The indictment early this month of Mark Robert Walker by a federal
grand jury in Texas might have seemed a coup for
the government in its
efforts to police terrorist communications online. Mr. Walker, a
19-year-old student, is accused,
among other things, of using his
roommate's computer to communicate with - and offer aid to - a
terrorist group in Somalia and with helping to
run a jihadist Web site.
"I hate the U.S. government," is among the
statements Mr. Walker is
said to have posted online. "I wish I could have been flying one of
the planes on Sept. 11."
international terror standards, it was an extremely low-level bust.
But the case, which was supposedly broken only
after Mr. Walker's
roommate tipped off the police, highlights the near impossibility of
tracking terrorist communications
Even George J. Tenet, the former director of central intelligence,
speaking on the vulnerabilities of the
nation's computer networks at a
technology security conference on Dec. 1, noted the ability of
terrorists to "work anonymously
and remotely to inflict enormous
damage at little cost or risk to themselves." He called for a
wholesale taming of cyberspace.
know that these actions would be controversial in this age where we
still think the Internet is a free and open society
with no control or
accountability," Mr. Tenet said, "But, ultimately, the Wild West must
give way to governance and
Even if the government is able to shore up its networks against attack
- one of many goals set forth by
the intelligence reform bill passed
last week - the ability of terrorists and other dark elements to
engage in covert
communications online remains a daunting security
problem, and one that may prove impossible to solve.
month, an Internet privacy watchdog group revealed that the
Central Intelligence Agency had contributed money for a
project that promised, among other things, an
automated surveillance system to monitor conversations on Internet
rooms. Developed by two computer scientists at Rensselaer
Polytechnic Institute in Troy, N.Y., as part of a National Science
program called Approaches to Combat Terrorism, the chat
room project takes aim at the possibility that terrorists could
through crowded public chat channels, where the flurry of
disconnected, scrolling messages makes it difficult to know who
talking to whom. The automated software would monitor both the content
and timing of messages to help isolate and
Putting privacy concerns aside, some Internet specialists wonder
whether such projects,
even if successful, fail to acknowledge the
myriad other ways terrorists can plot and communicate online. From
e-mail accounts and unsecured wireless networks to online
programs that can shield Internet addresses and hide data, the
to communicate covertly are utterly available and
Even after the Sept. 11 attacks, "the mass
media, policy makers, and
even security agencies have tended to focus on the exaggerated threat
of cyberterrorism and
paid insufficient attention to the more routine
uses made of the Internet," Gabriel Weimann, a professor of
at Haifa University in Israel, wrote in a report for the
United States Institute of Peace this year. "Those uses are numerous
from the terrorists' perspective, invaluable."
Todd M. Hinnen, a trial attorney with the United States Justice
computer crime division, wrote an article on terrorists'
use of the Internet for Columbia Science and Technology Law Review
this year. "There's no panacea," Mr. Hinnen said in an
interview. "There has always been the possibility of meeting in
alleys, and that was hard for law enforcement to detect."
Now, every computer terminal with an Internet connection
potential to become a dark alley.
Shortly after Sept. 11, questions swirled around steganography, the
technique of hiding one piece of information within another. A
digital image of a sailboat, for instance, might also invisibly
communiqué, a map or some other hidden data. A digital song file might
contain blueprints for a desired target.
the troubling truth is that terrorists rarely have to be
technically savvy to cloak their conversations. Even simple,
code words can do the job when the authorities do not know
whose e-mail to monitor or which Web sites to watch. Interviews
by Al Jazeera, the Arab television network, with the terror
suspects Khalid Shaikh Mohammed and Ramzi bin al-Shibh two
(both have since been arrested), suggested that the Sept. 11 attackers
communicated openly using prearranged
code words. The "faculty of
urban planning," for instance, referred to the World Trade Center. The
Pentagon was the
"faculty of fine arts."
Other reports have suggested that Mohammed Atta, suspected of being
the leader of the Sept.
11 hijackers, transmitted a final cryptic
message to his co-conspirators over the Internet: "The semester begins
three more weeks. We've obtained 19 confirmations for studies in
the faculty of law, the faculty of urban planning, the
faculty of fine
arts, and the faculty of engineering."
And increasingly, new tools used to hide messages can quickly
with a simple Web search. Dozens of free or inexpensive steganography
programs are available for download.
And there is ample evidence that
terrorists have made use of encryption technologies, which are
difficult to break.
The arrest in Pakistan in July of Muhammad Naeem
Noor Khan, thought to be an Al Qaeda communications specialist, for
yielded a trove of ciphered messages from his computers.
Still, the mere act of encrypting a message could draw attention,
numerous software programs have been developed to hide messages in
At one Web site, spammimic.com,
a user can type in a phrase like "Meet
me at Joe's" and have that message automatically converted into a
of prose that reads like a spam message: "Dear Decision
maker; Your e-mail address has been submitted to us indicating
interest in our briefing! This is a one-time mailing there is no need
to request removal if you won't want any
more," and so forth.
The prose is then pasted into an e-mail message and sent. A recipient
expecting the fake spam
message can then paste it into the site's
decoder and read the original message.
Another free program will convert
short messages into fake dialogue
for a play. And still simpler schemes require no special software at
all - or even
the need to send anything.
In one plan envisioned by Mr. Hinnen in his law review article, a
group need only provide
the same user name and password to all of its
members, granting them all access to a single Web-based e-mail
One member simply logs on and writes, but does not send, an
e-mail message. Later, a co-conspirator, perhaps on the other
the globe, logs on, reads the unsent message and then deletes it.
"Because the draft was never sent," Mr.
Hinnen wrote, the Internet
service provider "does not retain a copy of it and there is no record
of it traversing the
Internet - it never went anywhere." The message
would be essentially untraceable.
Michael Caloyannides, a computer
forensics specialist and a senior
fellow at Mitretek Systems, a nonprofit scientific research
organization based in
Falls Church, Va., said the nature of a
networked universe made it possible for just about anyone to
Conspirators do not even need to rely on
code-hiding programs, because even automated teller machines can be
send signals, Dr. Caloyannides explained,
A simple withdrawal of $20 from an account in New York might serve as
instant message to an accomplice monitoring the account
electronically from halfway around the world, for example.
Caloyannides, who will conduct a workshop next May for government
officials and others trying to track terrorist communications,
pointed to hundreds of digitally encrypted messages daily on public
Usenet newsgroups. The messages often come
from faked e-mail accounts;
the intended recipients are often unknown. But a covert correspondent
secret communiqué at a particular newsgroup need only
download a batch of messages and then use an encryption key on one
some prearranged subject line, "like 'chocolate cake,' " Dr.
Lt. Col. Timothy L. Thomas,
an analyst at the United States Army's
Foreign Military Studies Office at Fort Leavenworth, Kan., wrote last
the journal Parameters, the U.S. Army War College quarterly,
that the threat of cyberplanning may be graver than the threat
terrorist attacks on the world's networks.
"We used to talk about the intent of a tank," Colonel Thomas explained
an interview. "If you saw one, you knew what it was for. But the
intent of electrons - to deliver a message, deliver a
virus, or pass
covert information - is much harder to figure."
This has long frustrated intelligence analysts, according
Bamford, an author and a specialist on the National Security Agency.
"In the cold war days, you knew which
communications circuits to
watch," he said. "We knew that most of it was high-frequency anyway,
so we had the place
surrounded by high-frequency intercepts. Those
frequencies weren't going anywhere, so you just sat there with the
on and listened."
The problem now, Mr. Bamford said, is that the corridors for
communication have become infinite
and accessible to everyone. "You
just don't sit and listen to a particular channel," he said. "It's all
over the place.
It's a 'needle in the haystack' problem that you
Russ Rogers, a former Arab linguist with the National Security
and the Defense Information Systems Agency, said he feared security
agencies might not realize how dense the
haystack has become.
"We've become a little bit arrogant," said Mr. Rogers, the author of a
new book, "Hacking a
Terror Network: The Silent Threat of Covert
Channels,"  which uses fictional situations to highlight the ways
can communicate secretly online.
"We feel like we created the Internet, that we've mastered the
network," Mr. Rogers
said. "But we're not paying attention to how it's
being used to work against us."