Policing the Next Enemy: From Cyber Crime to Terrorism

By Saron Messembe Obia

The events of 9/11 exposed how globalized the world is, not only with coordinated attacks on U.S. soil, but the ability of crimes to be perpetrated from a digital device. Nonetheless, cybercriminals are increasingly linked to terrorist activities in contemporary times. As they usually engage in credit card, hacking, identity theft, and even help in terrorist propaganda and recruitment. This paper expose on some cybercriminals who later engaged in terrorist activities, but also appeals to regional and international security panels on the increasing quest for job in the domain of information and communication technology, which terrorist organization also solicit

Two African Union soldiers speak at the repatriation ceremony held at the Aden Adde International Airport for three of the fifteen people–one United Nations staff member and two contractors–who were killed when the militant group Al-Shabaab attacked the United Nations Common Compound in Mogadishu, Somalia On 20 June 2013~UN Photo by Tobin Jones

The advent of the globalization period has change the dynamics in criminal theories and patterns. Cybercriminals are increasingly adhering to jihadist tendencies, for most criminals convicted of cybercrimes explored their skills in information and communication technology to acquire stolen credit card information for terrorist financing (Gregory Crabb, 2007). It is possible that as criminals and terrorist groups explore more ways to work together, new security challenges may emerge, facilitating terrorists access to the powerful network tools now used by cybercriminals to steal personal information, or to disrupt computer systems that support services through the Internet. An example is the cyber-attack on the Nigerian Secret Service database in 2014 and the challenge of the Federal Bureau of Investigation to unlock a device used by a terrorist after perpetrating attacks in United States.

The availability of security device and software in the black market is a prerequisite for the perpetration of cybercrimes such as credit card theft, online scams or identity theft. Cybercriminals and terrorists have a great advantage to coordinate large scale attacks and crimes with the help of information and communication technologies with minimal effort such as generating funds from small value transactions in order to finance terrorist attacks (Webb & Tomalewicz, 2016). The speed and anonymity of cyber-attacks makes it distinctive among perpetrators (terrorists, criminals, and nation states). Jihadist tendencies usually require little finance, for example the United Nations evaluated London bombings in 2005 at around $14,000, while the French Finance Minister Michel Sapin evaluated that of the Paris attacks in November 2015 to approximately $32,000. Contrary to coordinated attacks of 9/11 which were reported to have cost between $400,000 and $500,000 according to the final report of the National Commission on Terrorist Attacks. There has been a large increase in the volume of cyber-attacks by organised criminal networks and the lines between organised crime and terrorist financing are becoming blurred. It’s worth noting that funds raised by supporters of Islamic State in connection with the Paris shootings in November of 2015 are related to cybercriminal schemes (Webb & Tomalewicz, 2016).

A view of the destruction of the World Trade Center site, “Ground Zero”, resulting from terrorists attacks on New York City on September 11,2001~UN Photo by Eskinder Debebe

The failure Westphalian treaty of 1648, remains one of the fundamental element of the todays new world order, in addition with technological revolution challenging international security protocols. It’s often cheap to raise funds to coordinate and attack, either by a group or individuals who purchase stolen personal identifiable information from the underground economy carrying out unauthorized transfers and credit card fraud. Hacking is another pattern used by terrorist for money (Imam Samdura of 2002 Bali bombing and book titled; Hacking, Why Not?), also unauthorised wire transfers from customer accounts has also become a new pattern to raise and move funds rapidly. Systems of financial institutions are being compromised by cybercriminals and transaction effectuated to multiple accounts, PayPal and even bitcoin, which are difficult to be detected through transaction monitoring systems; diligence of customers becomes more paramount. For example; Colleen Renee LaRose also known as Jihad Jane and Fatima LaRose, is an American citizen convicted and sentenced to 10 years for terrorism-related crimes and the use of bad cheques (Reyes, 2016).

Transnational networks like Islamic State used online technology platforms, including online money transfers and prepaid cards to transfer money into its territories, finance attacks, use prepaid credit cards to pay for apartments, transport and weapons.

The protein alliance between cybercriminals and terrorist

Rahin Ahmed case

The 2011 terrorist plot in the English city of Birmingham uncovered terrorist, Rahin Ahmed online dabbling trading, dollars and euros exchange, raised through a fraud scheme, for a coordinated terrorist attack on UK soil. His ability to engage in online forex trading illustrates the difficulty in detecting possible terrorist financing using conventional transaction monitoring. He succeeded in applying for an online account at Forex Capital Markets Ltd. by exaggerating his experience annual income and net worth. This highlights some of the security challenges in sub Saharan Africa, where biometric identification is still at infant level, merged with inadequate knowledge relating to non-conventional criminal patterns and requires the application of robust customer due diligence procedures.

The Financial Action Taskforce out pinned, Islamic State’s emergence in terrorist financing through the creation of fundraising platforms such as crowdfunding, for propaganda and appeal for support from aspirants. Some donors are usually aware of the agenda, while others are tricked into donating to what appears to be a legitimate cause. As terrorists evolving with technology new payment (Mobilemoney) and fundraising methods expose vulnerabilities in financial protocols and security infrastructures, as it can be accessed globally and anonymously. The new evolution of terrorist financing is reflection of contemporary warfare (profile of today’s terrorist) with the ages of 21 and 35 years, with tech savvy skills and able to breach systems from their homes.

Tariq al-Daour, Waseem Mughal, and Younes Tsouli case

In a congressional report on Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress in 2008 by Clay Wilson, related evidence was provided that groups of terrorists are secretly active within countries with large communication networks and computerized infrastructures, with profiled IT workforce. London police officials reportedly believe that terrorists obtained high-quality explosives used for the 2005 U.K. bombings from a criminal groups based in Eastern Europe(Walsh).

A recent trial in the U.K. revealed a significant link between Islamic terrorist groups and cybercrime. In June 2007, three British residents, Tariq al-Daour, Waseem Mughal, and Younes Tsouli, pled guilty, and were sentenced for using the Internet to commit atrocities. With the stolen credit card information via online web stores to purchase items to assist fellow jihadists in the field, such as night vision goggles, tents, global positioning satellite devices, and prepaid cell phones, and more than 250 airline tickets, with the use of 110 different stolen credit cards. They also used the stolen credit cards to register over 180 Internet web domains at 95 different web hosting companies, laundered money charged to more than 130 stolen credit cards through online gambling websites. According to Brian Krebs (2007), the trio made fraudulent charges totaling more than $3.5 million from a database containing 37,000 stolen credit card numbers, including victims account names and addresses, dates of birth, credit balances, and credit limits. It should also be noted that, cybercriminals alliance is expanding in the domain of illicit drug trafficking to support terrorist groups.

Conclusion

A research conducted by Susan W. Brenner (2007), explains complication in computer technology related to the processes of identifying internal (crime and terrorism) and external (war) threats to social order. She examines the process-attribution in two dimensions: what-attribution (what kind of attack is this?) and who-attribution (who is responsible for this attack?) considering the challenges of security agencies in relation to technological evolution, exploited by terrorist organization. Jihadists cyber crusaders use biometric identification technology, bioterrorism, cyber-attacks and ransomware on medical data to expose the vulnerablility of states in contemporary times.

According Pikowsky, the best approach in policing contemporary security challenges (terrorism, extremism, and jihadists tendencies) is the revision of law relating to national security particularly on wiretapping and interception of emails. Critical enough to understand that most terrorist are techies, who operate at different levels and with languages. Also botnet designers acquire huge capital from marketing of skills. For example, Jeanson Ancheta, a 21-year-old hacker and member of a group called the “Botmaster Underground”, reportedly made more than $100,000 from different Internet Advertising companies who paid him to download specially-designed malicious adware code onto more than 400,000 vulnerable PCs he breached in to and compromised data. He also made tens of thousands more dollars renting his 400,000-unit “botnet herd” to other companies that used them to send out spam, viruses, and other malicious code on the Internet. In 2006, Ancheta was sentenced to five years in prison (Bob Keefe, 2007).

Malicious codes are used by cybercriminals and terrorist affiliates to scan computers for sensitive data, such as name, address, place and date of birth, social security number, mother’s maiden name, and telephone number for jihadist tendencies. False identity documents are created from this data using home equipment such as a digital camera and color printer, to procure official documents like driver’s licence, birth certificates and bank statements.

In June 2006, officials from the U.S. Department of Energy acknowledged that names and personal information belonging to more than 1,500 employees of the National Nuclear Security Administration (NNSA) were compromised through a network intrusion which begun in early in 2004. The NNSA did not discover the security breach until one year after it had occurred (Dawn Onley and Patience Wait, “DOD’s Efforts to Stave off Nation-State Cyberattacks Begin with China,” Government Computer News, August 21, 2006). However, terrorist organizations like Al Qaeda continue to aspire with new security protocols with more active and sophisticated use of technology in the operations of September 11, 2001. An example is the case of an electrical engineer, Ramzi Yousef, sentenced to life imprisonment in relation to the bombing of the World Trade Center, had planned to use sophisticated electronics to detonate bombs on 12 U.S. airliners departing from Asia for the United States. His used sophisticated encryption to protect personal data and to prevent law enforcement from reading plans if captured is another critical issue which correlate with the case of San Bernardino 2015 attack which the Federal Bureau of Investigation’s security knowledge was challenged when the agency couldn’t unlock a cell phone of a terrorist.

Reference

Bob Keefe, “PC Security Still More of a Wish than a Promise,” The Atlanta Journal, February 3, 2007, p. 1A.

Brian Krebs, “Three Worked the Web to Help Terrorists,” The Washington Post, July 6, 2007, p. D01.

Clay Wilson, Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress, January 29, 2008. Order Code RL32114

David Kaplan, “Playing Offense: The Inside Story of How U.S. Terrorist Hunters Are Going after Al Qaeda,” U.S. News & World Report, June 2, 2003, pp. 19-29.

Gregory Crabb, “U.S. Postal Service Global Investigations,” and Yuval Ben-Itzhak, “CTO Finjan,” Presentation at the Gartner IT Security Summit 2007, Washington, DC, June 4,2007.

Lou Bobson, “Identity Theft Ruining Lives,” The Sunday Mail, May 20, 2007, p. 62.

Peter Bergen, “The Taliban, Regrouped and Rearmed,” The Washington Post, September 10, 2006, p. B1. Helen Cooper, “NATO Chief Says More Troops Are Needed in Afghanistan,” The New York Times, September 22, 2006, p. 10.

Reyes, N. (2016). Women and terrorism: challenging traditional gender roles. Retrieved from https://www.cpp.edu/~class/politicalscience/participate/undergraduatejournal/vol1/Reyes. pdf

Robert Windrem, “9/11 Detainee: Attack Scaled Back,” September 21, 2003, [http://www.msnbc.com/news/969759.asp].

Susan W. Brenner, At Light Speed: Attribution and Response to Cybercrime/Terrorism/Warfare, 97 J. Crim. L. & Criminology 379 (2006-2007).

Walsh, Terrorism on the Cheap. Rollie Lal, “Terrorists and Organized Crime JoinForces,” International Herald Tribune, May 25, 2005, at [http://www.iht.com/articles/2005/05/23/opinion/edlal.php]. Barbara Porter, “Forum Links Organized Crime and Terrorism,”By George! summer 2004 [http://www2.gwu.edu/~bygeorge/060804/crimeterrorism.html].

Webb, N. & Tomalewicz, S. (2016) Small Crimes Can Lead to Big Consequences: Raising Awareness of Cybercrimes and Links To Terrorism. FTI Consulting, Inc.