Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Posted: 3/26/2006 3:10:50 PM EDT
http://www.washingtonpost.com/wp-dyn/content/article/2006/03/25/AR2006032500020_pf.html

Terrorist 007, Exposed

By Rita Katz and Michael Kern
Sunday, March 26, 2006; B01

For almost two years, intelligence services around the world tried to uncover the identity of an Internet hacker who had become a key conduit for al-Qaeda. The savvy, English-speaking, presumably young webmaster taunted his pursuers, calling himself Irhabi -- Terrorist -- 007. He hacked into American university computers, propagandized for the Iraq insurgents led by Abu Musab al-Zarqawi and taught other online jihadists how to wield their computers for the cause.

Suddenly last fall, Irhabi 007 disappeared from the message boards. The postings ended after Scotland Yard arrested a 22-year-old West Londoner, Younis Tsouli, suspected of participating in an alleged bomb plot. In November, British authorities brought a range of charges against him related to that plot. Only later, according to our sources familiar with the British probe, was Tsouli's other suspected identity revealed. British investigators eventually confirmed to us that they believe he is Irhabi 007.

The unwitting end of the hunt comes at a time when al-Qaeda sympathizers like Irhabi 007 are making explosive new use of the Internet. Countless Web sites and password-protected forums -- most of which have sprung up in the last several years -- now cater to would-be jihadists like Irhabi 007. The terrorists who congregate in those cybercommunities are rapidly becoming skilled in hacking, programming, executing online attacks and mastering digital and media design -- and Irhabi was a master of all those arts.

But the manner of his arrest demonstrates how challenging it is to combat such online activities and to prevent others from following Irhabi's example: After pursuing an investigation into a European terrorism suspect, British investigators raided Tsouli's house, where they found stolen credit card information, according to an American source familiar with the probe. Looking further, they found that the cards were used to pay American Internet providers on whose servers he had posted jihadi propaganda. Only then did investigators come to believe that they had netted the infamous hacker. And that element of luck is a problem. The Internet has presented investigators with an extraordinary challenge. But our future security is going to depend increasingly on identifying and catching the shadowy figures who exist primarily in the elusive online world.

The short career of Irhabi 007 offers a case study in the evolving nature of the threat that we at the SITE Institute track every day by monitoring and then joining the password-protected forums and communicating with the online jihadi community. Celebrated for his computer expertise, Irhabi 007 had propelled the jihadists into a 21st-century offensive through his ability to covertly and securely disseminate manuals of weaponry, videos of insurgent feats such as beheadings and other inflammatory material. It is by analyzing the trail of information left by such postings that we are able to distinguish the patterns of communication used by individual terrorists.

Irhabi's success stemmed from a combination of skill and timing. In early 2004, he joined the password-protected message forum known as Muntada al-Ansar al-Islami (Islam Supporters Forum) and, soon after, al-Ekhlas (Sincerity) -- two of the password-protected forums with thousands of members that al-Qaeda had been using for military instructions, propaganda and recruitment. (These two forums have since been taken down.) This was around the time that Zarqawi began using the Internet as his primary means of disseminating propaganda for his insurgency in Iraq. Zarqawi needed computer-savvy associates, and Irhabi proved to be a standout among the volunteers, many of whom were based in Europe.

Irhabi's central role became apparent to outsiders in April of that year, when Zarqawi's group, later renamed al-Qaeda in Iraq, began releasing its communiqués through its official spokesman, Abu Maysara al-Iraqi, on the Ansar forum. In his first posting, al-Iraqi wrote in Arabic about "the good news" that "a group of proud and brave men" intended to "strike the economic interests of the countries of blasphemy and atheism, that came to raise the banner of the Cross in the country of the Muslims."

At the time, some doubted that posting's authenticity, but Irhabi, who was the first to post a response, offered words of support. Before long, al-Iraqi answered in like fashion, establishing their relationship -- and Irhabi's central role.

Over the following year and a half, Irhabi established himself as the top jihadi expert on all things Internet-related. He became a very active member of many jihadi forums in Arabic and English. He worked on both defeating and enhancing online security, linking to multimedia and providing online seminars on the use of the Internet. He seemed to be online night and day, ready to answer questions about how to post a video, for example -- and often willing to take over and do the posting himself. Irhabi focused on hacking into Web sites as well as educating Internet surfers in the secrets to anonymous browsing.

In one instance, Irhabi posted a 20-page message titled "Seminar on Hacking Websites," to the Ekhlas forum. It provided detailed information on the art of hacking, listing dozens of vulnerable Web sites to which one could upload shared media. Irhabi used this strategy himself, uploading data to a Web site run by the state of Arkansas, and then to another run by George Washington University. This stunt led many experts to believe -- erroneously -- that Irhabi was based in the United States.

Irhabi used countless other Web sites as free hosts for material that the jihadists needed to upload and share. In addition to these sites, Irhabi provided techniques for discovering server vulnerabilities, in the event that his suggested sites became secure. In this way, jihadists could use third-party hosts to disseminate propaganda so that they did not have to risk using their own web space and, more importantly, their own money.

As he provided seemingly limitless space captured from vulnerable servers throughout the Internet, Irhabi was celebrated by his online followers. A mark of that appreciation was the following memorandum of praise offered by a member of Ansar in August 2004:

"To Our Brother Irhabi 007. Our brother Irhabi 007, you have shown very good efforts in serving this message board, as I can see, and in serving jihad for the sake of God. By God, we do not like to hear what hurts you, so we ask God to keep you in his care.

You are one of the top people who care about serving your brothers. May God add all of that on the side of your good work, and may you go careful and successful.

We say carry on with God's blessing.

Carry on, may God protect you.

Carry on serving jihad and its supporters.

And I ask the mighty, gracious and merciful God to keep for us everyone who wants to support his faith.

Amen."

Irhabi's hacking ability was useful not only in the exchange of media, but also in the distribution of large-scale al-Qaeda productions. In one instance, a film produced by Zarqawi's al-Qaeda, titled "All Is for Allah's Religion," was distributed from a page at www.alaflam.net/wdkl .

The links, uploaded in June 2005, provided numerous outlets where visitors could find the video. In the event that one of the sites was disabled, many other sources were available as backups. Several were based on domains such as www.irhabi007.ca or www.irhabi007.tv , indicating a strong involvement by Irhabi himself. The film, a major release by al-Qaeda in Iraq, showed many of the insurgents' recent exploits compiled with footage of Osama bin Laden, commentary on the Abu Ghraib prison, and political statements about the rule of then-Iraqi Interim Prime Minister Ayad Allawi.

Tsouli has been charged with eight offenses including conspiracy to murder, conspiracy to cause an explosion, conspiracy to cause a public nuisance, conspiracy to obtain money by deception and offences relating to the possession of articles for terrorist purposes and fundraising. So far there are no charges directly related to his alleged activities as Irhabi on the Internet, but given the charges already mounted against him, it will probably be a long time before the 22-year-old is able to go online again.

But Irhabi's absence from the Internet may not be as noticeable as many hope. Indeed, the hacker had anticipated his own disappearance. In the months beforehand, Irhabi released his will on the Internet. In it, he provided links to help visitors with their own Internet security and hacking skills in the event of his absence -- a rubric for jihadists seeking the means to continue to serve their nefarious ends. Irhabi may have been caught, but his online legacy may be the creation of many thousands of 007s.
Link Posted: 3/26/2006 3:12:23 PM EDT
kill him and bury him at a pig farm
Link Posted: 3/26/2006 3:20:07 PM EDT
Somebody tell me why intelligence services around the world can't catch these guys?
Link Posted: 3/26/2006 6:11:36 PM EDT
Because they are "listening" to them.
Link Posted: 3/26/2006 6:15:50 PM EDT

Originally Posted By fike:
Somebody tell me why intelligence services around the world can't catch these guys?




The NSA knows who they are.

But you don't arrest these guys until they stop being useful to us.
Link Posted: 3/26/2006 6:19:08 PM EDT
We all need to copy this story and send it to some Libtard we know who is against domestic surveillance.
Link Posted: 3/26/2006 6:22:19 PM EDT

Originally Posted By Spade:

Originally Posted By fike:
Somebody tell me why intelligence services around the world can't catch these guys?




The NSA knows who they are.

But you don't arrest these guys until they stop being useful to us.



that, and modern day encryption and proxy services makes it very difficult for even the "geniuses" at the NSA and our intelligence agencies to track them down. For a non-terrorist example: how many of the major child-porn distributors have been shut down... 1...2...3 perhaps? Why are PTHC and other organizations involved in the distribution and production of child porn still running after they have been around for almost a decade?
Link Posted: 3/26/2006 6:22:26 PM EDT
[Last Edit: 3/26/2006 6:23:32 PM EDT by Johnny_Reno]
Well, let's give that man an orange jumpsuit and an all expense paid vacation to Club Gitmo.
Link Posted: 3/26/2006 6:22:47 PM EDT

Originally Posted By Midnight-Sniper:
We all need to copy this story and send it to some Libtard we know who is against domestic surveillance.



That would entail said libtard using logic:



Link Posted: 3/26/2006 6:25:03 PM EDT
[Last Edit: 3/26/2006 6:29:50 PM EDT by PreMed_Gunner]

Originally Posted By Midnight-Sniper:
We all need to copy this story and send it to some Libtard we know who is against domestic surveillance.



Of course, interception of email doesn't work when the terrorists merely write emails and save them in their account's "draft" folder, and hand around the account's password to those who are "in the need"; the only targets of domestic spying that don't use encryption/code-books/etc. are the common citizens, who are the real "enemy" according the NSA.
Link Posted: 3/26/2006 6:42:13 PM EDT
Ban the internet.

It's for the children.

Max
Top Top