Entries Tagged "al Qaeda"

Page 6 of 7

Modern-Day Revenge

Mad at someone? Turn him in as a terrorist:

A man in Sweden who was angry with his daughter’s husband has been charged with libel for telling the FBI that the son-in-law had links to al-Qaeda, Swedish media reported on Friday.

The man, who admitted sending the email, said he did not think the US authorities would stupid enough to believe him.

The 40-year-old son-in-law and his wife were in the process of divorcing when the husband had to travel to the United States for business.

The wife didn’t want him to travel since she was sick and wanted him to help care for their children, regional daily Sydsvenska Dagbladet said without disclosing the couple’s names.

When the husband refused to stay home, his father-in-law wrote an email to the FBI saying the son-in-law had links to al-Qaeda in Sweden and that he was travelling to the US to meet his contacts.

He provided information on the flight number and date of arrival in the US.

The son-in-law was arrested upon landing in Florida. He was placed in handcuffs, interrogated and placed in a cell for 11 hours before being put on a flight back to Europe, the paper said.

EDITED TO ADD (11/6): Businesses do this too:

In May 2005 Jet’s application for a licence to fly to America was held up after a firm based in Maryland, also called Jet Airways, accused Mr Goyal’s company of being a money-laundering outfit for al-Qaeda. Mr Goyal says some of his local competitors were behind the claim, which was later withdrawn.

Posted on November 6, 2007 at 6:41 AMView Comments

More on the German Terrorist Plot

This article is a detailed writeup of the actual investigation. While it seems that intercepted emails were instrumental at several points during the investigation, the article doesn’t explain whether the intercepts were the result of some of the wholesale eavesdropping programs or specifically obtained for this case.

The US intelligence agencies, the NSA and CIA, provided the most important information: copies of messages between German Islamists and their contacts in Pakistan. Three people in Germany were apparently the ones maintaining contact. The first was a man with the pseudonym “Muaz,” who investigators suspected was Islamist Attila S., 22. The second was a man named “Zafer,” from the town of Neunkirchen, who they believed was Zafer S., an old friend of Daniel S., one of the three men arrested last week. According to his father, Hizir S., Zafer is currently attending a language course in Istanbul. The third name that kept reappearing in the emails the NSA intercepted was “Abdul Malik,” a.k.a. Fritz Gelowicz, who prosecutors believe was the ringleader of the German cell, a man Deputy Secretary Hanning calls “cold-blooded and full of hate.”

[…]

While at the Pakistani camp in the spring of 2006, Adem Y. and Gelowicz probably discussed ways to secretly deliver messages from Pakistan to Germany. They used a Yahoo mailbox, but instead of sending messages directly, they would store them in a draft folder through which their fellow Islamists could then access the messages. But it turned out that the method they hit upon had long been known as an al-Qaida ploy. The CIA, NSA and BKA had no trouble monitoring the group’s communications. Two men who went by the aliases “Sule” or “Suley” and “Jaf” kept up the contact from the IJU side.

This is also interesting, given the many discussions on this blog and elsewhere about stopping people watching and photographing potential terrorist targets:

Early in the evening of Dec. 31, 2006, a car containing several passengers drove silently past the Hutier Barracks in Lamboy, a section of the western German city of Hanau. Hanau is known as the home of a major US military base, where thousands of US soldiers live and routinely look forward to celebrating New Year’s Eve in their home away from home. The BfV’s observation team later noted that the car drove back and forth in front of the barracks several times. When German agents finally stopped the car, they discovered that the passengers were Fritz Gelowicz, Attila S. from the southern city of Ulm, Ayhan T. from Langen near Frankfurt and Dana B., a German of Iranian descent from Frankfurt who, when asked what he and the others were doing there, claimed that they had just wanted to see “how the Americans celebrate New Year’s Eve.”

Posted on September 21, 2007 at 4:00 AMView Comments

APEC Conference in Sydney Social Engineered

The APEC conference is a big deal in Australia right now, and the security is serious. They’ve blocked off a major part of Sydney, implemented special APEC laws allowing extra search powers for the police, and even given everyone in Sydney the day off — just to keep people away.

Yesterday, a TV comedy team succeeded in driving a fake motorcade with Canadian flags right through all the security barriers and weren’t stopped until right outside President Bush’s hotel. Inside their motorcade was someone dressed up as Osama Bin Laden.

Excellent.

Most excellent:

The ABC later released a statement saying the team had no intention of entering a restricted zone and had been wearing mock “insecurity passes” that stated the convoy was a joke.

“It was a piece testing APEC security and the motorcade looked pretty authentic,” the Chaser source said.

“They approached the green zone, and they just waved them through ­ much to their amazement, because the sketch was meant to stop there with them being rejected.

“They were then waved through into the red zone, but rather than go all the way through they made the call to turn around.”

“Apparently that was the first time the police realised it was not authentic and they swooped in and arrested everybody.”

Eight members of the comedy team, including the film crew, were arrested, as well as three hire car drivers.

The fake motorcade ­ three cars and a motorcycle escort ­had Canadian identification.

“We just thought Canada would be a country the cops wouldn’t scrutinise too closely,” said Chaser performer Chris Taylor.

Another article.

I’ve written about these large-scale social engineering pranks before (although at this point I doubt that the Super Bowl prank was real). The trick: look like you fit in.

I’ve also written about the Australian comedy group before. They’re from a television show called The Chaser’s War on Everyhing, and they’ve tested security cameras and Trojan horses. And interviewed ignorant Americans.

And APEC security is over-the-top stupid:

On the same day police won a court battle to stop protesters marching down George Street through the APEC security zone, it emerged yesterday that at least one cafe near George Bush’s hotel has been ordered by police not to set outdoor tables with silverware, lest it fall into the wrong hands.

And office workers in Bridge Street’s AMP tower have been told to stay away from the windows, draw the blinds and not to look at helicopters.

EDITED TO ADD (9/7): Video of the motorcade and the arrests. Photo of the fake security pass.

Great video from The Chasers on APEC and security, including some very funny footage about what normal people are willing to do and have done to them in the name of security.

Posted on September 7, 2007 at 1:53 AMView Comments

Vague Threat Prompts Overreaction

It reads like a hoax:

The Police Department set up checkpoints yesterday in Lower Manhattan and increased security after learning of a vague threat of a radiological attack here.

[…]

The police learned about the threat through an item on the Web site debka.com — a site that Mr. Browne said was believed to have Israeli intelligence and military sources — that said that Qaeda operatives were planning to detonate a truck filled with radiological material in New York, Los Angeles or Miami. Officials say the Web site carries reports that are often wrong, but occasionally right.

Occasionally right? Which U.S. terrorist attack did it predict?

Come on, people: refuse to be terrorized.

Posted on August 16, 2007 at 6:04 AMView Comments

Correspondent Inference Theory

Two people are sitting in a room together: an experimenter and a subject. The experimenter gets up and closes the door, and the room becomes quieter. The subject is likely to believe that the experimenter’s purpose in closing the door was to make the room quieter.

This is an example of correspondent inference theory. People tend to infer the motives — and also the disposition — of someone who performs an action based on the effects of his actions, and not on external or situational factors. If you see someone violently hitting someone else, you assume it’s because he wanted to — and is a violent person — and not because he’s play-acting. If you read about someone getting into a car accident, you assume it’s because he’s a bad driver and not because he was simply unlucky. And — more importantly for this column — if you read about a terrorist, you assume that terrorism is his ultimate goal.

It’s not always this easy, of course. If someone chooses to move to Seattle instead of New York, is it because of the climate, the culture or his career? Edward Jones and Keith Davis, who advanced this theory in the 1960s and 1970s, proposed a theory of “correspondence” to describe the extent to which this effect predominates. When an action has a high correspondence, people tend to infer the motives of the person directly from the action: e.g., hitting someone violently. When the action has a low correspondence, people tend to not to make the assumption: e.g., moving to Seattle.

Like most cognitive biases, correspondent inference theory makes evolutionary sense. In a world of simple actions and base motivations, it’s a good rule of thumb that allows a creature to rapidly infer the motivations of another creature. (He’s attacking me because he wants to kill me.) Even in sentient and social creatures like humans, it makes a lot of sense most of the time. If you see someone violently hitting someone else, it’s reasonable to assume that he’s a violent person. Cognitive biases aren’t bad; they’re sensible rules of thumb.

But like all cognitive biases, correspondent inference theory fails sometimes. And one place it fails pretty spectacularly is in our response to terrorism. Because terrorism often results in the horrific deaths of innocents, we mistakenly infer that the horrific deaths of innocents is the primary motivation of the terrorist, and not the means to a different end.

I found this interesting analysis in a paper by Max Abrahms in International Security. “Why Terrorism Does Not Work” (.PDF) analyzes the political motivations of 28 terrorist groups: the complete list of “foreign terrorist organizations” designated by the U.S. Department of State since 2001. He lists 42 policy objectives of those groups, and found that they only achieved them 7 percent of the time.

According to the data, terrorism is more likely to work if 1) the terrorists attack military targets more often than civilian ones, and 2) if they have minimalist goals like evicting a foreign power from their country or winning control of a piece of territory, rather than maximalist objectives like establishing a new political system in the country or annihilating another nation. But even so, terrorism is a pretty ineffective means of influencing policy.

There’s a lot to quibble about in Abrahms’ methodology, but he seems to be erring on the side of crediting terrorist groups with success. (Hezbollah’s objectives of expelling both peacekeepers and Israel out of Lebanon counts as a success, but so does the “limited success” by the Tamil Tigers of establishing a Tamil state.) Still, he provides good data to support what was until recently common knowledge: Terrorism doesn’t work.

This is all interesting stuff, and I recommend that you read the paper for yourself. But to me, the most insightful part is when Abrahms uses correspondent inference theory to explain why terrorist groups that primarily attack civilians do not achieve their policy goals, even if they are minimalist. Abrahms writes:

The theory posited here is that terrorist groups that target civilians are unable to coerce policy change because terrorism has an extremely high correspondence. Countries believe that their civilian populations are attacked not because the terrorist group is protesting unfavorable external conditions such as territorial occupation or poverty. Rather, target countries infer the short-term consequences of terrorism — the deaths of innocent civilians, mass fear, loss of confidence in the government to offer protection, economic contraction, and the inevitable erosion of civil liberties — (are) the objects of the terrorist groups. In short, target countries view the negative consequences of terrorist attacks on their societies and political systems as evidence that the terrorists want them destroyed. Target countries are understandably skeptical that making concessions will placate terrorist groups believed to be motivated by these maximalist objectives.

In other words, terrorism doesn’t work, because it makes people less likely to acquiesce to the terrorists’ demands, no matter how limited they might be. The reaction to terrorism has an effect completely opposite to what the terrorists want; people simply don’t believe those limited demands are the actual demands.

This theory explains, with a clarity I have never seen before, why so many people make the bizarre claim that al Qaeda terrorism — or Islamic terrorism in general — is “different”: that while other terrorist groups might have policy objectives, al Qaeda’s primary motivation is to kill us all. This is something we have heard from President Bush again and again — Abrahms has a page of examples in the paper — and is a rhetorical staple in the debate. (You can see a lot of it in the comments to this previous essay.)

In fact, Bin Laden’s policy objectives have been surprisingly consistent. Abrahms lists four; here are six from former CIA analyst Michael Scheuer’s book Imperial Hubris:

  1. End U.S. support of Israel
  2. Force American troops out of the Middle East, particularly Saudi Arabia
  3. End the U.S. occupation of Afghanistan and (subsequently) Iraq
  4. End U.S. support of other countries’ anti-Muslim policies
  5. End U.S. pressure on Arab oil companies to keep prices low
  6. End U.S. support for “illegitimate” (i.e. moderate) Arab governments, like Pakistan

Although Bin Laden has complained that Americans have completely misunderstood the reason behind the 9/11 attacks, correspondent inference theory postulates that he’s not going to convince people. Terrorism, and 9/11 in particular, has such a high correspondence that people use the effects of the attacks to infer the terrorists’ motives. In other words, since Bin Laden caused the death of a couple of thousand people in the 9/11 attacks, people assume that must have been his actual goal, and he’s just giving lip service to what he claims are his goals. Even Bin Laden’s actual objectives are ignored as people focus on the deaths, the destruction and the economic impact.

Perversely, Bush’s misinterpretation of terrorists’ motives actually helps prevent them from achieving their goals.

None of this is meant to either excuse or justify terrorism. In fact, it does the exact opposite, by demonstrating why terrorism doesn’t work as a tool of persuasion and policy change. But we’re more effective at fighting terrorism if we understand that it is a means to an end and not an end in itself; it requires us to understand the true motivations of the terrorists and not just their particular tactics. And the more our own cognitive biases cloud that understanding, the more we mischaracterize the threat and make bad security trade-offs.

This is my 46th essay for Wired.com, based on a paper I blogged about last week (there are a lot of good comments to that blog post).

Posted on July 12, 2007 at 12:59 PMView Comments

Tactics, Targets, and Objectives

If you encounter an aggressive lion, stare him down. But not a leopard; avoid his gaze at all costs. In both cases, back away slowly; don’t run. If you stumble on a pack of hyenas, run and climb a tree; hyenas can’t climb trees. But don’t do that if you’re being chased by an elephant; he’ll just knock the tree down. Stand still until he forgets about you.

I spent the last few days on safari in a South African game park, and this was just some of the security advice we were all given. What’s interesting about this advice is how well-defined it is. The defenses might not be terribly effective — you still might get eaten, gored or trampled — but they’re your best hope. Doing something else isn’t advised, because animals do the same things over and over again. These are security countermeasures against specific tactics.

Lions and leopards learn tactics that work for them, and I was taught tactics to defend myself. Humans are intelligent, and that means we are more adaptable than animals. But we’re also, generally speaking, lazy and stupid; and, like a lion or hyena, we will repeat tactics that work. Pickpockets use the same tricks over and over again. So do phishers, and school shooters. If improvised explosive devices didn’t work often enough, Iraqi insurgents would do something else.

So security against people generally focuses on tactics as well.

A friend of mine recently asked me where she should hide her jewelry in her apartment, so that burglars wouldn’t find it. Burglars tend to look in the same places all the time — dresser tops, night tables, dresser drawers, bathroom counters — so hiding valuables somewhere else is more likely to be effective, especially against a burglar who is pressed for time. Leave decoy cash and jewelry in an obvious place so a burglar will think he’s found your stash and then leave. Again, there’s no guarantee of success, but it’s your best hope.

The key to these countermeasures is to find the pattern: the common attack tactic that is worth defending against. That takes data. A single instance of an attack that didn’t work — liquid bombs, shoe bombs — or one instance that did — 9/11 — is not a pattern. Implementing defensive tactics against them is the same as my safari guide saying: “We’ve only ever heard of one tourist encountering a lion. He stared it down and survived. Another tourist tried the same thing with a leopard, and he got eaten. So when you see a lion….” The advice I was given was based on thousands of years of collective wisdom from people encountering African animals again and again.

Compare this with the Transportation Security Administration’s approach. With every unique threat, TSA implements a countermeasure with no basis to say that it helps, or that the threat will ever recur.

Furthermore, human attackers can adapt more quickly than lions. A lion won’t learn that he should ignore people who stare him down, and eat them anyway. But people will learn. Burglars now know the common “secret” places people hide their valuables — the toilet, cereal boxes, the refrigerator and freezer, the medicine cabinet, under the bed — and look there. I told my friend to find a different secret place, and to put decoy valuables in a more obvious place.

This is the arms race of security. Common attack tactics result in common countermeasures. Eventually, those countermeasures will be evaded and new attack tactics developed. These, in turn, require new countermeasures. You can easily see this in the constant arms race that is credit card fraud, ATM fraud or automobile theft.

The result of these tactic-specific security countermeasures is to make the attacker go elsewhere. For the most part, the attacker doesn’t particularly care about the target. Lions don’t care who or what they eat; to a lion, you’re just a conveniently packaged bag of protein. Burglars don’t care which house they rob, and terrorists don’t care who they kill. If your countermeasure makes the lion attack an impala instead of you, or if your burglar alarm makes the burglar rob the house next door instead of yours, that’s a win for you.

Tactics matter less if the attacker is after you personally. If, for example, you have a priceless painting hanging in your living room and the burglar knows it, he’s not going to rob the house next door instead — even if you have a burglar alarm. He’s going to figure out how to defeat your system. Or he’ll stop you at gunpoint and force you to open the door. Or he’ll pose as an air-conditioner repairman. What matters is the target, and a good attacker will consider a variety of tactics to reach his target.

This approach requires a different kind of countermeasure, but it’s still well-understood in the security world. For people, it’s what alarm companies, insurance companies and bodyguards specialize in. President Bush needs a different level of protection against targeted attacks than Bill Gates does, and I need a different level of protection than either of them. It would be foolish of me to hire bodyguards in case someone was targeting me for robbery or kidnapping. Yes, I would be more secure, but it’s not a good security trade-off.

Al-Qaida terrorism is different yet again. The goal is to terrorize. It doesn’t care about the target, but it doesn’t have any pattern of tactic, either. Given that, the best way to spend our counterterrorism dollar is on intelligence, investigation and emergency response. And to refuse to be terrorized.

These measures are effective because they don’t assume any particular tactic, and they don’t assume any particular target. We should only apply specific countermeasures when the cost-benefit ratio makes sense (reinforcing airplane cockpit doors) or when a specific tactic is repeatedly observed (lions attacking people who don’t stare them down). Otherwise, general countermeasures are far more effective a defense.

This essay originally appeared on Wired.com.

EDITED TO ADD (6/14): Learning behavior in tigers.

Posted on May 31, 2007 at 6:11 AMView Comments

Al-Qaeda or Teens?

From The Onion:

“In this day and age, it’s important for law-enforcement officials to consider global threats as well as local ones,” Steinhorst said. “We could be dealing with an al-Qaeda sleeper cell attempting to collect information that they could use to plan a terrorist strike or some of those goth kids who knocked over that mailbox. Neither group has any respect for the law.”

Excellent parody.

Posted on March 28, 2007 at 3:45 PMView Comments

Copycats

It’s called “splash-and-grab,” and it’s a new way to rob convenience stores. Two guys walk into a store, and one comes up to the counter with a cup of hot coffee or cocoa. He pays for it, and when the clerk opens the cash drawer, he throws the coffee in the clerk’s face. The other one grabs the cash drawer, and they both run.

Crimes never change, but tactics do. This tactic is new; someone just invented it. But now that it’s in the news, copycats are repeating the trick. There have been at least 19 such robberies in Delaware, Pennsylvania and New Jersey. (Some arrests have been made since then.)

Here’s another example: On Nov. 24, 1971, someone with the alias Dan Cooper invented a new way to hijack an aircraft. Claiming he had a bomb, he forced a plane to land and then exchanged the passengers and flight attendants for $200,000 and four parachutes. (I leave it as an exercise for the reader to explain why asking for more than one parachute is critical to the plan’s success.) Taking off again, he told the pilots to fly to 10,000 feet. He then lowered the plane’s back stairs and parachuted away. He was never caught, and the FBI still doesn’t know who he is or whether he survived.

After this story hit the press, there was an epidemic of copycat attacks. In 31 hijackings the following year, half of the hijackers demanded parachutes. It got so bad that the FAA required Boeing to install a special latch — the Cooper Vane — on the back staircases of its 727s so they couldn’t be lowered in the air.

The internet is filled with copycats. Green-card lawyers invented spam; now everyone does it. Other people invented phishing, pharming, spear phishing. The virus, the worm, the Trojan: It’s hard to believe that these ubiquitous internet attack tactics were, until comparatively recently, tactics that no one had thought of.

Most attackers are copycats. They aren’t clever enough to invent a new way to rob a convenience store, use the web to steal money, or hijack an airplane. They try the same attacks again and again, or read about a new attack in the newspaper and decide they can try it, too.

In combating threats, it makes sense to focus on copycats when there is a population of people already willing to commit the crime, who will migrate to a new tactic once it has been demonstrated to be successful. In instances where there aren’t many attacks or attackers, and they’re smarter — al-Qaida-style terrorism comes to mind — focusing on copycats is less effective because the bad guys will respond by modifying their attacks accordingly.

Compare that to suicide bombings in Israel, which are mostly copycat attacks. The authorities basically know what a suicide bombing looks like, and do a pretty good job defending against the particular tactics they tend to see again and again. It’s still an arms race, but there is a lot of security gained by defending against copycats.

But even so, it’s important to understand which aspect of the crime will be adopted by copycats. Splash-and-grab crimes have nothing to do with convenience stores; copycats can target any store where hot coffee is easily available and there is only one clerk on duty. And the tactic doesn’t necessarily need coffee; one copycat used bleach. The new idea is to throw something painful and damaging in a clerk’s face, grab the valuables and run.

Similarly, when a suicide bomber blows up a restaurant in Israel, the authorities don’t automatically assume the copycats will attack other restaurants. They focus on the particulars of the bomb, the triggering mechanism and the way the bomber arrived at his target. Those are the tactics that copycats will repeat. The next target may be a theater or a hotel or any other crowded location.

The lesson for counterterrorism in America: Stay flexible. We’re not threatened by a bunch of copycats, so we’re best off expending effort on security measures that will work regardless of the tactics or the targets: intelligence, investigation and emergency response. By focusing too much on specifics — what the terrorists did last time — we’re wasting valuable resources that could be used to keep us safer.

This essay originally appeared on Wired.com.

Posted on March 8, 2007 at 3:23 PMView Comments

Canadian Anti-Terrorism Law News

Big news:

The court said the men, who are accused of having ties to al-Qaeda, have the right to see and respond to evidence against them. It pointed to a law in Britain that allows special advocates or lawyers to see sensitive intelligence material, but not share details with their clients.

In its ruling, the court said while it’s important to protect Canada’s national security, the government can do more to protect individual rights.

But the court suspended the judgment from taking legal effect for a year, giving Parliament time to write a new law complying with constitutional principles.

Critics have long denounced the certificates, which can lead to deportation of non-citizens on the basis of secret intelligence presented to a Federal Court judge at closed-door hearings.

Those who fight the allegations can spend years in jail while the case works its way through the legal system. In the end, they can sometimes face removal to countries with a track record of torture, say critics.

And that’s not the only piece of good news from Canada. Two provisions from an anti-terrorism law passed at the end of 2001 were due to expire at the end of February. The House of Commons has voted against extending them:

One of the anti-terrorism measures allows police to arrest suspects without a warrant and detain them for three days without charges, provided police believe a terrorist act may be committed. The other measure allows judges to compel witnesses to testify in secret about past associations or pending acts. The witnesses could go to jail if they don’t comply.

The two measures, introduced by a previous Liberal government in 2001, have never been used.

“These two provisions especially have done nothing to fight against terrorism,” Dion said Tuesday. “[They] have not been helpful and have continued to create some risk for civil liberties.”

Another article here.

Posted on March 2, 2007 at 6:54 AMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.