|
Terrorist organizations and other national enemies have launched bogus Web sites that mask their covert
information or provide misleading information to users they identify as federal employees or agents, according to Lance Cottrell,
founder and chief scientist at Anonymizer of San Diego.
The criminal and terrorist organizations also increasingly are blocking all traffic from North
America or from Internet Protocol addresses that point back to users who rely on the English language, Cotrell told an educational
seminar in Washington at the FOSE 2006 trade show’s Homeland Security Center yesterday. FOSE is sponsored by PostNewsweek
Tech Media, the parent company of Government Computer News.
Among the risks of the terrorist cloaking practice are that the organizations can provide bogus
passwords to covert meetings. By doing so they can pinpoint federal intelligence agents who attend the meetings, making them
vulnerable to being kidnapped or becoming the unwitting carriers of false information, Cottrell said.
Cloaking is just one means by which hostile intelligence organizations can exploit the ability
of IP addresses to reveal the physical location—and frequently the organizational identity—of a user visiting
a Web site.
Another method Cottrell described was a case in which hackers set a number of criteria that they
all shared using the Linux operating system and the Netscape browser, among other factors. When federal investigators using
PCs running Windows and using Internet Explorer visited the hackers' shared site, the hackers' system immediately mounted
a distributed denial-of-service attack against the federal system.
Cottrell said his company had helped humanitarian activists in the former Yugoslav republic of
Kosovo shield themselves from attacks by paramilitary goons employed by Serbian strongman Slobodan Milošević. The
Milošević paramilitaries were using the activists' IP addresses to pinpoint their physical locations and follow
up with attacks aimed at preventing the activists' campaigns against specific human rights abuses.
"Imagine the kind of damage a mole at Google could do," Cottrell said, noting that Google keeps
logs of the Web searches it provides, which provide a comprehensive picture of users' Web traffic patterns.
In a similar fashion, Web-savvy intelligence specialists can use IP address data to analyze what
types of information a particular federal user is seeking and, by inference, what types of intelligence or counterintelligence
operations federal agencies are carrying out.
Cottrell described a situation in which Anonymizer employees had worked on a Navy aircraft carrier
that allowed sailors to access the Web. He noted that by analyzing Web traffic that could be traced back to that ship via
the IP addresses of its public browsers, hostile intelligence services could determine the name of the ship, the port it was
visiting and other information.
Cottrell said his company, which sells technology to prevent the use of IP address information
for such purposes, had shielded the identities of the providers of 25,000 tips to the FBI in one recent three-month period.
Even as the use of IP address security technology is critical to maintaining Web security, Cottrell
noted that the use of firewalls, antivirus software, measures to defeat social engineering and reduce human error are also
essential.
Anonymizer has received a contract from the Broadcasting Board of Governors, the foreign-policy
agency that runs the Voice of America international radio service, to provide technology that the people of Iran can use to
circumvent their government's Web censorship program. Anonymizer also soon will launch, at its own expense, a service that
will allow the people of China to overcome Beijing's massive program to censor the Web, Cottrell said.
|
