Global Terror Alert's Kohlmann on cyberterrorism

US agencies making progress by watching, infiltrating terrorist websites.
Written by ZDNet UK, Contributor
Evan Kohlmann of Global Terror Alert took questions from Washington Post readers in an online chat today. Here are a few of the exchanges:

Q: Why doesn't the CIA bring down some of the websites spewing hostile propaganda if they can't get useful information out of them?

Kohlmann: 1. U.S. government agencies have had some difficulty . . . identifying which extremist websites are "the most important" ones. 2. They can and they do get useful information out of them. As noxious as it is to watch these folks spread their hateful message, there is a treasure-trove of information that can be mined from terrorist communiques and videos--and even casual online discussions among jihadi footsoldiers. ... The CIA's Foreign Broadcast Information Service (FBIS) ... regularly includes translations from many terrorist or terrorist-linked websites and chat forums. They provide an unprecedented inside look at how modern terrorist groups function and operate. They also offer a possible chain of evidence that, if properly investigated, can lead back to important transnational terrorist operatives.

Q: What methods or practices can Counter-Terrorism researchers use to validate the truthfulness of 'open source' information/publicly available sources about terrorist cells, groups, and networks?

Kohlmann: In mid-2004, researchers were confronting a growing problem in studying terrorist activity on the Internet: the quick proliferation of fake communiques from non-existent groups. This was a problem shared by the real terrorists themselves, prompting Abu Musab al-Zarqawi to issue a statement in mid-2004 explaining that his only official representative on the Internet is known as Abu Maysarah al-Iraqi and to disregard anything else.

Lucky for us, it was the terrorists themselves who came up with a permanent solution. Starting in early 2005, new authentic communiques and videos from terrorist organizations were separated out from the "primordial soup" of general militant chat forums on the Internet, and were closeted in a read-only section of each forum. This way, only legitimate, authenticated militant groups would be able to publicize their material. Nowadays, it is a fairly simple task to determine what is real and what is not.

Q: Have you encountered an increased use of web-based social networking tools by terrorist organizations?

Kohlmann: I think the answer to your question is that today, 90% of terrorist activity on the Internet takes place using social networking tools, be it independent bulletin boards, Paltalk, or Yahoo! eGroups. The most important terrorist communiques and videos are virtually all initially released on certain password-protected chat forums run by Al-Qaida supporters. These forums act as a virtual firewall to help safeguard the identities of those who participate, and they offer subscribers a chance to make direct contact with terrorist representatives, to ask questions, and even to contribute and help out the cyberjihad.

Editorial standards