Failed intelligence

Print edition : November 24, 2001
How American intelligence's vast arsenal of satellites and listening centres looked for hidden high-tech messages and failed to detect Al Qaeda's plain-word codes.

THE World Trade Centre and the Pentagon were not the only institutions that were devastated on September 11: the United States' multi-billion-dollar intelligence establishment also suffered enormous damage in terms of credibility. Now, aided by espionage equipment contractors and sections of the media, the U.S. intelligence community has launched an offensive to try and save face. Its targets are advocates of Internet privacy, civil liberties groups and what little remains of the U.S. media's independence.

A leaflet the United States is dropping in Afghanistan in a bid to demoralise the Taliban. It shows pictures of Taliban leader Mullah Mohammed Omar and a licence plate that U.S. officials say belongs to his vehicle, and a warning. - U.S. DEPARTMENT OF DEFENCE/AFP

On October 4, the U.S. network television company American Broadcasting Corporation (ABC) claimed that Al Qaeda had used steganographic techniques to communicate securely in the build-up to September 11. "Western intelligence officials," it claimed, "say they have learned that instructors at Osama bin Laden's camps in remote Afghanistan train his followers in the high-tech secret-messaging technique." The technique involves inserting messages into computer graphics or music files, which can only be detected by specialised software. Steganography essentially means hiding the existence of a written message, and derives from the Greek words steganos, meaning 'hidden', and graphein, 'to write'. The use of the technology dates back to at least 480 BC, when, by the account of Herodotus, the citizens of Greece were warned of Xerxes' imminent invasion by means of a message written on wooden tablets which were then covered with wax.

The ABC report showed viewers how graphics and music files that end with the suffixes .gif, .jpg or .mp3 could contain military information and photographs. What the channel chose not to tell its viewers was that all the examples used were created not by terrorists, but by a U.S. Air Force contractor, Wetstone Technologies. Wetstone's president Chet Hosmer claimed that his S-DART steganography detection tool had discovered thousands of concealed messages among images on the Web. A Scotland-based company, Iomart, soon joined the big-claims club. On October 10, Iomart said it had been approached by the U.S. government to crack steganographic messages used by Al Qaeda. The company said it had discovered hundreds of such messages, which its spokesperson Stephen Whitelaw said had first been encrypted before they were inserted into apparently innocuous files.

There were reasons for suspicion about these claims, had the media, instead of being uncritical, chosen to look for them. ABC, for example, did not tell its viewers of Wetstone's links with the U.S. Air Force. Nor did it report later that a team of two researchers from the University of Michigan had cracked one hidden message displayed by Hosmer in less than a minute. ABC had shown Hosmer revealing a picture of a military airfield from a graphic file using a password. The password, the researchers found, was the same as the TV channel's name, ABC. The Michigan team, perhaps unsurprisingly, also found no evidence to support his claims that steganographic messages abounded on the Web.

Iomart's case was even more suspicious. The company had lost 90 per cent of its value in the 12 months before August 2001, and had reported a loss of �3 million just before the WTC bombing.

None of this stopped newspapers like The New York Times, or The Washington Post or The Times from putting out the myth of bin Laden's steganographic skills. Although there is still no evidence to suggest that those who hit the WTC used any kind of encryption, The Washington Post even reported that the inventor of the widely used free e-mail encryption software PGP, Phil Zimmermann, had been "crying every day" overwhelmed by feelings of guilt . Zimmermann later issued an angry public denial, but this did not help stem the torrent of disinformation. British Foreign Secretary Jack Straw later complained that the British Broadcasting Corporation (BBC) had been "a mouthpiece" for organisations that had forced his government to drop plans for restricting Internet user access to cryptographic tools. "We knew that terrorists were going to do this," he asserted, adding that critics who had blocked plans to allow government unrestricted access to all Internet communications would now have to regret their "two-dimensional view".

Funnily enough, the U.S. Federal Bureau of Investigation (FBI) does not seem to have an inkling about the high-tech methods used by the attackers of the WTC. Shortly after the attacks, FBI Assistant Director Ron Dick told journalists that while hundreds of e-mail messages authored by the conspirators had been discovered, these could be opened and read through conventional means. The terrorists had, instead, used innocuous words to deflect potential eavesdroppers. Bin Laden was referred to only as "the director", while the word "baby food" was used in discussions about bombs. Last year, when investigators raided an Al Qaeda safehouse in Manchester, U.K. they discovered a handbook called Military Studies in the Jihad Against the Tyrants. The book advised suicide squad members to "act, pretend and mask" themselves while operating in the West. The WTC attackers went by the book, shaving their beards, wearing Western clothes, and in some cases even drinking and hiring sex workers.

Most of the speculation on steganography was set off by the arrest of Kamel Daoudi, an alleged conspirator, by the British police in Leicester. Daoudi was promptly deported to France, where investigators claimed they had recovered an Arabic language codebook from his possession. A former French Defence Ministry official, Alexis Debat, later said the codebook was "a major breakthrough in the investigation". That, in fact, may not be the case. Unsubstantiated claims that Al Qaeda relies on high-tech have been around since at least February 2001, when the tabloid USA Today carried lurid accounts of how bin Laden had embedded "encrypted blueprints of the next terrorist attack against the United States" in pornographic photographs. The fact, however, is that no such photographs have ever been actually found.

Experts say bin Laden has good reason to avoid, not embrace, the latest technology. After the U.S.' break with bin Laden in the wake of the Gulf war, its intelligence officials studiously monitored his satellite phone communications. "They heard him talking to the Taliban about heroin exports and even monitored him talking to his mother," reported Duncan Campbell, an authority on communications intelligence issues. From 1996 to 1998, when the U.S. embassies in Dar-es-Salaam and Nairobi were bombed, bin Laden had spent almost 40 hours talking from his satellite phone number, 00-873-682505331, to a rented cellphone in London. Officials monitoring these conversations failed to guess what was to come because innocuous plain-language codes, rather than digital encryption, masked Al Qaeda's objectives. After the embassy bombings, U.S. intelligence officials tracked signals from bin Laden's phone to bomb Al Qaeda's headquarters in Afghanistan.

Although U.S. intelligence made sure bin Laden's satellite phone was not delinked, he did not log on to the service again. The codebook discovered in Leicester, many feel, most likely contains simple plain-language code of the kind used in the build-up to the embassy bombings. That has not stopped the U.S. from seeking to block, with a large degree of success, the re-broadcasting of bin Laden statements put out by the United Arab Emirates-based channel al-Jazeera. U.S. officials claim that such broadcasts could contain coded messages. Experts like Campbell, who authored a path-breaking report on the U.S.-controlled communications intelligence system Echelon for the European Parliament, are dismissive of the steganography scare. "The strangest aspect of this obsession with secret messages," he wrote in October in the Internet magazine Telepolis, "is that bin Laden's core message is unconcealed. In his statements and broadcasts he tells his followers to 'kill Americans'. This message is not in code. What's hidden about that"?

WHAT has been hidden are the motives driving the steganography propaganda. The U.S.' National Security Agency, the Central Intelligence Agency (CIA) and the more secretive National Reconnaissance Agency, control the world's most formidable communications intelligence asset. Echelon monitors almost every telephone call, fax message and e-mail generated anywhere in the world. Long distance phone calls are, for example, monitored by low-earth-orbiting satellites, which can pick up the microwave signals that carry inter-city traffic. The massive body of electronic information is then fed into computers, which are programmed to recognise specific keywords, voices or images.

Multi-billion-dollar investments in enterprises like Echelon have now come into question, perhaps unsurprisingly. The problem is not with the technology, but its limitations. For one, the best voice and keyword-search technologies are only partly effective.

The optical character recognition technology that is used to scan faxes, for example, is notoriously poor at deciphering handwriting. Plain-word codes of the kind Al Qaeda uses simply slip through the system. Simple codes were abandoned early on in the history of communications intelligence because, unlike cryptography, they offered no protection against the capture of codebooks and messengers. And this is where U.S. intelligence has failed. Campbell quotes experts as saying that "the CIA has been inexcusably lazy by failing to recruit and run agents who were willing to risk dirt, disease and death by joining the terror teams at their training camps."

Signs are that this kind of scare mongering has worked. On October 23, the U.S. Under Secretary of Defence For Acquisition, Technology and Logistics put out a shopping list for new espionage equipment.

The U.S. intelligence establishment, it seems, thinks computers can do the jobs of historians, sociologists and political scientists.

The U.S. intelligence establishment, which unlike the FBI has real stakes in projects like Echelon, evidently hopes to brazen it out. Some of what it has produced verges on the bizarre. On October 18, the Pentagon's in-house daily newsletter, ''Early Bird'', carried claims by former National Security Agency adviser and nuclear physicist Robert Koontz of imminent biological attacks by Al Qaeda.

Koontz claimed to have discovered coded images in a website run by the Lebanese singer Nouhad Hadad. One of the fan letters on the site was authored by a person with the same name as that of one of the September 11 hijackers, leading Koontz to examine paintings by another fan, the Amsterdam-based Iraqi artist Muzaffar Waandawi. Waan-dawi's apocalyptic images, Koontz believed, contained hidden instructions: a somewhat mystifying proposition, since they were created in 1988, when bin Laden was the U.S.' favoured child in Afghanistan.

Indian intelligence officials ought to be following these events with great care. The Research and Analysis Wing, the Intelligence Bureau, and the brand-new Defence Intelligence Agency are now engaged in a major process of restructuring, a project that has placed great emphasis on improving technical resources. Informed sources said that the Bureau will soon have a full-scale technical wing of its own, charged with all domestic communications intelligence. The restructuring process is based on the recommendations of the Girish Chandra Saxena Committee, whose contents were broken by Frontline (April 13, 2001). While there is an undisputed need for such resources, its limitations must also be understood. Signals intercepts that preceded the assassination of former Prime Minister Rajiv Gandhi, for example, could not prevent the murder from taking place. The application of human intelligence, not surveillance of their subsequently discovered Web communications, helped expose several of the Lashkar-e-Toiba cadre arrested in New Delhi and Hyderabad over the last two years.

Technology, it is clear, is not a substitute for hard work - something the U.S. intelligence community, at least, seems unable to comprehend.

This article is closed for comments.
Please Email the Editor