Terrorism & The Internet
Aired March 6, 2002 - 17:00:00 ET
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
(BEGIN VIDEO CLIP)
JONATHAN MANN, ANCHOR (voice-over): ALQAEDA.COM: The fight against terror takes to the Internet. It's where experts are finding clues.
GUIDO RUDOLPHI, NETMON, INC.: I started to scan the Internet for everything I was able to find Osama bin Laden.
MANN: And where they expect the next war to unfold.
(END VIDEO CLIP)
(on camera): Hello and welcome.
When the United States and its allies began their war against terrorism, al Qaeda did not accept defeat or disappear.
Some al Qaeda fighters fled, some regrouped in the mountains and caves of Afghanistan, and some apparently are regrouping on the Internet.
A report in Wednesday's "New York Times" said that United States experts have intercepted Internet traffic, including e-mail and Web pages, that suggest that al Qaeda is setting up base once again, in Pakistan, it is believed.
But it's not just United States experts who are following the trail. One independent sleuth says he knows what's happening as well.
On our program today, al Qaeda on-line. First, though, a look at the hour's top stories.
It's being described as a tragic accident. Three Danish and two German peacekeepers are dead after an accident at a munitions disposal site on the outskirts of Kabul, Afghanistan.
The incident occurred during a predawn attempt to destroy two Soviet surface-to-air missiles. The commander of the German contingent says eight other soldiers were wounded in the mishap, three of them seriously.
In Berlin, the head of the German armed forces, Harold Kulat (ph), says one or possibly both of the SA3 rockets detonated prematurely while the soldiers were still in the vicinity. Why that happened is not yet clear.
Kulat (ph) says preliminary findings indicate no violation of security guidelines.
A United States commander says that al Qaeda and Taliban fighters are, in his words, taking a beating in Afghanistan's eastern mountains.
The United States led campaign, Operation Anaconda, is underway in Paktia Province. It's searching out fighters in the caves and tunnel complexes south of Kabul.
United States Defense Secretary Donald Rumsfeld says hundreds of Taliban and al Qaeda members have been killed.
In the Middle East, Israeli forces have kept up their attacks on Palestinian targets. In the past few hours, Israeli aircraft struck at several Palestinian Authority buildings. The latest strike, about an hour ago, was in Ramallah in the West Bank.
Israeli Apache helicopters are said to have fired at least two missiles into Yasser Arafat's compound. Palestinian sources say Arafat was not hurt in the strike.
The polls have closed in Ireland, where voters have cast ballots in a referendum to determine whether they favor tightening the countries abortion laws. The results are expected Thursday. The poll seeks to gauge where voters stand on a proposed constitutional amendment. It would allow lawmakers to legalize the practice only in cases where continued pregnancy would cause fatal medical complications.
It would rollback a 1992 Supreme Court decision that found grounds for abortion where the mother might be suicidal.
The Internet is open, unregulated territory. There are no maps, no limits, no government. It's no wonder that terrorist organizations would try to take advantage of it.
What is more amazing is that some people can just sit down at their desks, find the footprints, and follow them.
CNN's Mike Boettcher has the story.
MIKE BOETTCHER, CNN CORRESPONDENT (voice-over): With his scruffy hair and torn tee-shirt, Guido Rudolphi hardly looks like a man who now spends hours each day tracking terrorists.
But Rudolphi, who operates an Internet monitoring service from this Spartan loft in Zurich, Switzerland, is a hacker. A legal one, he says, and in his hands a keyboard can be a digital crime lab.
He was appalled by what he saw on September 11th, and wanted to do something.
RUDOLPHI: I started to scan the Internet for everything I was able to find regarding Osama bin Laden and any person I knew that was connected to him.
BOETTCHER: First, he tracked down a classified French Secret Service report on bin Laden, including a secret list of suspected bin Laden associates.
One name in particular caught Rudolphi's eye, a Mauritanian named Mohammed Ould Slahi. Rudolphi, who is Swiss, became curious, because Slahi operated an Internet site through a Swiss Web space provider.
RUDOLPHI: And we started to try to find and locate his homepages and get some background information on him.
BOETTCHER: What Rudolphi found about Slahi may shed light on how the secretive al Qaeda communication system works.
RUDOLPHI: This guy here, I was told, is Slahi.
BOETTCHER: Rudolphi discovered Slahi had twice been brought in for questioning during the investigations of two al Qaeda plots: the failed plan to blow up Los Angeles International Airport during millennium celebrations, and the successful September 11th attacks.
Each time, Slahi had been released. But Rudolphi wondered why terrorism investigators were so curious about a man who seemed more interested in making Web sites than bombs.
The answer, Rudolphi concluded, would be found in Slahi's Web sites.
RUDOLPHI: As you see here, it has so-called private entries, which can only be viewed by him.
BOETTCHER: Rudolphi says Slahi was running a seemingly innocuous Web site, but behind it, there was something called a guest book, where visitors to the site could leave messages.
It was a way of communicating that he had seen in action when he previously tracked Web usage by extreme right-wing groups.
RUDOLPHI: The perfect communication tools, if you want to hide the content of the communication, you can put a message in the guest book. The owner of the guest book receives an e-mail, within seconds can look at the message, edit it, and so it looks pretty normal, although the real content, which he has seen already, has disappeared, and may be harmful.
BOETTCHER: Were al Qaeda terrorists using the guest book as a means to communication and activate attacks?
Rudolphi began to look at a number of what he calls radical Islamic Web sites, with guest books, including Slahi's. He soon found a disturbing pattern.
RUDOLPHI: Here you see the traffic for the last four years, and it started to increase dramatically in May 2001.
And shortly before September of 2001, it dropped to an all-time low.
BOETTCHER: Rudolphi tried to find a reason why there was a dramatic peak before the September 11th attacks, and was suspicious that terrorists might be using some of those Web sites to coordinate operations.
CNN has learned that several coalition intelligence agencies now agree with Rudolphi's hunch.
Rudolphi kept coming back to Slahi and his Web sites. He said there were just too many coincidences for his taste, including the fact that Slahi's brother-in-law is a key lieutenant of Osama bin Laden.
And by cracking a code on Slahi's Web site, Rudolphi found a digital trail leading to a country that served as home to many of the September 11th hijackers.
(on camera): Mohammed Ould Slahi's path took him here, to the heartland of Germany, a place that coalition intelligence sources believe is an operation center for al Qaeda.
(voice-over): Slahi lived in Duisburg, where he studied microelectronics.
HOLGER VOGT, FRAUNHOFER INSTITUTE: He was polite. He was kind. Quiet.
BOETTCHER: Professor Holgar Vogt taught him, then employed him. He said that Slahi kept to himself, then abruptly dropped out of sight, saying he was suffering from malaria.
VOGT: He seemed to be someone who wanted to learn technical things, and we talked about technical things. There was no personal communication on things, really, outside of a student being here, a student living here. So no politics.
BOETTCHER: Even in the local Muslim community, he was a closed book.
Dinq Neuzat met Slahi two years ago, as both men celebrated the annual Muslim observance of Ramadan.
DINQ NEUZAT, DUISBURG RESIDENT (through translator): We only talked about Islam, what Allah said and what Mohammad said, about more or politics, we never talked. Only Islam.
BOETTCHER: One thing did raise Slahi's profile. German authorities charged him with fraud when they discovered he ran a business with $35,000 in working capital from this apartment house at the same time he was collecting German welfare payments.
In 1999, he fled to Canada, where he attended the same mosque as this man, Ahmed Rassan (ph), who would later be arrested on charges of plotting to blow up Los Angeles International Airport.
Slahi was questioned by Canadian intelligence, and within days he fled Canada too.
RUDOLPHI: We were able to locate him...
BOETTCHER: Guido Rudolphi and his colleagues were able to find Slahi using the Web. They tracked him to his native country of Mauritania in West Africa, where Slahi operates an Internet cafe, another fact that raised Rudolphi's suspicion.
RUDOLPHI: If I want to use the Internet on a really sensitive matter, and under no circumstances want to run any risk that anybody can trace me back, I'm going to the Internet caf‚.
BOETTCHER: Or public libraries, where some of the September 11th hijackers went to access the Internet.
What did you do with this information when you saw it and felt it looked suspicious?
RUDOLPHI: First, I got in contact with the Swiss police, who were interested. But since then, I never heard back.
BOETTCHER: But other law enforcement and intelligence agencies did have Slahi on their radar.
Last September, the Mauritanian government detained and questioned Slahi at the request of the FBI, then released him. The FBI will not comment on Slahi.
However, two coalition intelligence agencies tell CNN they now believe that Slahi was tied to both the millennium bomb plot and the September 11th hijackers.
Those intelligence sources are convinced that Slahi was key in communicating orders to activate those terrorist cells.
To get his side of the story, we tried to contact Slahi via e-mail. But the address we obtained no longer works.
We did find a working fax number for Slahi, but there has been no reply.
Is Mohammad Ould Slahi a simple Internet cafe owner, or the key to al Qaeda communications?
Guido Rudolphi has his suspicions, and keystroke by keystroke keeps looking for answers.
Mike Boettcher, CNN, Zurich.
MANN: We have to take a break. When we come back, the Internet war, where al Qaeda may strike next.
MANN: It's easier to hijack a computer than an airplane, and computers can be disruptive, even potentially dangerous, if they crash.
A moment ago, CNN's Mike Boettcher told us about the trail that al Qaeda has apparently left on the Internet.
But what if terrorists don't just communicate on-line? What if they launch their next attach there?
Roughly 80 percent of all Internet traffic routes through less than a dozen sites in the United States.
Mike Boettcher joins us now, once again, with more on what experts are finding and what they fear.
Mike, take us one step further. We were talking about finding clues, or you were reporting on finding clues on the Internet. Now, there's the whole possibility of a real conflict there. How much is know and how is much is feared?
BOETTCHER: Well, there is a lot of evidence that dates back into the early 1990's, of offensive activity on the Internet, basically cyber-war, and the United States and its allies have been preparing for this for that long, or even longer.
And it's a war you don't hear much about. There are probes of various infrastructure systems around the United States and the world, and it's something that's being taken very seriously, and something that the defense establishment in the United States and in Western Europe and in other parts of the world are taking seriously and are preparing for.
MANN: When you say probes, what do you mean? That they're actually making attempts to gauge the quality of the defense?
BOETTCHER: Absolutely. There isn't a day that passes -- actually, there isn't an hour that passes in which some hacker, albeit perhaps from a government or some kid somewhere in sneakers in a country, tries to get into, let's say, the Pentagon system, or the CIA's system, or a power grid system.
And this happens all the time. Now, companies spend a lot of money to build up defenses, but if a government gets involved in this, or a very sophisticated organization, like al Qaeda, there is a fear that they could succeed where these small time hackers have failed.
MANN: Is there anyway to tell on the basis of what's know, how many of these probes, how many of these attempts, are carried out by teenagers and how many are carried out by terrorists?
BOETTCHER: It's hard to say. There are ways in tracing back where these messages came from.
What we're told, frankly, Jonathan, about the capabilities of the West in terms of defeating this, or actually not everything that's out there in terms of the capabilities. They don't want hackers to know, for example, or people who want to send messages over the Internet, whether they can read encryption or not or break encryption.
They aren't telling us that. They aren't telling us how easily they can break through what's called an anonymizer (ph), which would allow someone to send a message and make it anonymous, or if somebody is trying to hack into a system, to make his routing anonymous.
They're not saying their capabilities, but they are good.
The problem is, it's a tit for tat war. Once one side develops a defense, the other side develops an offensive capability and it's the same as a war fought on a battlefield, it's just a digital battlefield.
MANN: People have some indication of how good al Qaeda fighters are on a conventional battlefield, but how much do they know about their ability, about their manpower, when it comes to the Internet and cyber world?
BOETTCHER: Well, investigators and intelligence sources in the coalition say, look, take a logical leap. Look at al Qaeda's programs. They had training camps -- the Abu Kabob (ph) camp, for example, in Afghanistan, where they learned chemical and biological warfare. There were camps and houses where they studied nuclear documents and how to build to a (UNINTELLIGIBLE) bomb or even a nuclear device.
They say it's not illogical to believe that they had academies setup to train hackers for offensive purposes, not just for communication. And there is anecdotal evidence out there.
They believe that there are trained al Qaeda operatives who can launch computer infrastructure attacks. They're out there, and they're trying to build up defenses, and they're trying to find them.
MANN: Who is trying to stop them? Who, on our side, let me put it that way, who among Western governments or Western nations is being dispatched to actually try to prevent these kinds of attacks?
BOETTCHER: Well, the United States is actually leading that effort, and there are units inside the Department of Defense specifically, which are some of the most secret units in the United States military, dispatched to fight this war.
They have been trained, over the past decade and even longer, to fight this war. We don't even know the names of those units, but they're very, very secretive. They're out there. The CIA itself has developed capability in this regard. And both the Department of Defense of the United States and the U.S. CIA are working together in building this defense.
MANN: Are the big things that terrorists would want to attack considered safe? Whether it's airline control systems around the world, or the electricity infrastructure, or the nuclear infrastructure in many countries.
Are Western nations confident that they're well protected?
BOETTCHER: Experts tell me that Western nations are behind the curve.
For example, the air traffic control system, although there have been great strides made in the last few years, just a few years ago it would have been very easy to tap into that system. But they say we're behind the curve.
Systems that have really been looked at and really been built up are those guarding nuclear power plants and the vulnerable systems have been power grid systems in the West. Those are being bolstered as well.
But this technology moves so fast, there is the tendency to always be behind the curve in trying to defend against these kind of attacks.
MANN: And how realistic, how frightening are these possibilities? Up until September 11th, there was a whole range of terrorist incidents that people said were possible, but they had never happened. Obviously, they did happen on September 11th, but the question still arises, when people talk about bioterrorism or cyber-terrorism, how likely is it. What are they saying?
BOETTCHER: They believe it's very likely, and it's another case of, you know, not if but when.
Look, as far back as 1996, I found out about a plot that was developed by neo-Nazis in this country. It was called Darkening (ph) the City. And this plot was to attack the infrastructure of a city. Attack the power grids, via the Internet, and also blowing up power lines, attacking the banking systems, attacking the air traffic control system.
If you, for example, are able to take down a power grid, you create congestion in a city, you crate havoc in air traffic control. The banking system tanks. It's a big problem.
MANN: How hard is it to do? We began this program with your report about this fellow who seemed like just one man with a keyboard who had extraordinary success in trying to follow terrorists around, or at least get close to where he thought they were operating. Can anyone with a keyboard end up representing this kind of threat? Or like your expert did, watch it unfold?
BOETTCHER: Well, I would say probably, about 95 percent of the people out there, very adept with that keyboard and with the Internet, can be a nuisance, and would say 95 percent of that nuisance.
But 5 percent is very serious, and it takes a high degree of sophistication and training and some really good powerful computers, but those are easy to obtain right now.
And so it's knowing your way around the Internet. I don't pretend to be any expert on this, but certainly Guido Rudolphi, who you saw on the spot, is at the higher end of that, and, you know, he is a person who knows his way around, and Guido says the people that he's looking for are every bit as sophisticated as he is.
MANN: It just seems like an emerging kind of technology, and it's impossible in some places to control access to guns, and how could you control access to computers?
BOETTCHER: Well, you can't. I mean, computers and the Internet is key to the development of the third world. It's key to these economies all over the world. I mean, if you restrict that technology, then you restrict and slow growth. So that's kind of the catch-22, that in this modern era, it's like trying to control guns in the United States. It would be very difficult to control that kind of technology.
MANN: Does it make you scared?
BOETTCHER: Yeah. You know, I've been actually following this for quite a few years, terrorism on the Internet. And it was first used for propaganda, then for communication, and now it has offensive capabilities, and there is a core of cyber warriors in the United States, and there are cores of cyber warriors in terrorist organizations in countries that the United States and the West consider enemies. And they're out there, and they're doing battle right now.
MANN: CNN's Mike Boettcher. Thank you very much.
We take another break. When we come back, we'll have more on cyber stuff. A closer look at the technology of computer terror. Stay with us.
MANN: Today's modern industrialized society cannot live without computers.
The United States is a good example. About 90 percent of the communication systems that Americans depend on are carried on a single switch, a device that links other networks. The systems which control the nation's electricity, it's air traffic, electronic money transfers and much more, all rely on that one same switch.
The more you depend on computers, the more vulnerable you are to cyber attack.
We're joined now by David Coursey. He's with ZDNet in San Francisco and has written extensively about technology related problems and trends.
What do you make of this? Are we being paranoid, or do you think we really are vulnerable?
DAVID COURSEY, ZDNET: I think we're very vulnerable, Jonathan, and the very openness, the very things that make the Internet so attractive are exactly what makes us vulnerable.
It's universal, it's inexpensive, and in many cases it can be absolutely anonymous. All of those things make it very easy for criminals or terrorists to make use of the Internet.
MANN: One thing that intrigues me, and I don't want to get lost in the technology here, because I don't understand the technology, but it's how someone could use a Web page, for example, which is publicly accessible, and hide information within it. Is that terribly complicated, or easy enough to do?
COURSEY: Well, there is technology available to essentially hide information in plain site. Getting into exactly how we do that, or how a bad guy would do that, is a little technical for this discussion, but please accept that you can hide Web sites. You don't have to publicize them. You can set them up in places where they'll be absolutely anonymous.
And then once you even have them, you can, for example, encode extra data into what would look like a photograph to you and me, but to someone who knew what to look for, could contain a variety of plans, e-mail addresses, all kinds of data could be hidden.
MANN: How many people are knocking around who have that kind of expertise? Is it very rare, or is it the kind of thing anyone could get with a short bit of training?
COURSEY: It is something that is widely available. You can learn how to do it on the Internet. There are plenty of books available.
Again, the very thing that makes the Internet so wonderful, all of this openness, is the same thing that allows your enemies to use that very information and openness against you.
MANN: Now, there is something more to this, because the Internet is not being described only as a means of communication for terrorists, but actually as a weapon for terrorists. Once again, a real threat, or are people being paranoid?
COURSEY: It is a real threat. How real a threat, fortunately, we don't know about yet.
There is always the possibility that someone can hack into a system. We know that that's possible to do. And if your main goal is economic disruption, or the disruption of just the status quo, or turning off electricity, or something like that, that is at least theoretically possible.
We don't have a great deal of defenses against it, and we just hope that nobody is going to do it to us. The same way that before September 11th, we knew terrorism was possible, but it hadn't happened yet. And fortunately, hasn't happened again.
MANN: Without giving away major secrets, are there some things that are more frightening targets than others? Some infrastructure that's more accessible to Internet manipulation? Some institutions that are famously ill-equipped for this kind of attack?
COURSEY: Well, there is the whole thing of the New York Stock Exchange, trying to shut down financial transactions. That certainly is one potential target.
Nuclear power plants, power grids. Those things may or may not be as well protected, certainly, because nobody's thought of them as potential targets. We are monitoring this very closely. The government does do a lot of this. They do in fact read e-mail. They do in fact watch traffic. That's how we know what we know now about what al Qaeda may be up to, using the ability to look where traffic comes from, look for keywords in those messages.
That's how we're trying to defend ourselves right now, as well as just trying to harden these systems to make them a little less easy of a target.
MANN: David Coursey of ZDNet. Thanks so much for talking to us.
COURSEY: Thank you, Jonathan.
MANN: That's INSIGHT for this day. I'm Jonathan Mann. The news continues on CNN.
TO ORDER VIDEOTAPES AND TRANSCRIPTS OF CNN INTERNATIONAL PROGRAMMING, PLEASE CALL 800-CNN-NEWS OR USE THE SECURE ONLINE ORDER FROM LOCATED AT www.fdch.com