Schneier on Security
A blog covering security and security technology.
« Quasar Encryption |
| MySpace Used as Forensics Tool »
March 28, 2006
Al Qaeda Hacker Captured
Irhabi 007 has been captured.
For almost two years, intelligence services around the world tried to uncover the identity of an Internet hacker who had become a key conduit for al-Qaeda. The savvy, English-speaking, presumably young webmaster taunted his pursuers, calling himself Irhabi -- Terrorist -- 007. He hacked into American university computers, propagandized for the Iraq insurgents led by Abu Musab al-Zarqawi and taught other online jihadists how to wield their computers for the cause.
Assuming the British authorities are to be believed, he definitely was a terrorist:
Suddenly last fall, Irhabi 007 disappeared from the message boards. The postings ended after Scotland Yard arrested a 22-year-old West Londoner, Younis Tsouli, suspected of participating in an alleged bomb plot. In November, British authorities brought a range of charges against him related to that plot. Only later, according to our sources familiar with the British probe, was Tsouli's other suspected identity revealed. British investigators eventually confirmed to us that they believe he is Irhabi 007.
Tsouli has been charged with eight offenses including conspiracy to murder, conspiracy to cause an explosion, conspiracy to cause a public nuisance, conspiracy to obtain money by deception and offences relating to the possession of articles for terrorist purposes and fundraising.
Okay. So he was a terrorist. And he used the Internet, both as a communication tool and to break into networks. But this does not make him a cyberterrorist.
Interesting article, though.
Here's the Slashdot thread on the topic.
Posted on March 28, 2006 at 7:27 AM
• 18 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Interestingly his capture was as a result of his realworld activities ... had he remained strictly in his hacker functionality he might still be out there.
"But this does not make him a cyberterrorist."
No more than labeling someone who damages my recyle bin an eco-terrorist. :-)
No real legal foundation has been laid yet on what can be done to people like this, at least not in the US. There are so many vague laws and foggy interpretations that you just don't know until someone has taken that path. It will be interesting to see how the Brits handle this one.
"conspiracy to obtain money by deception
Was he a car salesman too Bruce?"
Yeah, I noticed the piling-on of charges.
As long as the terrorist didn't learn how to "reply to all" from him freedom might still be safe.
"There was this Irish guy I read about who could make bombs out of Bisquick."
Well, my SO can do the same thing -- which is why I try to keep her *out* of the kitchen ;-)
If I recall from the article, there was some hard evidence of an interest in explosives, by that I mean some things that the police said were attempts at making explosives.
"The postings ended after Scotland Yard arrested a 22-year-old West Londoner, Younis Tsouli, suspected of participating in an alleged bomb plot." is the worst kind of circumstantial 'evidence'.
I guess this is just yet another of the many, many cases where the police have the media report the arrest, rather than the conviction, and We the People forgot to go to Civics classes where they teach that someone is innocent until convicted by a Court of Law.
It's a strange kind of System of Law that gets its results by dodgey publicity moreso than actual Acts of Justice. When in doubt, FUD it out, right?
Why do you write: "this does not make him a cyberterrorist"? Agreed but there is no mention of that term in the article.
Are you just trying to make the point that terrorism+Internet≠cyberterrorism?
One of the interesting things with the case is the hacker's own choice to use a "terrorist" reference in his "Irhabi 007" handle. Sometimes, the nickname one chooses can come back and cause problems later.
I think of 2600's editor's handle, Emmanuel Goldstein, and how it well chosen. The name comes Orwell's 1984, from a character deemed by Big Brother as an enemy of the state. Sounds like a real name and has a literary connection.
By the way, as I am looking for other articles about the Irhabi 007 matter, I came across some interesting observations on the Internet Haganah site. http://www.internet-haganah.co.il/harchives/...
The second document mentions the charges against Younis Tsouli (Irhabi 007) and two other men. For Tsouli, the charges were:
* he had in his bedroom a video, on a computer hard drive, showing how to make a car bomb
* he possessed a video, on a hard drive, showing a number of places in Washington DC and including a CRBN (chemical, radiological, biological and nuclear) vehicle.
* before October 31 this year he, with Mughal and others, conspired together to murder a person unknown
* he "unlawfully and maliciously" conspired together with Mughal and others to cause an explosion of a nature likely to endanger life in the United Kingdom
* he conspired to dishonestly obtain property from credit cards belonging to others
I am still following numerous links and references, giving my fledging Arabic studies quite a run. (At least, I can now recognise "Irhabi" in Arabic and that's about it.) Out of curiosity, I am also trying to find the hacking guide he put online a while ago.
Well said cannedtuna, "he definitely was a terrorist" is just not sustainable, given that he's not even been tried yet. There are a great many cases in this country where the police have made a huge fanfare about arresting people, sometimes charging them - and then never say anything when the charges are dropped or a jury finds them not guilty.
"But this does not make him a cyberterrorist." it also doesn't make him a fisherman, and estate agent or a profesional darts player. Sorry Bruce, I don't get your point.
I think I remember McGyver, trying to get a mushroom cloud out of a BIC lighter, 2 C cell batteries, 3 feet of copper wire, an old bike frame and a box of Bisquick?
Those were the days.
Posted by: JD at March 28, 2006 09:59 AM
Speaking of which DHS should really be keeping tabs on that guy. No point worrying about nukes entering seaports if McGuyver has access to the contents of your broom closet.
They are, he now works for the government as part of the SG1 team
"'But this does not make him a cyberterrorist.' it also doesn't make him a fisherman, and estate agent or a profesional darts player. Sorry Bruce, I don't get your point."
It sounds like you do get my point; or, at least, one of my points. You just believe it's an obvious point. I hope you're right.
"It sounds like you do get my point; or, at least, one of my points. You just believe it's an obvious point. I hope you're right." - I still don't get your point. No one has called him a cyberterrorist, except you!
When first a man commits murder, he soon thinks nothing of causing explosions. From there it is a short step to obtaining money by deception and thence to becoming a public nusiance.
"I think I remember McGyver, trying to get a mushroom cloud out of a BIC lighter, 2 C cell batteries, 3 feet of copper wire, an old bike frame and a box of Bisquick?"
You forgot the Swiss Army knife... Mac always had one...
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.