Terrorism Online
Mobhunter’s posted a bit of outrage at the idea that our tax dollars were used to investigate the possibility of terrorists using MMO’s to coordinate an attack.
While the idea may seem a bit absurd, and I’m usually one to have great fun picking on such things, the anger is a bit misplaced.
Well before 9/11, the intelligence community knew that terrorist and spy organizations used simple things like photosharing sites to distribute informtion using both steganography and simple “marking” for basic messages. It was the online equivalent of drop boxes and “leave 3 chalk lines at location X to arrange a drop” except that it was even safer- the potential “area” to leave things was too large to cover and every visitor to the site could be the possible “pickup person.” That and you could hide quite a bit more in that picture.
This is nothing new.
Heck, common street gangs in America do it. This is the backbone of any cell-structured organization, from drug runners to fencing organizations to terror groups- and it has been for decades.
The problem with most of these messages is that they’re asynchronous- slow. Chat rooms give you more synchronous communication, but have serous limitations–
- If there are too few people, it has all the problems of a real-world face-to-face meet. If one person is compromised and being monitored, it’s rather easy to find out who else was in the room when he’s chatting.
- If there are too many people in the room, you might be able to hide yourself in the crowd, but you also have plenty of potential eyewitnesses… so your communications need to be encoded.
Now, those are basic web technologies that we KNOW are being used for all sorts of clandestine organizatons. Part of a good intelligence community– counterespionage or counterterror or whatever– is to recognize new communication venues, evaluate them as a potential threat, and ask questions:
- Can it be used for communications?
- What are the benefits & downsides of this medium?
- What are the risks?
- What is a reasonable level of threat mitigation to take?
That’s what this presentation was about. It was asking the fundamental question of “how could this be used” without being alarmist or “OMG Games are evil!”
In this case, what can you do with games? Well, you CAN easily access the equivalent of crowded chat servers to conceal a coded conversation. You can post “marks” in auctionhouses that have meaning only to your cel counterparts. In some environments with RMT you could even transfer moderate sums of money (at substantial loss, but no more than standard laundering techniques) electronically without a banking breadcrumb trail…
And yes, though we like to mock it, you can theoretically stage things for dry runs… even in WoW. When I was in the army, we’d often “sand table” an operation using styrofoam cups and cigarrette butts on a dirt mound. It lacked any sort of detail, but it helped immensely in just visualizing the operation. As silly as it sounds, using dwarves and elves instead of smokes and dixie cups isn’t really a step back.
- Does that mean that terrorists ARE hiding in World of Warcraft? Hell no.
- Does it mean that they could use these venues to communicate directly without the intelligence community catching on? Possibly. But even if they did, the cost to locate and monitor them can far outweigh any benefit to going after them. Much like the steganography situation- you want to know what they COULD BE USING even if you can’t stop them from using them. At least you know the limits of your surveillance.
Finally, Yes Moorgard, we have a National Defense University. Just like we have undergraduate programs like the Naval Academy and West Point, the Dept of Defense does believe in continued education of its professionals, and this isn’t the only one. If you think that that’s a sign that our military-industrial-entertainment complex might be too big for its britches, consider this: we have a Defense University just for buying stuff. Not a class… not a seminar… a whole friggin university.