[AfrICANN-discuss] US seeks terrorists in web worlds

Anne-Rachel Inné annerachel at gmail.com
Tue Mar 4 15:19:04 SAST 2008

US seeks terrorists in web worlds
By Chris Vallance
Reporter, BBC iPM

The US government has begun a project to develop ways to spot
terrorists who are using virtual worlds.

Codenamed Reynard it aims to recognise "normal" behaviour in online
worlds and home in on anomalous activity.

It is likely to develop tools and techniques for intelligence officers
who are hunting terrorists and terror groups on the net or in virtual

The project was welcomed by experts tracking terror groups using the
net to organise or carry out attacks.

Growing threat

Brief details about Reynard came to light in a report sent to the US
Congress by the Office of the Director of National Intelligence (ODNI)
- which co-ordinates the work of US intelligence agencies.

	We can see groups emerging in cyber spaces and virtual communities
that would be wholly virtual
Roderick Jones, Concentric Solutions
In that report, which talked about the data mining efforts undertaken
by the ODNI, Reynard was described as: "a seedling effort to study the
emerging phenomenon of social (particularly terrorist) dynamics in
virtual worlds and large-scale online games and their implications for
the intelligence community".

Using publicly available data Reynard researchers will carry out
observational studies to establish "baseline normative behaviors".

Once these are identified, Reynard will "then apply the lessons
learned to determine the feasibility of automatically detecting
suspicious behavior and actions in the virtual world".

"It's a positive step," said Andrew Cochran, founder and co-chairman
of the Counterterrorism Foundation. "For a number of years we were
behind in chasing jihadists' presence on the net and detecting it."

"That's a very sensible step at the moment," said Roderick Jones, a
vice president of Concentric Solutions and a former special branch
officer. "Just to feel their way around them and work out what new
intelligence collection methods might be required to deal with this
threat, because you won't be able to use traditional law enforcement

New worlds

A senior intelligence officer at the ODNI said Reynard was in its very
early stages and it was too soon to say which online worlds it would
be studying. He added that any work on it would be purely for research
rather than "operational" purposes.

"I think its highly unlikely terrorists would use things like Second
Life or World of Warcraft as they do not have the necessary security,"
said Mr Jones.

"Terrorist use of the internet at the moment relies on password
protected forums," he added.

Said Mr Cochran: "All of the major terrorist treatises have been
distributed through the internet so taking it to a virtual world with
multi-player role games is really an easy step."

It was inevitable that terror groups would make greater use of the
internet and the possibilities that virtual spaces offered them, said
Mr Jones.

"There's more a chance of things like Jihad worlds coming online in
the next five years I think," he said.

The visual richness of virtual worlds made them good places to educate
recruits about techniques, said Mr Jones.

Attack pattern

"We can see groups emerging in cyber spaces and virtual communities
that would be wholly virtual," he said. "They would organise and
radicalise in virtual worlds and attack using cyber methods without
becoming a real world presence in any real way."

Many groups were likely to use the expertise and skills they learn in
virtual worlds to target key net systems.

Ken Silva, chief technology officer for Verisign which oversees some
of the net's core address books, said such an attack could be

"We see a continuing growth in the amount of horsepower in the attacks
that are directed at infrastructure servers," said Mr Silva.

"We are seeing a large shift from attacks that are directed at
individual websites," he said. "The sophistication is getting a little
smarter and they are attacking the infrastructure pieces behind
them..., which is typically in most production environments the least
invested in."

Some of the basic systems of the net, such as the Border Gateway
Protocol (BGP) which helps data reach its intended destination, were
open to attack.

An accidental misconfiguration of BGP in some routers in Pakistan
caused the recent problems with YouTube which left many people unable
to reach the video site.

"BGP is essentially a relatively unprotected protocol and is seriously
vulnerable to disruption," he said. "Should that happen, it could take
a very long time to correct that situation."

"This has to be fought at every level," he said.

Story from BBC NEWS:

Published: 2008/03/03 11:32:50 GMT


More information about the AfrICANN mailing list