is allowing terrorists — Hamas, Hezbollah, al-Qaida and others
— to communicate about their criminal intentions without fear
of outside intrusion," FBI Director Louis Freeh said last
March during closed-door testimony on terrorism before a
Senate panel. "They're thwarting the efforts of law
enforcement to detect, prevent and investigate illegal
A terrorist's tool
Once the exclusive domain of the National
Security Agency, the super-secret U.S. agency responsible for
developing and cracking electronic codes, encryption has
become the everyday tool of Muslim extremists in Afghanistan,
Albania, Britain, Kashmir, Kosovo, the Philippines, Syria, the
USA, the West Bank and Gaza and Yemen, U.S. officials say.
It's become so fundamental to the
operations of these groups that bin Laden and other Muslim
extremists are teaching it at their camps in Afghanistan and
Sudan, they add.
"There is a tendency out there to
envision a stereotypical Muslim fighter standing with an AK-47
in barren Afghanistan," says Ben Venzke, director of special
intelligence projects for iDEFENSE, a cyberintelligence and
risk management company based in Fairfax, Va.
"But Hamas, Hezbollah and bin Laden's
groups have very sophisticated, well-educated people. Their
technical equipment is good, and they have the bright, young
minds to operate them," he said.
U.S. officials say bin Laden's
organization, al-Qaida, uses money from Muslim
sympathizers to purchase computers from stores or by mail. Bin
Laden's followers download easy-to-use encryption programs
from the Web, officials say, and have used the programs to
help plan or carry out three of their most recent plots:
- Wadih El Hage, one of the suspects in the 1998 bombing
of two U.S. embassies in East Africa, sent encrypted e-mails
under various names, including "Norman" and "Abdus Sabbur,"
to "associates in al Qaida," according to the Oct. 25, 1998,
U.S. indictment against him. Hage went on trial Monday in
federal court in New York.
- Khalil Deek, an alleged terrorist arrested in Pakistan
in 1999, used encrypted computer files to plot bombings in
Jordan at the turn of the millennium, U.S. officials say.
Authorities found Deek's computer at his Peshawar, Pakistan,
home and flew it to the National Security Agency in Fort
Meade, Md. Mathematicians, using supercomputers, decoded the
files, enabling the FBI to foil the plot.
- Ramzi Yousef, the convicted mastermind of the World
Trade Center bombing in 1993, used encrypted files to hide
details of a plot to destroy 11 U.S. airliners. Philippines
officials found the computer in Yousef's Manila apartment in
1995. U.S. officials broke the encryption and foiled the
plot. Two of the files, FBI officials say, took more than a
year to decrypt.
"All the Islamists and terrorist groups
are now using the Internet to spread their messages," says
Reuven Paz, academic director of the Institute for
Counter-Terrorism, an independent Israeli think tank.
Messages in dots
U.S. officials and militant Muslim groups
say terrorists began using encryption — which scrambles data
and then hides the data in existing images — about five years
But the groups recently increased its use
after U.S. law enforcement authorities revealed they were
tapping bin Laden's satellite telephone calls from his base in
Afghanistan and tracking his activities.
"It's brilliant," says Ahmed Jabril,
spokesman for the militant group Hezbollah in London. "Now
it's possible to send a verse from the Koran, an appeal for
charity and even a call for jihad and know it will not
be seen by anyone hostile to our faith, like the
Extremist groups are not only using
encryption to disguise their e-mails but their voices, too,
Attorney General Janet Reno told a presidential panel on
terrorism last year, headed by former CIA director John
Deutsch. Encryption programs also can scramble telephone
conversations when the phones are plugged into a computer.
"In the future, we may tap a conversation
in which the terrorist discusses the location of a bomb soon
to go off, but we will be unable to prevent the terrorist act
when we cannot understand the conversation," Reno said.
Here's how it works: Each image, whether
a picture or a map, is created by a series of dots. Inside the
dots are a string of letters and numbers that computers read
to create the image. A coded message or another image can be
hidden in those letters and numbers.
They're hidden using free encryption
Internet programs set up by privacy advocacy groups. The
programs scramble the messages or pictures into existing
images. The images can only be unlocked using a "private key,"
or code, selected by the recipient, experts add. Otherwise,
they're impossible to see or read.
"You very well could have a photograph
and image with the time and information of an attack sitting
on your computer, and you would never know it," Venzke says.
"It will look no different than a photograph exchanged between
two friends or family members."
U.S. officials concede it's difficult to
intercept, let alone find, encrypted messages and images on
the Internet's estimated 28 billion images and 2 billion Web
Even if they find it, the encrypted
message or image is impossible to read without cracking the
encryption's code. A senior Defense Department mathematician
says cracking a code often requires lots of time and the use
of a government supercomputer.
It's no wonder the FBI wants all
encryption programs to file what amounts to a "master key"
with a federal authority that would allow them, with a judge's
permission, to decrypt a code in a case of national security.
But civil liberties groups, which offer encryption programs on
the Web to further privacy, have vowed to fight it.
Officials say the Internet has become the
modern version of the "dead drop," a slang term describing the
location where Cold War-era spies left maps, pictures and
But unlike the "dead drop," the Internet,
U.S. officials say, is proving to be a much more secure way to
conduct clandestine warfare.
"Who ever thought that sending encrypted
streams of data across the Internet could produce a map on the
other end saying 'this is where your target is' or 'here's how
to kill them'?" says Paul Beaver, spokesman for Jane's
Defense Weekly in London, which reports on defense and
cyberterrorism issues. "And who ever thought it could be done
with near perfect security? The Internet has proven to be a
boon for terrorists."