Red Teaming the Red Team: Utilizing Cyber Espionage to Combat Terrorism

Abstract

The world has effectively exited the Industrial Age and is firmly planted in the Information Age. Global communication at the speed of light has become a great asset to both businesses and private citizens. However, there is a dark side to the age we live in as it allows terrorist groups to communicate, plan, fund, recruit, and spread their message to the world. Given the relative anonymity the Internet provides, many law enforcement and security agencies investigations are hindered in not only locating would be terrorists but also in disrupting their operations. Furthermore, law enforcement tracking capabilities are limited as the Internet’s loosely-knitgroup of computers and routers that are spread globally with servers hosting files, forums, and chat rooms are usually located in various countries’ jurisdictions. Meanwhile a website can easily be backed up and moved to another server in another country beginning the process over again. Legal obstacles also make it very difficult to seize files or listen in on communications. What if a diverse group of hackers were allowed to do what hackers do best and infiltrate not only the servers themselves but use them to spider into the terrorist’s computers and even cell phones? What information might be uncovered? Take a moment and think of the trove of information that resides on your laptop and cell phone. A quick list might include banking information, tax forms, family pictures, self-portraits, a picture of your new car. Banking information might be in the form of cookies stored on your computer when you visit the website. Tax forms, while not advisable, do reside on many hard drives. Pictures might seem benign but besides the fact that they can be used to identify someone modern cameras and cell phones contain metadata in their files such as a Global Positioning Satellites (GPS) location of any given picture taken. This sort of data was brought to the public’s attention in 2010 when Adam Savage, from Myth Buster, took a picture of his Toyota Land Cruiser with his iPhone in front of his house and posted it on Twitter stating it was time to go to work.1 The GPS tagging feature was enabled and not only gave away exactly where his house was but what kind of car he drove and when he leaves for work. In 2003 due to a bug in Photo Shop, TechTV’s Cat Schwartz inadvertently exposed herself to the world when she posted a cropped photo of herself on her blog which contained Exchangeable Image File (EXIF) data which held the nude photo.2 Metadata is not only contained in picture files but also files such as Word documents which tend to save changes made to the file using the quick save feature. These examples are of normal people living normal lives but what kind of data might be residing in a terrorist’s computer?