Tuesday, October 09, 2007

Al Qaida Goes Dark?

"Official" Washington--including the intelligence community--is engaged in the usual round of finger-pointing and denials, amid charges of an apparent "leak" over the recently-released Al Qaida propaganda tape featuring Osama bin Laden.

At issue is who disclosed the tape's existence--a full four days before its scheduled release--and the impact of that disclosure on our ability to penetrate Al Qaida communications. According to experts interviewed by Eli Lake of the New York Sun, the tape report caused the terrorist group's internal communications system to "go dark" within hours of the disclosure. That blunder shut down a valuable window into the group's internal operations, denying potentially valuable information to intelligence and law enforcement officials.

Reports about a new bin Laden video--his first in three years--first appeared on the ABC News website on 7 September. The ABC story contained quotes from bin Laden's "speech," which was scheduled for release the following Tuesday, the sixth anniversary of the 9-11 attacks. Early intercept of the terror leader's video was initially hailed as an intelligence victory, demonstrating an improved ability to monitor Al Qaida communications.

But the ABC report--and subsequent coverage by other media outlets--prompted a security crackdown by the terror group. Realizing that their network (known among intelligence analysts as Obelisk) had been compromised, Al Qaida security teams wasted no time in taking the system off-line. As Mr. Lake reports:

One intelligence officer who requested anonymity said in an interview last week that the intelligence community watched in real time the shutdown of the Obelisk system. America's Obelisk watchers even saw the order to shut down the system delivered from Qaeda's internal security to a team of technical workers in Malaysia. That was the last internal message America's intelligence community saw. "We saw the whole thing shut down because of this leak," the official said. "We lost an important keyhole into the enemy."

So, who tipped off the media? Rita Katz, head of the SITE Intelligence Group, which monitors jihadist websites for subscribers, blames the Bush Administration. Ms. Katz says that she personally provided the video to the Deputy Director of the National Counterterrorism Center (NCTC), Michael Leiter, on 7 September, with a request to keep the information secret. According to Ms. Katz, an investigation into who downloaded the video indicated that several computers had IP addresses registered to government agencies.

Spokesmen for both the NCTC and the Director of National Intelligence (DNI) deny that their organizations were responsible for the leak. At this point, it's unclear if there will be a formal investigation into the incident, since the information was provided by a private intelligence firm, and available on the "open" internet, although some of the Al Qaida sites were supposedly secure, and others were "Trojan Horse" operations, concealing terrorist communications in sites established for other purposes.

While Ms. Katz is rightfully upset, she made a fateful mistake by trusting an intelligence community that leaks like a sieve and is always looking for plausible cover to protect its own collection efforts. By providing the video to the government, she gave the spooks a chance to claim victory, without affecting the sources and methods that likely yielded the tape. Readers will note that various government spokesmen never confirmed that Ms. Katz and her firm were the first to discover the video. It's a given that the intel community was already aware of the production, and looking for a way to publicize their "coup" without compromising its collection techniques. Enter Ms. Katz.

Fact is, the intel community knows far more about Al Qaida communications than most people realize--and that fact isn't widely publicized, for obvious reasons. But that depth of understanding does surface from time-to-time, particularly when a major terror plot is foiled. For example, DNI Mike McConnell recently told the Senate Homeland Security Committee that "wiretaps" (a euphemism for tailored signals intelligence collection and analysis) "contributed significantly" to the recent arrest of terror suspects in Germany and Denmark. An anonymous government official subsequently told The New York Times that Admiral McConnell "might have misspoken," suggesting that the DNI revealed a bit too much in his public testimony.

While the nation's intel apparatus is certainly capable of gross buffoonery, it's unlikely that any mid or high-level official would be willing to "blow" Obelisk unless they had other, better means for accessing Al Qaida communications--avenues that wouldn't be compromised by media coverage of the bin Laden video. Presumably, those 'access points" are still available and producing valuable intelligence--as evidenced by last month's arrests in Europe.

Meanwhile, Ms. Katz and her organization learned a couple of hard lessons. First, don't always assume you know more than the folks at Ft. Meade, who still have tools and methods that are unavailable to commercial intel firms. Secondly, be careful entrusting proprietary information to intel and security bureaucrats, who will gladly use private data to cover their own work, even if it means compromising your sources in the process.


DebbieKinIL said...

I hope this incident doesn't stop SITE from providing intel to NCTC. Surely, Katz has someone that they CAN trust there.. or maybe they should find someone.

My question, where is the "new" Obelisk network? Was the shut down a cover up for the start up for the new one?

The "net" is too valuable a communication tool, not to be still used by our enimies.

BTW- How about the systems for other "unfriendlies" out there?
Will they go dark, change or tighten up from this or did they do it on Sept 7th?

Damn our country's commitment to the unOfficial right to "KNOW everything" about "Everything"!! We're so stupid at times with this kind of thing, because we MUST KNOW everything immediately!!!

Psstt.. I want to tell you a secret now-LOL!

George Smiley said...

Debbie--You raise some interesting points. First, there is likely a relationship between various intel agencies and open-source intel (OSINT) providers. Some of the private firms are quite adept at monitoring the jihadist websites/chat rooms, and they can provide useful information. However, even the best "private" companies don't have the resources/tools of the National Security Agency, and those programs--many run at the SAR/SAP level--are not shared with the commercial providers.

As far as the "new" Obelisk, it will emerge over time. And, quite frankly, it's doubtful that Obelisk was the only major comm network for Al Qaida--it was simply the one that firms like SITE were most familiar with, and had some success in penetrating. I'm guessing that the "wiretaps" that led to the arrests in Germany and Denmark came from other sources/networks outside Obelisk.

Put another way, Obelisk was (roughly) the equivalent of NIPRNET, the unclassified computer network of DoD and some intel organizations. If you can hack into NIPRNET, you'd find some interesting e-mails and lots of administrivia, but you wouldn't find sensitive or classified info--that's reserved for SIPRNET and JWICS, which handle SECRET and TS/SCI traffic, respectively.

Likewise, I'm guessing that Al Qaida has more "clandestine" sites for its sensitive, web-based traffic. Those are the arenas where we target our most sensitive collection programs/assets.

Obelisk was useful, and it's casual disclosure should have been avoided. It will almost certainly cause the terrorists to tighten their computer security, and the "cueing" that Obelisk provided will be lost, at least temporarily. Under that system, items of interest from Obelisk probably prompted the spooks to look at more sensitive sources, and glean other critical details.

Finally, I agree with your assertion: a democracy must have secrets, and the public doesn't have a right to know everything.

Unknown said...

I call BS and think that disclosure was intentional. Now this company is using it to get publicity.
Then again, I seem to be one of the few civilians who think OBL has been dead for years now. Where'd I put that tin foil hat?

Hans Wall said...

I'll second the notion of OBL being dead. He seems to pop up at (for Bushco) convenient moments reminding me of Emmanuel Goldstein in George Orwell's novel nineteen-eighty four.

There are serious doubts about the veracity of all OBL video and audio tapes since October 2001. About the last tape: The language seems to imitate leftist arguments and the tape includes a recommendation to read Noam Chomsky and Michael Scheuer. This is pretty outlandish and supports the view the tape being just another CIA psyops product. Possibly this explains also the video being 'discovered' before it was posted.

Otter said...

hans, there is a 'wall' between the facts and your mind, apparently. Sort of like the Gorelick Wall that helped set up 9-11 in the first place.

Unknown said...

Just to clarify my Bin Laden comment. The reason that I believe he is dead but the fact is not made public is because I believe that he had MANY sleepers in place with orders to carry out attacks upon his death.