Threat Matrix: Daily Terror Threat

I really question why we have not rounded up some of these people- checked the mosques- place the ME's in some very nice detention centers---not PC I know, but this is WAR.

Also, for the innocent ME's- once the "hittings" begin- they are going to be (wrongly) attacked. It would be in their best interest to be in a safe haven when TSHTF.

I think it would be a SUPER THING for you to add a paragraph or so about what you think are the most significant points after going through the hole piece as you did.

That's a good idea, I should have done that... I am slightly perplexed on what to think as far as the speeches since they were first released in August. I do not know exactly what the reason for the re-release is.

It took about 4 hours to type up, going frame by frame (each only had a few words on it). Quite tedious, but good practice... it is one of the few arabic videos I have come across with subtitles. It is good practice, by the third listen I was able to start picking up a lot of words and thoughts on my own. It reminded me I need to start studying for Arabic again! Only got a month till school starts. :<

I will be going back through it today and highlighting some things and will likely add some thoughts and place it on my website this afternoon. If you would like to take another look, I will pass along the link or repost here... whichever works best. :)

No- shall do....heading out briefly for a dunkin donuts break---will return barring unforeseen circumstances...

OMG, another good catch

I stand corrected.

There was one error in one of the names on this post.

re:

"The dead guys' names are listed in my repost on #1862."

After going through the whole video 3x, I still have yet to come across any code...

Maybe It requires a special program to capture quickly enough, but personally, I did not see a thing.

So møøslimbs are officially backstabbers?

They smile in your face All the time they want to take your place...

UBL is evil... if it was up to him they would all be like that. I still hold out hope that they are not all followers of his sick ideology. I know several Muslims that I am happy to call friends. I do not believe they would do anything like that.

i don't recall seeing this yesterday:

Bush signs bill to stockpile antidotes

WASHINGTON - President Bush on Wednesday signed legislation to develop and stockpile vaccines and other antidotes to chemical and germ attacks, saying the measure will "rally the great promise of American science and innovation to confront the greatest danger of our time."

The legislation, called Project BioShield, provides the drug industry with incentives to research and develop bioterrorism countermeasures. It speeds up the approval process of antidotes and, in an emergency, allows the government to distribute certain treatments before the Food and Drug Administration has approved them.

Search for nuclear rods doesn't concern residents

The Times-Standard (Calif.)

KING SALMON -- It has eluded him his entire life, but Matt Wachs is determined to one day espy a magnificent frigatebird.

For years, Wachs, who lives across the freeway from King Salmon, has been coming here to set up his spotting scope on the water's edge in search of the bird, a tropical species that on rare occasions has been spotted on Humboldt Bay.

But in recent days, Wachs has added something else to his watch list.

Ever since the news broke last week that Pacific Gas and Electric Co. lost track of three dowel-size segments of nuclear fuel at its power plant in King Salmon, Wachs said he's been keeping a lookout and searching his memory too, just in case.

"I've been searching these waters for six years and I haven't seen any nuclear rods or anything that looks like them," Wachs said.

But then Wachs added, tongue-in-cheek, that he's not sure what nuclear fuel rods would look like.

On Friday, PG&E confessed it had lost track of about 4 pounds of used nuclear fuel. The last time the utility remembers seeing it was at the plant on King Salmon Drive in the late 1960s.

Thanks for the clarification, that makes sense.

I'm not sure since I don't host that image. Maybe SP2BF would know.

And this story is lead in with a frigate bird?

I should think this would be a big story. Thanks for posting it.

It was pulled...

There is an interesting discussion about it here:

http://www.abovetopsecret.com/forum/thread67496/pg1

Horrible lede, isn't it?

I came across this Frontline Interniew w/Richard Clark a
couple of weeks ago.

What we found on Al Qaeda computers were two things. One, the kind of simple hacking tools that are available to anyone who goes out on the Internet looking for them, tools such as LOphtCrack that allows you to get into almost anyone's password if they've used a simple eight-digit password. That kind of tool frightens most people when they learn that if they're using only an eight-digit password with standard numbers and letters that probably anyone can get into your password in less than two minutes by downloading a tool like LOphtCrack, which is available publicly on the Internet. It was that kind of tool which we found, nothing terribly sophisticated.

But we also found indications that members of Al Qaeda were from outside the United States doing reconnaissance in the United States on our critical infrastructure. Where were the railroad crossings? Where were the big natural gas depositories? Where were the bridges over rivers that also carried the fiber for the backbone of the Internet? It's possible now to do that kind of targeting, which would have, in the past, required lots of people and running around the country. It's possible to sit in the cyber cafe in Peshawar and do that kind of reconnaissance.

We're troubled by the fact that a number of people related to Al Qaeda -- including Khalid Sheikh Mohammed, who was recently arrested, and was the chief operating officer -- a number of these people have technical background. Khalid Sheikh Mhammed studied engineering at [a] university [in] North Carolina. He was employed for awhile at a water ministry in the nation of Qatar in the Persian Gulf. Recently, a student at the University of Idaho was arrested by the FBI for alleged terrorist connections, and he was studying in a Ph.D. program on cyber security.

So, I think, similarly to the fact that some of the Sept. 11 hijackers had training in flight training, some of the people that we're seeing now related to Al Qaeda had training in computer security.

What does this mean as far as attitude towards Al Qaeda's interest in cyber war?

Well, the fact that these people are gathering skills in cyber war capability is very troubling, combined with the fact that we know that they're looking on the Web for hacking tools. We know that because we've seized some of their computers. It suggests to me that Al Qaeda may be trying to grow an indigenous cyber warfare capability.

I think, it suggests that some day we may see Al Qaeda, if it's still alive and operating, use cyberspace as a vehicle for attacking infrastructure, not with bombs but with bytes.

For an organization like Al Qaeda that is looking to leverage its investment, to have the biggest possible damage for the least possible investment, cyberspace is a good bet because it doesn't cost a lot of money to develop these skills. You could have an effect in a number of places simultaneously, without being in those locations, and you can achieve a certain degree of anonymity and a certain degree of invulnerability to arrest [or] apprehension.

Naval Postgraduate School

Some of the things that concern me about the increasing awareness Al Qaeda has of advanced information technologies is the apparent evidence that some of their operatives were undergoing advanced hacking training. It's very clear from intercepted communications, as well as discs that were found, that there is an extremely vigorous use of the Web and the Net. There is a surprisingly small amount of strong encryption being used, but that doesn't mean their messages are uncoded. It appears that there's a lot of low-tech coding going on with simple word substitution codes or perhaps book codes being used, which are also very hard. This is why we need a new Bletchley Park of code-breakers for the information age, because it's not all going to be codes broken by high-performance computers. It's also going to be about intuitive insights that are generated into what kind of paradigm are they using for securing their communications. It's also clear that all money movement is basically done with e-mails rather than the physical movements of money.

Now it's also important, as a last point, not to consider Al Qaeda 10 feet tall in this area. We're looking at [Khalid] Sheikh Mohammed, for example, who was simply using the e-mail account of a relative or friend, and assuming that maybe that relative or friend wasn't going to be monitored in some fashion. Very, very sloppy in that particular case. And there are other examples of sloppiness that we can't talk about in more detail.

But from the evidence that's out there, is there enough evidence to believe that they could be gearing up? And if they are -- or if they're not -- would we know it?

When we think about Al Qaeda and its potential for cyber terror or other sympathetic Muslim groups, we're now in an area that's very proprietary in nature. All I can say on this subject is that there is a cyber jihad going on right now against Israel. And so, we see some people that we associate with modern terrorism who are trying to use cyberspace-based means to pursue their ends. Beyond that, I'm afraid we're in a very classified area.

Center for Strategic and International Studies

[Al Qaeda] laptops were found with programming information and software sites for SCADA systems and other systems for power and water company sites.

I think one of the things that's troubling about Al Qaeda, and really some of the other groups, is they're very methodical. They're very serious. And so, I think they will work through all the options and say, "If I do this attack, what do I get? If I do that attack, what do I get?" They're also very good at collecting information.

They have taken advantage of the global communications networks that we've set up, the global information networks that have appeared in the last decade, and learned how to use them to become a terrorist organization that can operate almost anywhere in the world. So they're a very thorough group. But at the end of the day, I think their first choice is always going to be some more powerful physical weapon. Cyber weapons just aren't a good replacement for bombs.

You're walking sort of out on a limb here, aren't you, because you could be proven wrong?

What I'm trying to do is think about if there was a cyber attack, would it paralyze the United States? And I think that the odds of that are very low, because it's easier to recover from a cyber attack. There's no physical damage. There's no casualties. I think that when Al Qaeda goes through their calculations, they'll go to the same sort of calculation I've gone through, which is they want something that's going to be successful.

I think there's the psychological payoff which is these people want to do things that will allow them to attack the United States. And both on the receiving end and on the sending end, a cyber attack doesn't have that payoff. Going back to Osama and saying, "Hey, I launched 16,000 attacks against electrical networks and one of them caused a blackout in Cloverdale, California for three hours," it's not going to get you there in the martyr's hall of fame. They're going to want to do something much more damaging. And that's a very frightening possibility, but cyber is not part of that.

Deputy Secretary of Defense (1997-1999)

On [Al Qaeda's] laptops, which we got our hands on, there were all these probing of sites dealing with programming of SCADA systems and control of SCADA systems within electrical and other power company scenarios. Should we be worried? ...

I think we should worry about it. But these are the same people that had drawings of nuclear power plants and treatises about how to make ricin out of castor beans. You know, it's very clear these people have been listening to us more intensively than, frankly, our own country has, about the risks and the threats we faced. The fact that there is evidence that they're aware of our debate doesn't mean that that is evidence of their capability.

I think we have to take a much more seasoned and dispassionate assessment before we simply jump to a conclusion that because there's a file where some guy is referencing the vulnerability of SCADAs or cyber attack, that that equals capability. I'd have to see a lot more evidence that indicated that just simply an awareness constitutes capability. ...

Sandia National Laboratories

I think that we shouldn't underestimate any adversary, especially one as sophisticated as Al Qaeda. This kind of group, if they don't have the innate knowledge to achieve a cyber attack, if they should choose to do so, can obtain that knowledge from other individuals. ...

FBI, National Infrastructure Protection Center (2001-2002)

As the director of the National Infrastructure Protection Center, I'm not aware of any terrorist organizations using any malicious activity to attack the infrastructures. However, they do use it. It's widely known. They use it for command and control and communication purposes within the various terrorist organizations. And they also use the Internet to collect information of potential targets, just like any other military operation. So that we need to be better prepared, not only in the government, but also in the private sector, to understand what information we're putting out there and are we telling our enemies too much.

Al Qaeda's expertise in using the Net for communication, does that translate into an expertise to use cyber as a weapon?

It certainly translates into a knowledge of the capability. I mean, there had to be some research done on the part of various terrorist organizations that use a command and control communications as to how they use it. I don't know that I'd call this sophisticated techniques, but obviously techniques that were more than just what the home user would normally know. But in doing that kind of research you also would be able to discern that you can use it for malicious purposes.

Why haven't terrorist organizations used it in that fashion? My opinion is that it doesn't have the impact that they're looking for. Most terrorist organizations want to have visuals, if you will, for the media, of loss of life and destruction of various buildings and so forth. If you have an attack in cyberspace you're not going to have those kind of visuals that terrorist organizations are looking for.

That's why what keeps me awake at night -- that if they use visuals in conjunction with a cyber attack, it can dramatically compound the impact of that.

How imminent a threat from Al Qaeda, the use of this weapon?

I don't know. I mean, that's the $64 million dollar question. We have known for some time that terrorist organizations have been looking at those things and trying to acquire the skills to utilize those kinds of tools or weapons.

Information Warfare Expert

Al Qaeda. What do we know about their capabilities?

Al Qaeda uses information technology and computers for a number of purposes. We know that they use them for communications. The FBI has two terabytes of data sitting that they're running analysis on. Everyone is very, very happy in the intelligence committee when an Al Qaeda computer is seized because they know that that's used for plans and communications.

Al Qaeda as a network has known connections to ISI, Inter Services Intelligence, which is Pakistani intelligence, which then has contacts established to some of these hacker groups that are then operating against other targets.

The belief is that if you accept that there is a connection between Al Qaeda and the ISI, and that the ISI would be, for example, operating against the Indians, Al Qaeda then has a conjoint interest with the ISI, either against India or other targets that Al Qaeda would be able to gain access to or task those computer hackers to do what they need done.

You mentioned that we have in our hands from laptops two terabytes, or whatever, of material. Do we know what that stuff is, or are we still stymied by the fact that they were sophisticated enough to code it?

As an example, the U.S. and British intelligence acquired in Manchester a copy of Al Qaeda's tradecraft manual. In the version that the U.K. and the U.S. released to the public of this tradecraft manual, the section on Al Qaeda's use of cryptography was removed because nobody wanted the world to see that Al Qaeda was communicating to its own members how to use cryptography. As a supporter of strong cryptography myself, I don't want to make an argument that would be interpreted as, "Well, you have to control cryptography." I mean, the worms are out of the can. You can't put them back in.

But they use sophisticated codes, and they use sophisticated cryptography, and they use sophisticated electronic mechanisms to communicated, including now, one-time-use electronic mail accounts that--

So give me one example of sophisticated cryptography using communications?

As an example of Al Qaeda using sophisticated technical means to communicate, one of the members of Al Qaeda was receiving what looks to be spam e-mail. That spam e-mail was not structured the way other spam e-mail is. I don't want to go into the forensic details on that. But, what it was is it looked like a link to a sex site where there was an image. And every time the piece of spam e-mail was sent, it was actually a mailbox flag. Because what that meant is that somebody had changed the message inside the image. The image was the same, the byte count was different. What happened was that the person receiving the message knew to go and pull the coded information back out because it was new. It was a mailbox flag. That's extremely sophisticated, and that's extremely difficult to track back using electronic means.

The basic information is that using a Web-based electronic dead drop, essentially, Al Qaeda members were clueing each other in that they were exchanging coded secret messages and planning information across what looks to be normal Web sites, and then they were informing each other of this through electronic mail. So there was no way for somebody intercepting the mail to figure out what was going on or looking at the Web site.

So they were getting it all using a pornographic Web site to transfer communications?

Yes.

How did they do that?

Well, you can throw up any kind of a Web site on the Web that you want. You can use any one of numerous free mechanisms on the Web. They've been a big user of Yahoo Groups. They've been using Yahoo Groups where they set themselves up a little discussion group that was being used back and forth to plan their trips through Pakistan to Afghanistan.

The other sophisticated use that you were talking about is one time only e-mail addresses? How did that work?

Using actually very, very simple mathematics, two people could exchange a secret, whether it's over the phone or when they meet in person, so that in the future they would be able to coordinate creating e-mail addresses, whether it's at Hotmail or some other free service, such that only they would know what the next e-mail address was going to be, so that they would use an e-mail address once to send or receive a message, and then they would never use it again, so that there is no forensics and no way of looking at prior traffic to tell where the next traffic is going or coming from.

So what does it say about their ability to translate this into using cyberspace as a method of hitting us tactically?

If you looked at Al Qaeda as sort of going from the core outward, at the core of Al Qaeda, the communications amongst the core members, bin Laden and his inner circle, is occurring using non-electronic means because they recognize that intercept technology from the U.S., and the U.K., and other players is extremely sophisticated.

Where Al Qaeda gets interesting is, once you move out of that core, they become very, very high tech, because the group is acting without positive control, without somebody delivering specific orders. You'll hear this referred to as the franchise model, where Al Qaeda has partners or loose connections with other groups who will operate independently, who are given support. Those organizations are coordinated with using very, very sophisticated technical means. The technical means that they would use are such that they are already a participant in the very same communities that are exchanging computer vulnerabilities, vulnerable systems, other sorts of attack information, including knowledge of how to attack U.S. infrastructure.

So, the very fact that they're using very, very sophisticated communications technology, it doesn't happen in a vacuum. It occurs as part of a community. The same community that exchanges one set of information, is exchanging other information. I can't believe that Al Qaeda is only listening to a very, very small part of the chatter in the community and ignoring all the rest.

That is very interesting, I have been reading since
yesterday when Davey posted the link.

If that wasn't posted in this context, I would have skimmed and moved on.

Disturbing post. Can we not hire ONE person for each major airport to document and compile reports like these? Based on the info that has come to light in the last week or so, re "probing" airline security, I think we would be wise to take a broad look at the overall situation to get a firm grip on what the terrs are currently focusing on. Also, I think we need to take a harder line on obvious "probing". No more of this "questioned and released" nonsense, IMHO!

Yeah, I'm convinced that Twexus is being used for evil communications.