How Terrorism Touches the 'Cloud' at RSA

At the RSA Conference, former U.S. military officer Jeff Bardin showed attendees the cyber-world aspects of terrorism, where supporters of groups such as al Qaeda use social networks to recruit and spread their message. In an interview with eWEEK, Bardin discussed some of the things he has seen online.

When it comes to the war on terrorism, not all battles, intelligence gathering and recruitment happen in the street. Some of it occurs in the more elusive world of the Internet, where supporters of terrorist networks build social networking sites to recruit and spread their message.

Enter Jeff Bardin of Treadstone 71, a former code breaker, Arabic translator and U.S. military officer who has been keeping track of vBulletin-powered sites run by supporters of al Qaeda. There are between 15 and 20 main sites, he said, which are used by terrorist groups for everything from recruitment to the distribution of violent videos of beheadings.

"[Osama] bin Laden said back in the late '90s that 90 percent of this war is information," said Bardin, founder and chief strategist for Treadstone 71, in an interview with eWEEK at the RSA Conference in San Francisco. "One social networking site has over 200,000 participants. I've had conversations where I've got over 320 different responses - a heck of a lot better than I get on a blog on CSO []."

The existence of the sites is well-known in the intelligence community, and to a certain extent they are allowed to persist as a means of tracking and monitoring terrorist activities.

"These sites are starting to get smarter - their IPs change frequently, and they've got mirror sites in Singapore and they're in all kinds of different places around the world," he said.

Ironically however, the fact that these sites are monitored does not keep terrorist groups from running full-fledged PR operations. In fact, spokesmen for the Taliban put cell phone and satellite numbers on the site where they can be reached in Afghanistan, he said.

The videos on the sites are produced online by a company called "As-Sahab Media" (As-Sahab means "the cloud" in English). Once shot, the videos make their way from hideouts to the rest of the world via a system of couriers. Some of them contain images of violence; others exhortations from terrorist leaders. Also on the sites are tools such as versions of "Mujahideen Secrets," which is used for encryption.

"It's a pretty solid tool; it's not so much that the tool is so much different from the new PGP-type [tool], but the fact is they built it from scratch, which shows a very mature software development lifecycle," he said.

While he said that the United States would have to worry about al Qaeda from a cyber-warfare perspective, it would be a mistake to underestimate their technical capabilities.

"They may have capabilities to do some low-level hacking, some spot hacking," he said. "It's just amazing how many people are involved in's going to make it much more difficult to try and target. You can't profile anymore."