANS, bad journalism should be left to journalists.
Asymmetric Warfare Or Annoyance?
So, a lone commando goes on a crusade to drive the jihadi’s into the shadows online. He’s a one man cyber army, en-wrapped in the flag, DDoS software in hand.
Umm.. Just what will all this DDoS accomplish? Jester seems to think it will put a stop to radicalizing online, but the reality is that they will just go get another domain or start a new paltalk session. Asymmetric warfare is defined as the following:
“Asymmetric warfare” can describe a conflict in which the resources of two belligerents differ in essence and in the struggle, interact and attempt to exploit each other’s characteristic weaknesses. Such struggles often involve strategies and tactics of unconventional warfare, the “weaker” combatants attempting to use strategy to offset deficiencies in quantity or quality.[1] Such strategies may not necessarily be militarized.[2] This is in contrast to symmetric warfare, where two powers have similar military power and resources and rely on tactics that are similar overall, differing only in details and execution.
So, just who is the weaker here? The jihadi’s insofar as strength were never an existential threat in my book online. They have been up until recently, fairly unsophisticated in their communications and their internet skills. The fact is, they were talking pretty much in the open and then comes along Jester and he DoS’s them offline for a little while. They get annoyed and yell, but then they go back to doing what they are doing. There is no net effect here. Even I thought that they might pull back a bit after his campaign started, but nope, they just kept on going because it was easy enough to just go play X-Box until the site was back online.
Frankly, I see nothing in the anti-jihad campaign by jester as being worth the time. He frankly did much more with the LOIC poisoning than anywhere else, but that is another story…
So, in classical definition of asymmetric warfare, this idea that jester was carrying out one, is false. Neither party was particularly well equipped or strategically effective to merit the term.
Cause and Effect In Jester’s War
As I said above, the jihadi’s went on at a pace even with Jester’s DDoS attacks. If anything, Jester just forced them to become more sophisticated and obtain backup sites and mirror their content even more than they already were before he came along. In my experience, it has not been the acts of a lone commando DoS’ing sites offline that has affected jihadi websites and radicalization, it has been instead the death of OBL and the campaign against jihad that the US has been waging by killing or capturing AQ leaders and foot soldiers ( making them think twice). The online portion of this scenario though, is more about the arrests of would be jihobbyists who spoke to the wrong people online and eventually were arrested from good police work than anything else.
I would also add that the killing of Samir Khan and Al-Alawki as well had a much greater effect on online jihad than anything else because they were the thought leaders and the creators/editors/creatives behind Inspire Magazine. I have written much in the past about Inspire and how they were trying to re-kindle the embers in many, but also reach out in new ways to the “western” jihobbyists to get them to do more than just talk online about jihad. You see, that’s pretty much all that has been happening, they talk a good game, but then they go offline and go about their business.
Once again, this makes jester’s campaign moot.
… And so it goes on. The jihadi’s/jihobbyists are still online, they have been quieter since OBL and Samir/Al-Awlaki died because the wind was taken out of their sails really.. Not because they got Dos’d. The sites are alive and well and being used today….
Asymmetric War Or Media Campaign?
Meanwhile, the fact that jester came out of the closet with his rhetoric and his IRC/Twitter/Blog only says to me that there was a need for a media campaign. Why the media campaign? Attention. It’s purely for attention unless there is some other means to an end that he had in mind. Of course at the time there was talk by the DoD/DC3 circles how we needed a “patriot hacker” movement, so, could this be a part of that picture? As the paper states, jester has 28K followers on his twitter and many many fanbois. Oddly enough, all of this started just around the time as Anonymous did as well, it almost seems like one may have created the spark for the other no?
So, Jester paints himself as the Dick Marcenko of the internet and the kiddies flock. People are saying he is a hero and many aspire to the same type of fame and attention. Jester’s IRC channel was flooded with people and he spent time in and out of there getting attention. Attention I think he really just wanted, maybe needed. In his first tangle with me, there seemed to be more than one personality at work and in fact the one that I pissed off seemed to have a lack of self control as well as a juvenile manner. Since then, he/they have matured somewhat but overall has been relegated to not being online as much and not acting out by attacking jihadi’s or Anonymous.
Why?
But then he came back. Just recently he began his DDoS campaign again. Why? Well, one of the first things he did was open the IRC again to all comers and now we have the SANS report.
Attention level achieved.
So, in the end I feel its more about attention than it is about gallantry or being an effective “operator” against Jihad.
Just my opinion.
The Rise of Anonymous and Jester’s Part in It
Meanwhile, in between battling the Jihadi’s jester also took on Anonymous because they “doxed active operators in the field” etc. While I can empathize with the sentiment, the follow through was hit and miss in his campaign to out Sabu and others. The SANS reports uses innuendo that says he may in fact have been the one to out Ryan Cleary. In fact, I am not sure about that, because inside sources in Anonymous have said that he was outed by someone on Xbox because he as an asshole to them. This is also the case for many others in the Anon infrastructure, they too were outed by others within the collective because they had a falling out.
So, really SANS, unless you have hard data, please stop.
In fact, Jester had had several misses on Sabu and in fact had to apologize to the players he fingered incorrectly. Oh, and by the way, all of this was done publicly and not just data given to authorities to follow up on. Which should have been the real aegis of doing any kind of investigative work on them to start with. After all, if you put dox out there in the public, even wrongly, you are just giving time to those who may or may not be involved to burn their data and make other means to keep on attacking. Tactically this is just poor operational behaviour.
Perhaps Jester has done things in the background we all do not know about and he has not reported to the media… Perhaps not. Overall though, the most creative thing he has done is to poison the LOIC. THIS was a real coup and I do appreciate that one. Hopefully that at least put some fear into the LOIC skiddies.
In the end though, the kids just kept on coming and now we have AntiSec to contend with as well.
The war is not won.
COIN and Digital Asymmetric Warfare (i.e. Failure)
So, in the end, I don’t think that generally the attention is warranted for the campaigns Jester has carried out that are known to us. SANS seems to be all over him and Sam Bowne as well as Rjack as modern folk heroes in a way. They do not even cover the fact that Anonymous uses the same tactics and methods as well, but, then where would the folk tale really go huh? In my opinion both of these groups/individuals fail at their final goal though. If Anonymous wants to effect change, then they need to stop just wildly doxing people and dumping data that really is not cogent to the issues at hand. Jester needs to have more than just a DDoS to drive the jihadi’s anywhere and in fact, the notion of breaking their C&C by DDoS is not functionally feasible.
If you are driving them.. You have to drive them somewhere you want them.. Not just back into the shadows where the analysts can’t see them.
All of this is not COIN and it’s not asymmetric warfare with digital tools.
It’s just a game and attention seeking behavior.
K.
*Side Note* The book and the picture above are there because even Lawrence, who won great victories by using asymmetric warfare, lost the overall war in Arabia because of the personalities involved.
Just sayin…
The Shifting Digital Sands of Online Jihad
Inspire Magazine, Samir and Anwar Are Gone
Since a drone took out the creators and editors of Inspire Magazine along with the titular spiritual leader in Anwar Alawki, the online Jihad has wound down quite a bit. The kids (stray dogs, lone wolves, the mentally ill, and the dispossessed) have not had their emails and online jihadi boards filled with the same old propaganda on how to be a good Muslim by being called to jihad as well as how to be ever so helpful as to build a bomb on your mothers kitchen table.
Of course the death of OBL also has something to do with this as well. His successor too has done nothing to reach out to the “youth” that really would have been the base had not the boys at Inspire been whacked. So, all in all the propaganda wing and the “next gen” of AQ/Salafi jihad has been pretty much been stopped for now. See, ol cranky pants (Ayman) is just that, a cranky old man yelling at the kids to get off his lawn with pedantic rhetoric on how to be a good Muslim as well.
Ayman just isn’t liked.
So, while the vacuum exists and may persist I see a some possible outcomes should someone take the reigns where the Inspire boys left off. Why do I see this now? Mostly because of the Anonymous movement and the Arab spring. These two things have changed the battlespace of the internet as well as geopolitics, it is just a matter of time I think before the Global Salafi movement latches on to the Anon model and starts to try and get tech savvy youth into their ranks and use DDoS and other methods applied by Anon and others for their cause as well.
Anonymous Becomes The Model of The New Jihad?
Of late, the jihadi boards have been quiet. The kids are not being as vocal added to the fact that there were some attacks back in December that put some of the sites down for a while. In the interim it seems, post all the hellfire missiles hitting their marks, those who are backing away from the online festival of “who’s got a bigger jihadi penis” at places like Ansar, may indeed be re-thinking things a bit. Those who have been steady users of these sites and still posting about jihad, have instead started to talk about such things as DDoS and the Arab Spring as well as hacktivism.
It seems that Anonymous has potentially sparked these guys to think like them and perhaps even use their tactics instead of continuing just to shake their fingers at us as they yell. This would be an interesting paradigm change in the global Salafi movement as well as the tactics of AQ. Though, I think that the AQ guys are so inculcated with the cult of death that they likely will not go with it. The guys at AQAP though already have been on this train for a while and before the mass whacking in Yemen, Samir and the boys were trying to figure out the new way to reach the Western jihobbyist and exhort them to do something. That something though usually meant violent jihad, and as you can see from the news, there haven’t been too many takers.
This is why I think personally, that online mayhem ala Anon is the next move that they may indeed take, and I think it will be AQAP that will lead that charge.
“If” they get some new leaders who were as savvy as Samir was.
As you can see from my earlier post concerning Inspire 6, the AQAP boys were trying to figure out a way to get the Western self interested and not so much religious set involved in jihad. I think what they really missed was that these kids do not want to carry out violence on the whole (though there are those who are mentally unstable enough and have tried.. and failed) instead, they would rather sit behind a keyboard and say things online to look all impressive but more than not, once they walk away and start to play Halo, they forget about the core principle of AQ’s jihad.. That of being canon fodder for the likes of OBL.
What Samir and Anwar Failed to Understand and Mobilize, Anonymous Has.. Mayhem without Dying
The younger generation that Inspire was trying to reach is just not so much interested in religion as well as being a shahid with the 72 virgins.. or grapes.. depends on your translation, so all the exhortations to make bombs and to blow themselves up, never mind carrying out acts that could get them arrested really appealed to the more sane of them.
Now though, with the advent of Anonymous and their tactics, I and others have been seeing hints of these jihadi skiddies getting the notion in their heads to do much the same thing. It allows them to actually carry out actions against those who they feel are oppressing them, they can brag about it, and the more skilled of them might not get caught at it. This is a real motivator I think to these malcontents and a viable option for the “online jihad” to become more than just a propaganda war, but also one of annoyance and attention.
Then again, if these kids, who really, many are, are skilled at all in hacking, though that need not be a requisite today with software today out there, then they could take down systems that could have bigger import right? There could be a real jihad online that could have kinetic effects in the real world. This is a problem as we have seen from the likes of Stuxnet and other events that show this is indeed possible. So, how long will it be before the light bulb goes off for AQAP and the greater Salafi jihad I wonder? They will have the forces they want to have an asymmetric war.. An online guerrilla war so to speak…
Perhaps the paradigm is changing and we will now have to wage an online “war” with jihad that will now not only have those purveyors and exhorters who want their minions to put together explosive vests as well as if that’s not for you, go download this tool and take down a site or two.
Anonymous Salafi Jihad.
The Next Wave of Jihad: DDoS, Defacements, and DOX-ing?
Looking into the future I can see this being a viable way that this may move. As you can see from the image above from a jihadi forum recently, they are talking about this. At present, there aren’t too many comments, but as the technology gets easier to wield (ala Metasploit etc) I am sure that as they all look on the mayhem (nuisance) that Anon has been serving up, they too might latch onto the idea and begin their own personal jihads from the comfort of their mothers basement too.
I seem to remember Bin Laden exhorting and ruminating on the jihad as not only violence but also a means to an end to bankrupt the system we have in the West. Well, look at all of the money being poured into INFOSEC now post Anonymous and their antics. Yep, you guessed it, we are spending money like crazy to plug holes that in reality may never really be plugged. Perhaps we will have another DHS just for computer security someday…
You see my point?
Don’t get me wrong.. The physical warfare will continue. Maybe even the two forces, digital and kinetic will work together to make scenarios like taking down sections of the grid etc could happen in the future if the players are serious enough. Usually I think of that as only an offering of nation states, but, given the right people and enough money, small attacks can have larger consequences right?
A pre-cursor to all of this line of thought to me is the current “cyberwar” *cough* as it is put in the media so eloquently, if not misguidedly. 0xOmar and others (also Anon’s it seems) have been waging their own battle against Israel. Doxing data of innocent people, dropping credit card numbers by the thousands, and finally, attempting to throw out a list of alleged SCADA systems for attack. This is just the type of thing I am talking about.
Now, is Omar actually just an Anon? A wanna be? Or is he just riding the crest of the wave here and will be the role model for others to latch onto in the geopolitics of the region?
Time will tell…
K
Why I Won’t Teach You To Track Terrorists Online
Re: The Cyber Jihad Front
How do you locate such domains? I know you use maltego/etc others – is
it mostly stumbling onto real domains of interest or do you gain
intelligence and link it to the particular domain?
—
Best Regards,
<REDACTED>
So, You Want to Track Terrorists Online Eh?…
The email above <REDACTED> is one of more than a few that have come my way lately on OSINT as well as using the precepts of OSINT to track Jihadi’s online. I haven’t answered any of these requests (until now… Here…) because I just kinda wanted to.. Well.. Not. However, with this last one I just decided to put together a post on my reasons why I will not teach people to do this instead of just ignoring the emails.
I appreciate people want to help out however, anyone who is emailing me asking how to locate Jihadist domains online must first off be unfamiliar with “The Google” All one really need do is Google for the appropriate content and voila, you have sited to look at. I am not saying that this person is a moron, but I am saying that common sense need apply when you ask such questions.
Anyway, on to the bulleted reasons….
The Reasons I Won’t Teach You…
Ok, so, the basic response is this;
“I will not teach you to track terrorists online because there is no manual for this to start with”
This is an organic process and I have been up to this stuff since 2001. I learned by just doing it and in the process of “doing it” I had to learn A LOT of other things apart from technology issues like hacking/security/coding etc. Remember you are dealing with PEOPLE and you have to be adept and reading them, what they write, and their motives/thoughts/ambitions etc.
But let me break it down for you further shall I?
- You have to understand the terrorists and their motives
- You have to know the language and the nuances of it
- You have to have historical context and be able to understand the movements
- You have to be a bit of an actor… I’ll leave it at that
- You have to have a natural desire to follow a zillion leads and to analyse them
- You have to be adept at using ‘Teh Googles” (misspelling intended)
- You do it wrong you don’t get good data AND you will have FEDS at your door
- You do it wrong and you could be messing up ongoing investigations (and you have FEDS at your door)
- You do it wrong and you could endanger yourself or others by not being careful (Can you say Fatwa?)
There are probably a million more reasons that I can come up with (and will as I am falling asleep tonight) but you all get the general idea. MOST of all though, I am not going to be responsible for someone screwing the pooch and then getting into trouble (and then saying “but Krypt3ia said!”)
NO.
I Got Skillz… Hacking Skillz… Nunchuck Skillz…
The essence here is this, I just happened to get into this after being at the hole post 9/11. I was pissed and because of the nature of the work I do, I had certain facilities that lent themselves to this kind of diversion. I also had the opportunity to make connections with certain people who could put me in touch with other people yadda yadda yadda.. You know…
So unless you have a sponsor, you know Arabi, or you are able to make some connections with the right folks, you will just end up causing yourselves more trouble than anything else by playing in this pool.
There are far more skilled people than I working on this stuff… I am no one to be teaching anyone..
Nor will I.
The only reason that I blog about the Jihadist stuff here is that I find it interesting from a philosophical perspective AND I have a reader base within certain circles that can use some of my ravings in their jobs…
So, no, I will not teach you how to look for Jihadi’s online.. Because you likely will only muddy the water and make my day more difficult.
K.
Rezwan Ferdaus, FBI Sting Operations, And Internet Jihad
It seems that the case of Rewan Ferdaus is once again showing us how the Internet jihad is helping to create more jihobbyists who could potentially move into active status. In the case of Ferdaus, he had some help in actuating his plans for jihad from some undercover agents and a “CW” (cooperating witness) Now, there has been a lot of talk lately about the only terrorists being caught here are the ones that the FBI is making and frankly, I think that sells things a little short in the real world. Sure, these stings are facilitating these people into action, but only after the individuals have pledged themselves to do something, much like Ferdaus himself. It seems from the Affidavit that Rezwan had had this plan in mind for some time and it was only after he talked to his friend the (CW) about it, that the feds got involved giving him the material support to carry out his plans.
And that’s where people get turned around here.
Ok, so you say that the FBI is entrapping people like Rezwan. They give him support and talk up the jihad perhaps. Sure, that is possible and that would be entrappment, but nowhere in this affidavit do I see entrapment. What I do see is a guy who wants to go to jihad and who frankly, is a bit of a misfit looking to fit in or have something to believe in. Might he have dropped this if he had been left alone? Or even for that matter, could the FBI have talked him out of doing this? Would that actually be of worth? The way I see it, he was on a path that he would have fulfilled one way or another with or without the help of the FBI UCE’s
In the affidavit you can clearly see how Rezwan “self radicalised” on the internet. Specific claims are made by him how he was surfing jihadi websites and seeing how evil the US was, and it was this that gave him the idea to go to jihad. I am sure the reasons are more complex and perhaps even that Rezwan has some mental issues, but, the gist is there. The materials were online, and he watched/read/listened along becoming more and more convinced that the kaffir have to die.
Rezwan also said on several occasions that his plan was to “destroy” the head of the snake (AKA the Pentagon and the Capitol) but he also knew that this was rather impossible given that he only had 3 micro jets (RC controlled jet planes) to work with, so the reality of it must have been lurking in his head somewhere. Surely 25lbs of C-4 is not going to bring down the Pentagon and the Capitol. Rezwan also wanted to have co-conspirators and had a plan to have AK47’s to shoot at the people coming out of the buildings after the planes hit. This was to sow more fear and to take out more kaffir. However, in one telling sentence he pretty much says that all of this is to “psychologically” attack America, so he must have known that this was a small attack in comparison to 9/11.
Though, if you have been looking at the past 7 issues of Inspire Magazine, then you can see how he was thinking along the lines of what Al Malahem has been saying for some time. If you keep American’s psyche’s unbalanced, that is much better than large scale attacks. My question though is how unbalanced would we be after an attack like this? Seems like we have been pretty battle tested between 9/11, Columbine, and VT. I guess though, the premise is there and it is sound enough. Had he carried this off, he would have had a wave of fear and knee jerk reaction that AQ would love to see happen here in the states.
So, here we have a prime example of the Internet jihad’s potential. Real life actions by unbalanced individuals that have been spun up by the rhetoric of AQ and AQAP. So, for all those making snarky comments about the FBI only catching these guys within stings I suggest you think about it another way. Had they not known about him and not gone through this process, he may well have indeed come in contact with an Anwar Alawki or others who could have potentially given him support to really have pulled off an attack.
At least the feds stopped him.
K.
Inspire 7: The 9/11 Anniversary Edition
Well, it seems that the Khan media wing of AQAP/Al-Malahem finally got around to releasing the latest version of “Inspire Magazine” with some rather uninspiring content yesterday. Though the core sites of Shamukh and Ansar were under assault from DDoS attacks by persons unknown (Jokey’s pals?) the Malahem guys managed to disseminate the file and it went large on numerous file share areas on the Internet. Which just goes to show you how effective those DoS attacks are eh?
*wink wink nudge nudge kids*
The magazine this time around was the 10 year anniversary issue, which was over a week late to start and then had slim content. This makes me wonder just why it was so thin as well as why they even really bothered at all. The 20 pages consist of mostly uninteresting statements and pictures from jihadi leaders past and present about how they had struck a great blow for Islam and jihad 10 years ago. Reminiscences aside, not much there to really inspire I think. However, there is a core piece by Samir Khan (founder of the magazine and former US citizen turned jihadi media mogul.. *not*) that is somewhat interesting and germane to recent events.
The Wired articles about FBI training manuals and programs on Islam were not necessarily out there when this magazine was put to bed, but, it seems like perhaps Khan and the others at Malahem were already responding to them.
As we pointed out, this media
conflict between the West and the
mujahidin quickly became a war
of Western secular ideology and
Islam. Shaykh Usama intended
to attack the West to point out to
the world America’s police-state
foreign policy upon the Muslim
world and not the West’s corrupt
secular principles. But because the
West was ardent to point out the
mujahidin’s attachment to Islam as
extreme, portraying them as “fun-
damentalists,” Muslims throughout
the world asked: “Wait, are they
not then concluding that a good
practicing Muslim is their funda-
mentalist enemy?” Zakir Naik, the
popular television personality who
is known for his religious debates
and runs the PeaceTV network, has
repeatedly echoed, “Every Muslim
should be a fundamentalist as a
fundamentalist is one who sticks
to the fundamentals of Islam.” This
attack led by America on the muja-
hidin’s adherence to Islam was one
of the main reasons that led to the
defacement of their legitimacy in
the eyes of millions of Muslims. To
this day, America has still failed to
realize that.
This one passage covers a lot of what the Mujahid propaganda campaign by Al Malahem and AQ have really been trying to get across to promulgate a reaction within the ummah globally to come to their way of thinking. By instantiating the idea that every Muslim should be “fundamental” to be Muslim to begin with, they are making a play at every single Muslim, no matter what part of the spectrum, to become fundamentalist. By using even a popular TV personality to make this point, they are trying to slip this into the collective mindset. Where this meets the Wired article and the training debacle is quite obvious though, those tutorials all portrayed the idea that the problem isn’t the Muslim, its in fact Islam itself.. And of course Shari’a law as well.
Its this argument that perhaps Spencer Ackerman should be enlightened about.. I find it funny as well that he took little time to really read the magazine before writing his piece on it at Wired. The article lacks complete understanding and in fact comes off as jingoistic propaganda itself, which is even more ironic given the nugget here by Khan about the media war that AQ and AQAP are trying to wage huh?
Hey Spencer, how about spending more time cogitating than being dismissive. I am sure it would be a much more interesting article had you taken the time to really read it.
This is not to say that the “Media War” as Khan puts it, is really working. In fact, I would say that it is not as a larger effort, working the way they would like. We have not seen in influx of jihobbyists or new suicide bombers here in the West, where this magazine is aimed at. Instead, those few who may be on the path to radicalization will only likely use this as another piece of their collective echo chamber. However, the core idea of what Khan is saying about the position of the West and our misunderstanding is pretty much on the money. Khan also likes to cite Michael Scheuer much of the time and I can understand why. It was Scheuer who was first on at Alec Station and has a pretty good grasp of Bin Laden, Jihad, and the AQ mindset. It was Scheuer in fact who has been saying all along that the US government and people were playing right into the hands of AQ by doing what we did in Iraq etc. I would suggest anyone wishing to get a better grasp of all of this read his books.
What Khan fails to understand is that this is not the first “propaganda war” that the US has waged. Sure, its the first one really online per se, but, it’s certainly not completely new. It’s just new to Khan and the AQ set is all. So, they have set up for a slick magazine that they can try to grab the kiddies with interspersed with some more cerebral content. In this edition, its more about the cerebral areas that are more telling than all of the claptrap propaganda around the big win of 9/11. This part of Spencer’s piece is right, its really mostly piffle, but, it is key not to ignore the rest of the content.
Meanwhile, there are oddities like the article on how Iran’s belief in conspiracies riles up the AQ set. Really? You guys are so miffed about Mahmoud that you had to write about it? Frankly we all know he’s a nutbg, but really, there is no need to go into this. I really have to wonder why this came up at all. It would seem that perhaps maybe the “Truther” movement is gaining so much potential that Khan and company feel they need to say “HEY we did that!” Whatever the motivation, it was an odd trek off the beaten path there.
Overall, there are some interesting intimations within the contents of this magazine as well as from the point of view that the content is skimpy and not the norm. No how to build bombs, no AK-47 schematics and tutorials. Why? Why too the seemed rush to this then the falling off by letting it out way after the actual anniversary of their “great blow against us” ? Could it be that the drone strikes are getting a bit close to them? Did we perhaps hit a main facility for production and they had to go from a backup that wasn’t finished?
Have they run out of ideas?
One wonders..
Oh well, this magazine may actually be in decline.. and you know what.. That’d be ok with me.
K.
Krypt3ia 