Government agencies are contacting computer experts for help in understanding how Osama bin Laden and his associates may have used the Internet to send encrypted electronic messages to one another to coordinate last week's attacks on the World Trade Center and the Pentagon, sources said yesterday.
For at least three years, federal agents had found evidence that bin Laden's group embedded secret missives in mundane e-mails and on Web sites. But efforts to track down and decipher the messages have floundered.
_____Related Articles_____
•
Investors Should Expect Continued Turbulence (The Washington Post, Sep 18, 2001)
•
Defense Contractors' Shares Rise (The Washington Post, Sep 18, 2001)
•
Hotels Are Reeling As Travelers Cancel (The Washington Post, Sep 18, 2001)
•
Fed Trims Rates By Half a Point (The Washington Post, Sep 18, 2001)
•
True Test For Markets In Coming Days (washingtonpost.com, Sep 17, 2001)
•
How Circuit Breakers and Trading Curbs Work (washingtonpost.com, Oct 1, 2001)
•
Local Technology Stocks Take Hit
•
Full America Attacked Business Coverage
|
| |
_____Live Online_____
•
Transcript: Carol Vinzant, Post Financial reporter, discusses the future of Wall Street.
•
Transcript: The Post's John Berry discusses the economic aftermath of this week's attacks.
•
Transcript: Post columnist Warren Brown answers questions about gas prices and the fuel economy
|
| |
|
Numerous, easy-to-download software applications are available online that enable users to protect transmissions from curious eyes and frustrate government attempts to create a systematic way to locate and screen those messages.
Basic encryption tools allow people to scramble messages so that only those with a "key" can read them. An increasing number, however, go beyond this by allowing messages to be hidden inside graphics, music files or in the headers of e-mails. The technology, known as steganography, allows users to get around electronic wiretaps by piggybacking messages on seemingly innocent digital files for things such as 'N Sync songs, a posting on eBay or a pornographic picture.
The proliferation of this technology, people in the security community say, is changing the rules of the intelligence game by allowing anyone to coordinate dispersed global armies quickly and cheaply.
Several experts in the field said yesterday they've received calls from the government asking for their assistance. One academic researcher said he was asked to remain on standby to help try to peel the layers off of any encrypted messages the government might find.
But that might be the easy part. Sources close to the investigation said the few messages investigators have intercepted in the past did not take advantage of encryption techniques. The challenge, at least in this case, has been finding the messages in the first place.
Neil Johnson, associate director of the Center for Secure Information Systems at George Mason University, which receives funding from the government, said steganography is powerful because messages can effectively be hidden almost anywhere.
Johnson's recent research has focused, with some success, on how to crack it by examining a site, image or data stream for signs that steganography was used, he said.
Mark Loveless, a computer security consultant with BindView Development Corp., said the technology is also popular because if it's used properly, it is almost impossible to trace the author of the message and the recipient because of the random way in which files are distributed from user to user using swapping services such as Napster and Gnutella.
In the wake of the attacks, Sen. Judd Gregg (R-N.H.) has proposed making it mandatory that software developers give government security agents the "keys" to encryption programs when they are created, a position strongly opposed by many in the technology community who worry it could be used to invade the privacy of law-abiding computer users.
Phil Zimmermann, the creator of a popular encryption technology, said he believes the answer to catching the terrorists lies in human footwork rather than more surveillance technologies: "It's not practical to frisk everyone on the planet to find the one person with a box cutter."
The government has been waging war on data-scrambling technology on several fronts for more than 30 years. It has asked Congress for stricter rules on exporting the technology and has taken the developers of such technology to courts. Most recently, the National Security Agency created a whole department to try to "leverage emerging technologies and sustain both our offensive and defensive information warfare capabilities," according to a recent document outlining its cryptography strategy.
At a closed congressional hearing last year, one federal official said that U.S. intelligence is "detecting with increasing frequency the appearance and adoption of computer and Internet familiarity" in the hands of terrorist organizations. "The skills and resources of this threat group range from the merely troublesome to dangerous," the official said in a submitted statement. "As we know, Middle East terrorist groups -- such as Hezbollah, Hamas and Osama bin Laden's organization -- are using computerized files, e-mail and encryption to support their organizations."
That view was echoed by Ben Venzke, an intelligence and cyber-security consultant in Virginia who assists several government agencies.
"Groups like them are very intelligent," he said. "They are very wise in the ways of tradecraft and operational security and will make use of any tools that are available," he said.
