Archive for the ‘Stealth Jihad’ Category
9/11/01 Ten Years Later: Thoughts On The War On Terror
9/11/11:
Recently, I found myself on NPR speaking about 9/11, ten years later and some of the experience has dulled to a point where I no longer feel like I have some sort of PTSD. However, in talking about it, I began to think about how things are going with the war on terror low these many years later. With the recent events of killing Osama Bin Laden, and the roll up of other key players (be they arrested or in many cases, killed by hellfire missiles shot from UAV’s) I have to say that I am feeling somewhat optimistic about the war on terror.. At least from the perspective of breaking AQ’s back so to speak.
We have seen over the past few years particularly, a movement (AQ) that has been foundering because of more than a few factors;
- The net is tightening around them, more countries are getting more agile at intelligence sharing
- Their aegis of caliphate and jihad is being dulled by the Arab Spring
- Their titular leader OBL is dead and their new leader is perceived as the old man who yells at you to get off the God Damn lawn by the foot soldiers
- They are having recruiting trouble because it is harder to get to their ‘training’ countries. This is due to much more monitoring on borders
- AQ as an organisation has been marginalised due to its own set of strict rules
- AQ has, once again, been marginalised or contained. Its message is more diluted as many spin off (splinter) orgs have formed
- The takfiri movement is failing, not too many takfir want to be shahid suicide bombers
- New converts are not finding themselves similarly motivated to become shahid for the movement by wearing the vest
- The online jihad has been foundering, they are not technically as adept as they would like to be and keep getting shut down
- Due to being shut down online much of the time, they are not able to recruit and ingrain the “jihad” mindset as easily
- Due to the jihad being online, the converts are not as controlled by management, and thus there is no re-enforcement of belief to make them act
So, in many ways, the war on terror has been effective in marginalising the AQ core, but, at the same time, new groups have popped up. Lone wolf attacks (radicalising online and acting) is the predominate way that AQ/AQAP have seen as the future of the Jihad. I have personally seen them grapple with not only the technology but also the propaganda war itself in their magazine “Inspire” They have been trying to figure out ways to propagandise, radicalise, and re-enforce the word of Jihad by keyboard as opposed to the Madrassa . This in particular is problematic for them as they are used to that madrassa method. By getting kids in the door at a young age, abusing them, and only teaching them the wrote recitation of the Koran in tandem with their particular spins on Jihad, had they created so many shahidi. It’s just not that simple online trying to reach out to more Western minds who have not been controlled in such a way.
Instead, what we have seen is an increasing number of mentally unstable individuals (Emerson Begolly, Malik Hassan, Richard Reid, etc) be drawn in by the propaganda online and then go on to commit “lone wolf” acts of terror. Frankly, these people are no more a real terrorist threat (these radicalised and mentally ill folks) than the average spree killer. However, since they hang their hat with the Jihad and AQ, then, they become more of a perceived threat to the masses.. Erroneously I think.
The Elephant With Its Trunk In Our Collective Coffee:
Reflecting on all of what I state above, I then find myself pondering the costs of those wins for us. Two wars ongoing for those 10 years, our nations economy failing rapidly from the outpouring of money into said wars (and of course all of the other malfeasance that happened with wall street, bankers, etc etc) that at present, just seem to have no end. Can we in fact do anything in Afghanistan substantively? Or, are we just the next country to fall into a morass and not heeded the history of the region as well as the immortal words of Vizzini in Princess Bride “never get involved in a land war in Asia” So many have failed at trying to tame the region and all have fallen to a tribal society that has not changed that much in a thousand years. Add to this that we have just come off looking like the new brute occupying their lands, and we have the trifecta of imminent failure.
Meanwhile, at home, we have, over these ten years, traded our freedoms for perceived security. There are so many arguments to be made here, but, I have to say that there have been excesses and misuse of power. Our government has become ungovernable and radicalised into three parties, and we the people have little say any more because corporations are now “people” according to the court system (just look up the idea of the ‘super pac’ *see Steven Colbert for more) We have indeed traded security for privacy and the right to be a part of how we are governed by our own apathy.
Frankly, its rather scary. Of course all of the losses to privacy can be directly attributed to 9/11 and the land grab after it within the intelligence collective and government’s desire to outsource those same collection means as well as war-fighting capacities (Xe aka Blackwater ring a bell?) I’m afraid that much has been done in the name of liberty and freedom that we as a people might not like so much. So it is kept from us by over classification and secrecy. The panoptacon has been built around us all and, like the frog in the pot, we just don’t feel the heat as we are too happily playing with our new iPhone.
Are we really more secure from these enhanced rights the government has? Or is it that we have prosecuted the war in a much better way intelligence wise as well as boots on the ground to stop these guys in country? It seems to me, that back in the day the NSA could do all of this type of surveillance on other countries and it was all good. Now, they see everything and have the right to work in the US…
So just how many of these terrorist arrests were made in the US?
How many US jihadi terrorists were caught by the FBI due to the enhanced continental powers granted?
Am I just missing all those headlines? Because I am not remembering too many plots being stopped here. So, yes, we have traded privacy for a perceived security by allowing the government carte blanche… And no, we are not better off for it.
Of course now with the advent of Anonymous and LulzSec, we have a new kind of terrorism (albeit one that has not been uttered yet or legislated into existence) Just how long will it be before we see this happen? All of it proves though, that there is no fool proof way to insure security. We, as a people need to understand this and come back to our collective senses. Look at Europe, specifically look at England..
Do you want a camera on every corner? (almost there)
How about shotgun mikes? (almost there too)
The infrastructure is being built around you fellow frogs… Time to talk to your legislators about this if it concerns you.
Looking Ahead:
As I see it, the days of AQ are starting to wane and the days of the crazy lone wolves is just the same as it was before. All the attempts at radicalising have failed really to raise an army. I think we are winning the overall battle against Jihad… But.. We are losing the battle for our own country. Ask yourself this though; “Once AQ and the like are gone, just who will all these methods and technologies be turned toward? With no major enemies to watch, will it all be decommissioned? Somehow I doubt that.
For every time someone mentions how Facebook is so perverse about personal privacy, please take a step back and think about the government under which you governed. With all of the morass we find ourselves in, and how much we complain collectively about it being the governments fault, please ponder that said same government has the technologies available to do whatever they like and then mark it secret. Never to see the light of day.
I do hope the war on terror ends, but I shudder to think about what will happen after it does.
K.
Shamikh1.info: The New Den of Scum and Villainy
Well, that didn’t take long did it. At least Evan got one thing right, they’d be back up soon. So, here is the skinny on the new site and the core server that they have stood up. The site is still not fully back online, but this stage of things allows one to get a lot of intel on the server makeup and who is operating/hosting it because they had a direct link back to the sql instance. The site is not fully operational yet, but they are setting it up rapidly as I surmised they would on the domain of shamikh1.info which was registered in May as the backup domain.
I have begun the work of getting all of the pertinent details on the address owners/ops in Indonesia so soon all of their details will be available to those who want them. However, just with the short bit of work I have done here, I pretty much think you can all get a grasp of who’s where and what’s up huh? Sure, the server is in Indonesia, and, well, they are rather tepid on the whole GWOT thing so nothing much may happen…
But..
You intelligence agencies out there looking for a leg up.. Well here it is… Enjoy.
Now, back to the events that brought us to today. The take down of the original site may have been only because someone got into the server and wiped it out as Evan suggests (without any proof as yet mind you) or, it may in fact be because the site was blocked at the domain level as I pointed out in my last post on this matter. Godaddy had suspended the domain and I am not sure if the mirrors on piradius were working before the alleged attack happened or not. At this point, it is anyone’s guess as to the attacks perpatraitors, methods, and final outcome until someone from the AQ camp speaks up on exactly what happened.
Meanwhile, the media will continue to spin on about MI6 hacking them or perhaps it was those mysterious “Brit” hackers that so many articles mentioned.
“Bollocks” As they say in England.
DATA:
Domain ID:D38010794-LRMS Domain Name:SHAMIKH1.INFO Created On:14-May-2011 00:22:30 UTC Last Updated On:27-Jun-2011 07:43:57 UTC Expiration Date:14-May-2012 00:22:30 UTC Sponsoring Registrar:eNom, Inc. (R126-LRMS) Status:CLIENT TRANSFER PROHIBITED Status:TRANSFER PROHIBITED Registrant ID:fce7ae13f22aa29d Registrant Name:WhoisGuard Protected Registrant Organization:WhoisGuard Registrant Street1:11400 W. Olympic Blvd. Suite 200 Registrant Street2: Registrant Street3: Registrant City:Los Angeles Registrant State/Province:CA Registrant Postal Code:90064 Registrant Country:US Registrant Phone:+1.6613102107 Registrant Phone Ext.: Registrant FAX: Registrant FAX Ext.: Registrant Email:06b6ac7646b147ccb6aed6d1f0248d70.protect@whoisguard.com Admin ID:fce7ae13f22aa29d Admin Name:WhoisGuard Protected Admin Organization:WhoisGuard Admin Street1:11400 W. Olympic Blvd. Suite 200
Core Server:
Ip address: 180.235.150.135
Location: Indonesia
Persons Attached: Daru Kuncoro & Yogie Nareswara
Names of Admins: Yogie Nareswara & Daru Kuncoro
Email Contacts: ahmad@koneksikita.com yogie@arhdglobal.com
Nmap Scan Report:
Starting Nmap 5.21 ( http://nmap.org ) at 2011-07-02 07:39 EDT Initiating Ping Scan at 07:39 Scanning 180.235.150.135 [2 ports] Completed Ping Scan at 07:39, 0.32s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 07:39 Completed Parallel DNS resolution of 1 host. at 07:39, 0.53s elapsed Initiating Connect Scan at 07:39 Scanning 180.235.150.135 [1000 ports] Discovered open port 80/tcp on 180.235.150.135 Discovered open port 110/tcp on 180.235.150.135 Discovered open port 993/tcp on 180.235.150.135 Discovered open port 143/tcp on 180.235.150.135 Discovered open port 21/tcp on 180.235.150.135 Discovered open port 443/tcp on 180.235.150.135 Discovered open port 3306/tcp on 180.235.150.135 Discovered open port 995/tcp on 180.235.150.135 Completed Connect Scan at 07:39, 11.74s elapsed (1000 total ports) Nmap scan report for 180.235.150.135 Host is up (0.30s latency). Not shown: 958 filtered ports, 34 closed ports PORT STATE SERVICE 21/tcp open ftp 80/tcp open http 110/tcp open pop3 143/tcp open imap 443/tcp open https 993/tcp open imaps 995/tcp open pop3s 3306/tcp open mysql
Tasty, they have a few ports open. Hey antisec skiddies, wanna play with some SQLi ?
Meh.
Site Contact Data:
Daru Kuncoro:
Yogie Nareswara:
Current State:
Guess they are still working on the server connections… I am sure as well, that soon they will have more stealth servers out there in Malaysia as well. So the mirroring will begin for the sql instance to do the push from. Lets see how long it is before this one is taken down shall we? Oh, and next time an attack happens, lets all get a lock on how it is happening as well as exactly what it is. I have had enough of the media hype with talking heads who have no idea what they are talking about when it comes to information warfare or network security.
More later.
K.
IMPORTANT SECURITY TIPS: Security Tips for Jihobbyists At Majahden
Security Tips for Majahden2 Users and Jihobbyists
Important Security Tips from Majahden:
The boys at Majahden have been learning lately about how psyops, hacking, disinformation, and being pwn3d works. I suppose since Osama went to live in a pineapple under the sea, they have been taking stock of just how much information they are leaking on the boards out there on the internets. There have been a spate of timely deaths in the AQ camp of late as well as a few arrests, but really, the intelligence coup of finding OBL and whacking him has all the jihobbyists worried that they will be next.
Of course they should be worried, but not only because OBL was popped. You see, we have been inside their shit for some time now and they just did not know it I guess. I have written in the past about sites that I have been poking at and digging through and I know in the case of Al-faloja (may it rest un-peacefully) I was able to get quite a bit of data from them. Since Al-Faloja fell down and went boom, there have been many site re-vamps by many a phpBB admin but they still seem to be on the whole, lacking the skills to really secure their shit.
Oopsies!
So, from their sooper sekret squirrel lair we have the following text from the above screen shot on majahden entitled “Important Security Tips” From this post I can say that they have been learning though. The tips are good and if followed it will make it just a teensy bit harder to track them and eventually have them picked up. Here are some good ones:
- Trust no one: See a new member asking all kinds of questions about going to jihad? Be wary of them they may be spies
- Use internet cafe’s to log in and post to the boards because they can track your IP address
- DO NOT use just one internet cafe! Move around and make sure that you go outside your usual area (where you live)
- Use a PROXY at the cafe!
- Be careful though at the cafe because they are on the lookout for swarthy types like us!
- NEVER give out your real information to ANY forum! (i.e. Bday, phone, etc)
- Beware of files published to the forums! They could be malware!
- Beware of popup installs like Java on the boards, they are not proper and likely a means to compromise you!
- Beware people asking you to email them from the forum (use the message program on the board)
- DO NOT RE-USE PASSWORDS!
- Be careful what information (personal) you put on the site
- Be careful about posting anecdotes about seeing this or that imam speak (places you in a place and a time)
AND Finally, in the FUNNIEST note of the list;
- This is not a dating site! You want to make friends do that separately from the jihadi forums.
*snort*
In all, these warnings are good solid rules of the road for anyone going anywhere on the internet never mind on a jihadi board being audited by the likes of moi. Just from a privacy standpoint these types of suggestions are valid as well and should be the standard for anyone not wanting their identity stolen or their stuff hacked easily. This however, is pretty new to all of these guys and are the rudiments of SECOPS for them. Up til now, they have been not following any of these precepts, and to have to say this is not a dating site? Well, that kinda says it all to me hehe.
Meanwhile another tasty tidbit came up from the same site and this one is a little more interesting. The above screen cap is for a posting called “Deceptive methods to extract information” and it covers primarily the idea of snitches being placed in cells at camps to elicit information from jihadi’s. Now, this is nothing new to anyone who has had a diet of movies or TV here in the US, but perhaps it is a new one for these guys. Informants in the form of turncoat prisoners or actual agents from the likes of the CIA etc, have been standard operations to get information without the enemy knowing it.
This post is written by someone though who has had first hand experience with being detained. They go on to describe very specific scenarios and methods to evade giving up information to the “birds” as they are calling them. (I think they mean stool pigeons) The writer gives suggestions on how to detect the turncoats and or to deal with the interrogators methods in trying to cajole information from them. All in all, this is an interesting read that comes across as someone who has had direct experience and understands PSYOPS.
The Take Away:
These posts and others within the site have me thinking that they are starting to become a bit more sophisticated in their efforts online. There are numerous tutorials now on chaining Tor and proxy-ing as well as the use of crypto and other security oriented programs. TNT_ON has been busy posting more tutorials as well as lauding Younis Tsouli (aka irhabi007, now in jail) as the progenitor of the jihadi hacking scene. All I can really say is that it is maturing and we need to step up our efforts with regard to them.
With the new invigoration within the cyber-jihadi community since OBL’s great pineapple adventure, they have taken up the gauntlet not only to hack but to wage a cyber-propaganda campaign like never before. Presently, the jihadi’s on Majahden and other sites have been spinning up and creating numerous Facebook sites that conform to standards that will fly under the FB radar (FB has been pulling sites down just about as fast as they could put them up) this has become the new “stealth jihad” They are making the effort now to have innocent front pages that lead to many other more hidden pages containing hardcore jihadi content. This is something that was being espoused last year on the boards and is now coming into acceptance as the main modus operandi. This way they can have their content and not get it 0wned or taken down by the likes of Facebook or Blogspot.
Since the advent of the LulzSec crew, it just seems that we all have been focused elsewhere.. Time to wake up and go back to working these fools. I say it is time to start a program of 0day infected dox that will be downloaded from all those sharing sites that these guys love. Remember the whole cupcake thing with Inspire? I say we do it en masse for as many sites as we can. Added to this, we should also be using many more approaches such as PSYOPS, Disinformation, and all out penetration of their servers… No matter where they sit.
But that’s just me… I also think that perhaps the NSA might have that already covered… One wonders…
At the very least, we should keep an eye on these sites.. If not for the lulz, then for taking them down once and for all.
K.
The Post Bin-Laden World
Well, it finally happened. OBL is ostensibly dead, though we have no real proof of that for the masses to see, but we are being told as much and that there have been DNA matches made. As you are all being barraged with I am sure, the salient points of the operation are these:
- OBL was not in the kush, but instead in a populated area situated about an hour outside of Islamabad Pakistan
- The compound was built in 2005 and has been under surveillance for some time
- The compound was located in an area that was off limits to the reapers and other drones, thus they thought they were secure
- The compound was about half a mile away from the Pakistani military version of West Point
- The courier that OBL trusted most was the one who led us to him. He was in turn alleged to have been outed by KSM in Gitmo under “interrogation” as well as others in CIA ghost sites
- Once the CIA had the pseudonym it took about two years to actually get his real name and then to locate him
- Once we had a lock on enough data to place OBL there, the go code was given to neutralise OBL (he was not to be captured)
- SEAL Team SIX confiscated more than 3 computers from the premises and I am sure those have been sent already to the NSA for decrypt/forensics
- OBL’s body and any photos of it have been deep six’d so as not to give the jihadi’s anything to work with for Nasheeds and other propaganda
- It was old fashioned intelligence work and a SPECOPS team that eventually got him… Not just fancy drones and technology
All in all, Sunday was a good day for SPECOPS, the CIA, and the U.S. So, what does this mean though for the GWOT and for all of us now?
AQ’s Response:
So far, I have seen very little chatter on the jihadi boards whatsoever. In fact, it has been downright quiet out there. I think there is a mix of disbelief and a bit of fear out there that is keeping them quiet. Just as there has been no body provided or photo’s thereof, they all must be waiting on an announcement from AQ as to the loss. However, I don’t expect that announcement to be soon. I am sure Ayman has been scuttled off somewhere ‘safe’ and the rest of the thought leadership (what’s left that is) is wondering just where to go from here.
Much of the inactivity on the part of AQ also likely is due to their loss of computers that likely held A LOT of data that were taken by the SEAL’s at exfiltration. I would assume that much of what was left of their internal network has been compromised by this loss and when the systems are cracked and examined, there will be more raids coming. So, they all are likely bugging out, changing identities if possible and burning the rest of the network to prevent blowback.
Frankly, this is a real death blow to AQ itself no matter how autonomous the network cells have become. Though, OBL had been less the public face of things for some time with Ayman taking up the face roll. Time will tell just what happens to the AQ zeitgeist in its original form, but I think I already know what has happened, and it has been going on for some time…
In the end, I don’t expect a real response from AQ proper and if anything, I expect a feeble one from Ayman in a few days. Remember, Ayman is not well liked within many jihadi circles, so the succession of AQ is likely to have Ayman try, but I think in the end fail to be the new OBL.
AQAP and Anwar al-Awlaki the new thought leaders:
Meanwhile, I believe this is the new AQ. AQAP has been developing a base that includes the whole Inspire Magazine machine. Anwar Al-Awlaki has been the titular head of jihadi thought for some time now, but with the demise of OBL and AQ proper, he will be the lightning rod I suspect. I think also that we will be hearing from him very soon and with that audio, no doubt released by Al-Malahem, he will take the spot that OBL and Ayman did. Whether that will be at the behest or acquiescence of Ayman or not I cannot be sure.
Awlaki is frankly, the charismatic Americanized version of OBL that will be able to and has been, moving the western takfiri’s to jihad with his fiery speeches. With his team of younger, hipper, and technically savvy, he will have a better chance of activating the youth movements and gaining the respect of the older set.
AQ Attacks:
I frankly do not see any major attacks coming from AQ proper in the near future that would rival 9/11. However, I do see the potential for some attacks in Pakistan/Afghanistan/Iraq from operators using shahid attacks. I do believe though, that they will be working on larger scale attacks as they are patient and have a real desire now to avenge OBL.
Time will tell on this, but I do not think that operationally, AQ is in a position to really do anything of merit at this time. This is specifically so because OBL’s computers and data have been captured and as I said before, the networks are likely broken.
AQAP Attacks:
AQAP though, is an entity unto itself and I can see them putting together another parcel bomb plot pretty quickly. The last plot (the one with the toner cartridges) was put together in short order and had a very low cost, so I think if anyone, AQAP has a better chance of actuating a plan and carrying it off.
Of course, they may not succeed just like the last time. In some ways though, we got lucky on that one as the Saud’s got intel that they shared foiling the plot.
Lone Wolves:
This is the one I think most viable and worry about. The disparate crazy loners who have self radicalized to jihad are the ones likely to do something bonkers. These guys may not have the training, may not have the infrastructure, but, they make up for it all in sheer whack nutty-ness.
The one thing about this is that I suspect that these folks will be the ones here in the states. So soft targets will be a premium (malls, games, etc)
Moving Forward:
The next week is going to be interesting. As time goes on, and the AQ networks begin to settle, then I am sure we will see some response from them. Meanwhile, I will continue to monitor the boards and see what’s what.
I do though want to recommend that you all out there keep your wits about you as you are out and about in soft targets like malls, games, and other gathering places. If anything, its that lone wolf actor who may try something and those would be targets they would choose for maximum effect.
More when I have it.
K
British Airway Al Qaeda Mole: The IT Connection
A British Airways computer expert who plotted to blow up a plane has been found guilty of terror charges.
Rajib Karim, 31, from Newcastle, used his job to access information for radical cleric Anwar al-Awlaki, Woolwich Crown Court heard.
He denied four charges, including sharing information of use to hate groups.
But after four days of deliberations, the jury found him guilty of all four charges.
Karim was committed to an “extreme jihadist cause” and determined to become a martyr, jurors were told.
The Bangladeshi national, who moved with his wife and son to Newcastle in 2006, had already admitted being involved in the production of a terrorist group’s video.
Joined gymKarim, a privately-educated IT expert from Dhaka, became a supporter of the extremist organisation Jammat-ul Mujahideen Bangladesh (JMB) after being influenced by his younger brother Tehzeeb, the court heard.
He was described as a “mild-mannered, well-educated and respectful” man who hid his hatred for Western ways from colleagues by joining a gym, playing football and never airing extreme views.
But at the same time he was using his access to the airline’s offices in Newcastle and at Heathrow to spread confidential information.
After gaining a post-graduate job at BA in 2007, Karim held secret meetings with fellow Islamic extremists at Heathrow and, in 2009, began communicating with al-Awlaki from his home in Brunton Lane.
After the verdict, Home Secretary Theresa May said: “The fact that Karim has been found guilty of such a heinous plot shows why we will never be complacent.
“I want to thank the police and the security service for their hard work in this complex case.
“We know that we face a serious threat from terrorism and national security remains this government’s top priority.”
Colin Gibbs, counter terrorism lawyer for the Crown Prosecution Service, added: “The most chilling element of this case is probably the fact that Karim tried to enrol as cabin crew and anyone can imagine how horrific the consequences of this could have been, had he succeeded.
“Karim’s deep determination to plan terror attacks whatever the cost was frightening.
‘Coded messages'”He found a position as a software engineer, which the prosecution said he considered the perfect job, giving an opportunity sooner or later to fulfil his deadly objective.”
Deputy assistant commissioner of the Metropolitan Police, Stuart Osborne, added: “Although Rajib Karim went to great lengths to disguise his activities, experts from the Metropolitan Police Service Counter Terrorism Command spent nine months decrypting 300 coded messages found on his computer hard drive.
“It was the most sophisticated decryption task of its kind ever undertaken by the Met’s Counter Terrorism Command.
“This painstaking work gave detectives access to a body of material, which exposed Rajib Karim’s terrorist activities and led to today’s conviction.”
Karim is due to be sentenced on 18 March.
Well, here you have it. This is what I have been talking about for a while now, AQ learning to insert technical moles into positions to do us harm. This guy may be a fluke in that he could have just been in the right place at the right time, but, I think that AQ placed him where he was caught.
What’s even more interesting to me is that this guy was using his technical skills to give out important intel on Heathrow and BA’s systems to AQAP. What better way than to insert a technically capable mole who is also willing to be a shahid to do the most damage? The jihadi’s are getting more nimble and using espionage techniques to up their game. They have learned the value of technology and just how much we are all at its mercy today.
If this doesn’t ring the warning bell not only for all CT efforts, it should at the very least do so for the airlines and the airports out there. This guy had insider knowledge and access to the systems and networks that also house the baggage scanners, passenger lists, and other security methods at Heathrow.
So, how was he caught I wonder.. Perhaps as he was talking to Al Alawki online? From this one might infer that Alawki’s comm’s are pretty much tapped huh? Yeah, I would guess that…
K
Nuclear Jihad: AKA, Is That A Dirty Bomb In Your Pocket? Or Are You Just Happy To See Me?
Al-Qaida is on the verge of producing radioactive weapons after sourcing nuclear material and recruiting rogue scientists to build “dirty” bombs, according to leaked diplomatic documents.
A leading atomic regulator has privately warned that the world stands on the brink of a “nuclear 9/11”.
Security briefings suggest that jihadi groups are also close to producing “workable and efficient” biological and chemical weapons that could kill thousands if unleashed in attacks on the West.
Thousands of classified American cables obtained by the WikiLeaks website and passed to The Daily Telegraph detail the international struggle to stop the spread of weapons-grade nuclear, chemical and biological material around the globe.
Full article HERE
So, the Wikileaks strike again eh? This is news how exactly though? I mean, the state of nuclear affairs let alone biological has been such that since the break up of the Sov state, we have had a huge problem with missing materials. So, lets break it down shall we?
-
- AQ’s stated goals have always included nuclear and biological ambitions
- Since the collapse of the USSR nuclear and biological materials have been for sale
- Our own methods of protecting high value targets other than actual U235 have been lackluster
- Our BSL4 labs in some cases included weaknesses that would only require a rock through a window to release toxins
- If you wanted to make a read dirty bomb in downtown Cambridge, you just have to get a bomb close enough to the reactor at MIT
There are more, but do I really need to go on? So, we have been lucky so far that the Jihadists have not been that serious so as to have already gotten the materials and used them. The moral of the story? Keep up with the interdictions. Keep setting up radiological detectors at the ports and the like. Just keep vigilant really. As for the biological materials, I would suggest that we protect them all with due care.
Krypt0s
‘Great likelihood’ of cyber attacks by terrorists’ You Don’t Say…
Baroness Pauline Neville-Jones said there was a risk, “likely to grow over time” that terrorists will develop “serious cyber-attack capabilities.”
She told a conference on online jihadism: “In some form, a cyber-attack attempted by terrorists, if not inevitable, is of so great a likelihood that we bear it in mind in developing operational capabilities.”
Lady Neville-Jones said the internet was “increasingly the key resource” that links al-Qaeda’s various groups and provides a tool for logistics, publicity and recruitment, helping spread techniques about weaponry, armaments and training and techniques for taking hostages, kidnapping and assassination.
From The Telegraph UK
Like any other group that would wish to attack the US or any other country, electronic means would also be something the attacker would try to leverage if they had the capability. It just so happens that the Jihadists are not anywhere near that yet. I am not sure how long it will take for them to get to that point, but, perhaps someday they will. As for now though, they are still learning to be adept at using the internet as a recruitment and C&C tool really.
What I have seen to date makes me more concerned about their ability to use the internet to communicate secretly than being able to carry out any kind of cyber attacks against the infrastructure to augment some sort of kinetic attacks. Mainly though, I have been saying much the same as Dame Neville, that the Jihadis have become more savvy and this is a problem. The other side of the problem is that all of this propaganda now has a wide audience online including places like YouTube where Shahidi videos abound. Dame Neville goes on to say;
“We find that ISPs respond to complaints from their customers more willingly than to complaints from governments.”
Lady Neville-Jones referred to the case of Roshonara Choudhry, who was jailed in November for stabbing the MP Stephen Timms, and had watched hours of extremist videos on Youtube.
The website was forced to take down many of the videos after the Daily Telegraph publicised the case and Lady Neville- Jones’s concerns.
A new police squad, the Counter Terrorism Internet Referral Unit, has been set up to receive public complaints about extremist websites and take them down.
This comment was directed at the U.S. as the first amendment allows for some more latitude on the freedom to place such videos online and are harder therefore to remove before the radicalize someone to action. Of course I agree that some of the content should likely be pulled down, but, we do have the right to place such things up there and as I see it, the police should monitor those sites and users. If those people turn up to be posting more things elsewhere, my experience has shown that they will likely be radicalized enough to talk about action elsewhere.
Anyway, this article’s title stood out and really is just another hyped attempt by a reporter and news source to use the word cyber to attract attention.
Move along…. Nothing to see here…
Kryt0s
EDIT: I have been reminded by the articles author that he did in fact include the quote: Baroness Pauline Neville-Jones said there was a risk, “likely to grow over time” that terrorists will develop “serious cyber-attack capabilities.” Which does put some perspective in there… CG, my apologies.
Inspire vol II: Rationalization, Operational Directions, Open-Source Jihad, and Pivoting the Battle-Space
Inspire Magazine vol II came out and while being a bit less incendiary than the first issue, it is still useful in gauging just what AQ is thinking. This time around, the magazine’s articles start with the pumping of Jihad as a Muslim’s duty with interviews and life tales from certain jihadists OBL to Zachary Chesser. Then it swings into the rationalization of AQ’s concept of Jihad in the face of the Mardin Declaration which basically comes down to Allah and Muhammad hate disbelievers and it’s all good to take the sword to them.
Yeah… That’s the gist of it really.. With a lot of philosophizing and waxing rhapsodic in order to make what they are doing right in their minds. I mean after all, Allah is the one and only God and Islam the only religion huh?
“Religious fanatics.. I hate these guys”
Chesser’s little story is rather poorly worded and show’s his education level to be sub standard but it gives you a look into his mindset. He seems to be akin to one of those whacknut Christians who says give all your troubles over to God, he will take care of you. Yet, he is more dangerous because he takes literally the spoon fed crap that he has been given by the Salafi Imam’s that he has been with that if you are not with Allah, then you should be put to the sword as a Zionist swine. He tells his tale in simple minded interludes of how he escaped to Yemen and evaded all of the FBI and CIA tales that he alleges he had..
Because you know.. He is a mental genius…
Rationalizing Their POV
The magazine has a heavy handed approach to rationalizing their world view and their decisions on Jihad as a “way of life” because of the recent Mardin Declaration that I linked to above. It seems that the Imam’s got together from all over, and decided that they would take a stand against the Salafi’s and Jihadi’s to rebuke their ways and their interpretation of the Quran. This obviously has ruffled the feathers of AQ and AQAP quite a bit as they took so much time to refute and to re-enforce their ideas to the masses in the west (recruits) with Inspire vol II.
The arguments twist and turn but always come back to the ideas that Islam only tolerated the Jews and Christians as long as they were subjugated and knew that they were apostates. This also was alluded to with the added history that both religious believers were taxed back in the day just to live and worship even though they were regularly looked down upon by Islam… Well, in that day in the Caliphate sure.. However, this is today and, well sparky, you don’t have a caliphate.. What you do have are come caves, some townhouses in Pakistan, and AK-47’s Keep on dreaming big man.
All in all, these guys are deluded with dreams of being a man, being a shahid, and even with a section in the magazine later on, tries to lure in the reader with what they can expect once they visit Allah after being martyred.
Phooey.
Opensource Jihad
In the latter sections of volume II we have what they are calling Open Source Jihad. This is in reality the same type of thing that you see out there on the internet as encyclopedias of Jihad. How to make bombs, books on first aid, etc are the norm, however, this section adds a whole new dimension with operational ideas for lone wolf jihad. Their big idea of this issue is to use your truck as a “mowing machine”
Imagine that, they seem to have this crazy “Mad Max” idea here where a lone wolf welds all kinds of blades to their F-150 and drives it into a busy footpath… Yeah, I have to believe that this is somewhat tongue in cheek here.. Really? Really? You mean you’re gonna advocate someone drive anywhere with blades welded to their truck? See how far they get before they are pulled over… Oh, and by the way takfiri, this is a “martyrdom operation” so bring a gun to shoot yourself with.. Yeah, statistically there have only been about 2 martyrdom operatives who were American so.. I really don’t think this will be a big issue here. I mean hell, even Faisal Shazahd tried to flee.. His convictions were oh so strong…
Tips for Brothers in the USA: CBRN and Tradecraft
The last sections of this document were the ones that bothered me the most but were nothing really new per se. The pivoting of the battle space has been going on for some time now as AQ has been coming to understand that they are pinned up in Waziristan. Its akin to what happened in the hacking world once people started to actually patch systems and configure firewalls properly. In the case of both aggressors, crackers and jihadi’s they learned that if you cannot strike from the outside, then you pivot and attack from within.
It would seem though, that the FBI and other law enforcement agencies have made these guys a bit twitchy though. They are advocating “staying clean” a term that is used within spook circles as not putting yourself on the radar by associating with anyone who may be considered worth the investigative time. However, they have taken it to the level of “trust no one” hahaha I am glad that we have put the fear into them! They also are pretty much aware now that no matter what they do on the internet, they are likely to be intercepted and eventually captured as you can see below.
Its really all advocating one man cells that do not talk to anyone, do not go to jihadist websites, and generally keep themselves closeted as Muslims as I see it. Of course no mention that in the online world there are measures that can be taken.. and then of course in the end they offer up emails to contact Al-Malahem directly using ASRAR (encryption program) which I am sure has been cracked by now. Interesting though, that this particular volume does not have any real plans on how to make things like the “pressure cooker” bomb.. So, how do you expect these American junior wanna be jihadists to get those plans if they can’t go to the atahadi.com site?
Heh.
The reality is kids there are many folks out there at Fort Meade watching you as well as others like moi. It also seems that you can trust no one… Hell, I would not even trust the shower in your apartment.. It’s probably bugged too! So, get all ripe and stinky, this will keep others away… and let us know who you are by smell…
Of course the most troubling part of this document is the above sections on CBRN. It has been known since the beginning that the jihadists would love to get their hands on some CBRN tech and or convince someone to create some for them. In this section above, they are making the call for American students or those abroad here to spin up and create them for jihad. One has to wonder just how many Afia Saddiqi’s there are out there though.. Those who would heed this call and get their hands on some toxins to release.
That’s the troubling bit.
Time will tell… Until then, you guys at Al-Malahem keep making these little magazines to share with everyone… Including me and others like me. You keep us laughing as well as give out some good data on what you guys are thinking. Sure there’s a lot of propagandist muck to wade through in reading it (god it’s horrid and tedious) but, there are those gems in there that give us good data to use against you!
Keep it up… We will keep tracking your asses down.
CoB
Abo Yahya and Metadata Cleaning
I recently came across the site above through some searches and I have to say that it kind of surprised me as to the contents sophistication in the hacking/security area. This Abo Yahya is adept at understanding the security intricacies needed to prevent easy detection online (using TOR) and seems quite plugged into the hacker community with videos from a European hacker conference to boot. What really struck me though is the above picture where Abo talks about the metadata problem and how it was used to capture Dennis Raider.
Abo goes on to talk about a script to remove the data from word docs as well, which I guess has been on the minds of some and has been used in tracking the files that the jihadi’s are making. One wonders if the doc files are the only ones he (Abo) has worked out or have they done so with say PDF files? All I know is that there are many more files than just doc files out there that can be used to track you all. However, there is much more to learn isn’t there? Now it seems that Abo and Song of Terror have plans to teach the ways of hacking and information security.
The site goes on to show tutorials in linux command line as well as the flavors of Linux including video tutorials. It would seem that they have been paying attention quite well to the security communities posts and chatter about how to be secure online. Abo also brings out the old jihadi crypto program (mujahideen secrets 2.0) and does a little how to on encrypting all their transmissions. All of these files and programs including a tutorial sweet by GIMF are available for download in various places.. All of which I assume, will give us all the chance to check the metadata and see what they might offer in leads as to who made them.
Meanwhile, there was an interesting little passage below Song of Terror’s video on Linux basics…
Peace be upon you and God’s mercy and blessings be upon you
After reading the topic to Brother, “the grandson of bin Laden,” may God preserve him for a script Rapidleech
The fact was the subject of a great and a quantum leap in the world of Jihad in the era of fighting jihad
In squares, in particular the field of media jihad there is no secret to you delete thousands of links to movies jihadist pretext of combatting terrorism. Here, a modest contribution to me for how to publish links rapidly and participation comes after reading the topic to Brother, “the grandson of Bin Laden,” more than once since the beginning has not sunk in but please God I understand that after you apply some examples so I would recommend reading the first issue of the brother by watching this video
So, Bin Laden’s grandson called all of this a quantum leap in jihad huh? Well, in a sense it is really.. They are learning…. However, just how much can they learn and does anyone really think that they can be as “secure” as they need to be to not get popped? I mean, with all the warning and hand wringing that we in the security community do about the lack of security in the general populace, just how much actually works? All too often the security is lacking in all quarters and I am sure that these guys too will also fail when it comes right down to it.
… And in the case of Abo.. I already know who he is in real life I think… And where he lives… How you ask?
Metadata.
So, what I have learned from this site is that there are certain factions that are more learned about hacking and security. They are now making inroads into the jihadi forums and in fact, this site is directly linked to the alfaloja boys. The very same site that was hacked and brought down by CAUI efforts on the part of certain governments. I guess they took from the incident a certain fear of being popped and recruited more people with the help of Song Of Terror I assume. Of course though, just as the security community posts things or creates software/hacks and releases them, they only serve to allow for follow up and obfuscation due to it being in the open. In the case of this site and others that are showing how to hack, we too now know exactly what they are up to and how we can turn that around on them.
Additionally, one of the nice tasty bits that Abo left for me was a hash for mujahideen secrets:
15738D22AC6EACF1F54CC155BDE72D368F81AB2525DD2F64733A36E31D8B137E
Which I put into Maltego and began some searches…
I have to do some more tweaks to searches with Maltego here, but, you can see where this program is being mentioned, served out, and talked about. All of these sites make nice launch points with Maltego and some Googling to further explore who is using it… If I can’t read what you’re saying kids, I can at least know WHO YOU ARE. Funny how those little features that make something more secure can be used against you huh?
Anyway, for those interested.. Here is the data using Maltego on the site and its connections. Maktoobblog is a Yahoo site and this particular one is out of the UK. Perhaps soon Yahoo will get wise to the site…
I see you Abo…
inetnum: 77.238.160.0 - 77.238.191.255 org: ORG-YE1-RIPE netname: UK-YAHOO-20070216 descr: Yahoo! Europe country: GB admin-c: KW3969-RIPE tech-c: KW3969-RIPE status: ALLOCATED PA mnt-by: RIPE-NCC-HM-MNT mnt-lower: YAHOO-MNT mnt-routes: YAHOO-MNT mnt-domains: YAHOO-MNT source: RIPE # Filtered organisation: ORG-YE1-RIPE org-name: Yahoo! Europe org-type: LIR address: Yahoo! UK Ltd 125 Shaftesbury Avenue London WC2H 8AD London United Kingdom phone: +44 207 131 1495 fax-no: +44 207 131 1213 e-mail: kwoods@uk.yahoo-inc.com admin-c: DR2790-RIPE admin-c: IG1154-RIPE admin-c: NA1231-RIPE mnt-ref: YAHOO-MNT mnt-ref: RIPE-NCC-HM-MNT mnt-by: RIPE-NCC-HM-MNT source: RIPE # Filtered person: Kerry Woods address: 125 Shaftesbury Avenue address: London address: WC2H 8AD phone: +44 020 7131 1000 fax-no: +44 020 7131 1213 e-mail: kwoods@uk.yahoo-inc.com nic-hdl: KW3969-RIPE mnt-by: YAHOO-MNT source: RIPE # Filtered
Follow The Email
As you all know, I have been using Maltego for some time now but I thought that I would just drop a dime on how I do love the connections it can make for you when you are using it for intelligence gathering. With the new V3 Maltego (CE) you have a lot more latitude in data connections and in making ties between entities or in this case emails from entities, to make a more coherent patter emerge. In the case above, you are looking at the root address I started with. tough13_sam@hotmail.com is an old address for Samir Khan, the alleged “creative director” if you want to go all advertising speak, for the Inspire jihad magazine that came out in May/June.
By using Maltego and Google searches I was able to harvest not only the main email that he was using for his now defunct site “inshallahshaheed.wordpress.com” which is, “inshallahshaheed@gmail.com” but also other interesting tidbits like a xanga account on which he mentions his AIM account as well. Though most of the data that is able to be gathered is older 2004-2008 area, it still can be useful in the context of mapping jihad, or at the very least, mapping out just what social connections he had before going underground (aka heading off to Yemmen to head up Al Malahem) Using the Maltego tailored to just look for email connections to and from, you can get a good idea of not only where he was posting online during that time, but also with whom he was talking to potentially.
Many of the email addresses that came up with this search were also posters to a muslim bulletin board islam.tc. So, they are good hits on my scale of probability that they had traffic with Samir. Now, it would be interesting to follow through further and spike out all the connections for each email. This would make for some HUGE maltego maps, but I would hazard a guess that you would begin to see a pattern in the traffic to specific sites and of course patterns of behavior between individuals. Quite interesting…
Reminds one of a certain Gibson novel doesn’t it?
Anyway, by using this tool you can get a sense of your targets behavior and analyze the traffic that can be found between sites and parties. By looking at the macro-verse view you can see just how these sites and people are connected and in the micro view, you can get details of site domains, users, and other pertinent data that you can use to get a quite full picture of the inner workings of online jihad. However, just on the macro side of gathering email addresses that have had connections between them, you can start to give law enforcement a picture that they can use to start connecting the dots.
In the case of ol’ Sammy, it seems that after his sites kept getting knocked offline (inshallahshaheed was one I reported to Google about 2 years ago) he finally wised up and stopped posting so openly. He then went off to Yemmen to head up their media department is what I am hearing. So just where he is online now is a mystery. It is likely though that he is still posting online to boards and working on sites like al-faloja or ansaaar.com, all of whom now are taking more care about being secure.
Another tact I took the other day was to use the “phrase” search of Maltego and put in the sig for Majahden 2.0, the encryption program that the jihadi’s have been using to encrypt email/comms. This turned up quite a bit of traffic between parties when using the “entities” search parameter.
This initial search has given me a group of users to target from there to get email addresses from and any and all data I can from this tool. Rather nice really. So at least if you can’t read what they are writing, you can at least see that they are using the program and who they are conversing with! Of course there is a lot of data to sift and this can be a rather manual process in tracking down leads, but, at least this is targeted research as opposed to trying to read all of their comm’s on the bulletin boards and make connections.
I just wish this program weren’t so dang expensive…
CoB
Krypt3ia 