13 November 2003
Source:
http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=3806107
Reuters, Wed November 12, 2003 10:11 AM ET
By Bernhard Warner, European Internet Correspondent
LONDON (Reuters) - Cyber investigators are scouring the World Wide Web for clues on any future suicide bomb attacks, deploying satellites and other high-tech wizardry to hone in on suspicious Web surfing activity.
Intelligence officials had warned some kind of attack would occur in Saudi Arabia before Sunday's suicide bomb blast in Riyadh after finding evidence on anonymous postings on Arabic Web sites and other forms of Internet chatter. The strike killed at least 18 people and wounded 120 others.
"The Internet is a very useful open source for investigators. But as with any unattributable piece of information, tips must be corroborated and verified, and only then can they be added to the overall intelligence mix," a British cyber investigator told Reuters.
Intelligence experts say they have evidence extremist groups are using the Web and e-mail for a variety of purposes ranging from recruitment and fund-raising to spreading propaganda and scouting out potential targets.
Investigators probing the Saudi blast will be combing the Web for disguised, or encrypted, e-mails and statements on Internet discussion forums that drum up anti-Western sentiments, the intelligence experts said.
But they also said it is rare to find information which might point to a specific target.
There is also scant evidence subversive groups are using the Net to launch digital attacks on a country's critical national infrastructure, computer networks that control everything from police emergency response hotlines to power grids.
GROWING ROLE OF WEB
But all signs point to the ever growing role the Web is playing in spy games.
The Echelon satellite system used for eavesdropping on mobile phones has a Net cousin -- Internet monitoring software capable of siphoning up vast bits of Web traffic that, in theory, can trace suspect Web activity.
In the United States, the technology is referred to as the DCS-1000, or Carnivore. A host of Western countries are believed to be deploying similar technology, said Ira Winkler, former intelligence and computer system analyst with the U.S. government agency, the National Security Agency.
Meanwhile, intelligence watchers point out that intelligence agencies are deploying the classic spy tactic of setting up so-called "honey pots" with a high-tech twist -- in this case, setting up a bogus Web site to attract the very people they are trying to monitor.
And their targets are engaging in a similar spin war.
"If terrorists think they are being monitored, they could release chatter just to screw with people's minds. Creating fear and uncertainty is what they do," said Winkler, who is now chief security strategist for PC maker Hewlett-Packard .
Investigators and security experts are quick to point out that despite the influx of high-tech gadgets, the art of intelligence gathering has not changed, and is certainly no more precise.
"X almost never marks the spot in intelligence gathering," said Richard Starnes, director of incident response for British telecoms firm Cable & Wireless and an adviser to Scotland Yard's Computer Crime Unit.
"The only time you are going to get an X-marks-the-spot-scenario is if you have inside information, a person inside that is verified as being accurate in the past. That will always be highest level of intelligence. If you get it wrong, you can get people killed. If you get it right, you can save lives," he added.