The "Metaverse" is a phrase that was first used in Neal Stephenson’s science fiction novel Snow Crash. In this science fiction novel written in 1992, the Metaverse can be accessed via public-access computer terminals where you then control your character known as an avatar. This phrase and concept has now become a reality through a number of what are known as Massive Multi-player Online Role Playing Games (MMPORGs). The purest version of a digital 3-D world to emerge so far has been Second Life created by Linden Labs. Second Life allows for a high degree of flexibility within its user created content and has a currency (known as the Linden) that can be freely exchanged against the US dollar. Second Life claims over eleven million users with probably a tenth of that number being active participants. No identification is required to open a basic account, but to own ‘virtual-land’ a paypal or credit card account is required.

  Many of real world corporations have established commercial interests in Second Life in order to test new products or simply to increase the exposure of their brand. Real World universities and non-profits have also established learning centers within Second Life to take advantage of the dispersed learning environment. Several nations have established embassies in Second Life.

Second Life - Propaganda

  We are likely to see an increase in the amount of Islamist propaganda for recruiting purposes in SL in the next 12 to 24 months. It is extremely easy to introduce propaganda in SL. The increasing number of SL users makes it a prime medium. Propaganda will likely be very limited to SL mosques and virtual Mecca as the target audience will be concentrated in those locations. Messges will most will likely consist of videos and billboards.

  Professor Paul Wilkinson from the Centre of the Study for Terrorism and Political Violence at St. Andrews University claims "The Internet has replaced Middle Eastern camps as the recruiting and training grounds for would-be Islamist terrorists." According to MetaSecurity there are no confirmed jihadists using Second Life , and according to Dr. Rohan Gunaratna at The Institute of Defense and Strategic Studies in Singapore they are only monitoring 12 jihadists in Second Life, However, the increased usage of SL throughout the world make it a likely prime location for propaganda and recruitment.

  The three locations which jihadists will likely place propaganda are in sandboxes, billboards, virtual Mecca, and on islands such as the one maintained by IslamOnline.net. Users can rent billboard space in SL anywhere from USD 4.50 to USD 45. SL users can also upload images, videos, or slides to an object for only 10 Lindens (approximately USD 0.05) per upload. Sandboxes are locations designed by the island owner or Linden Labs, which allows for SL users to build anything. Land owners are responsible for controlling the building and will clean the sandbox on a regular basis. Sandboxes are locations that "griefers" commonly place illicit material because of the many people who use sandboxes. A SL user can build walls and upload photographs or words for anyone to read. Some sandboxes allow the uploading of streaming video.

  An SL Islamic community already exists, which holds many services and forums discussing the many facets within the religion. Several Islamic imams use SL to connect to a wider array of the Muslim Community. In December 2007, 7,000 muslims made their Hajj to Mecca in SL, but the traffic count on in SL registered only approximately 2,100. IslamOnline.net island in SL aims to educate muslims worldwide in all matters of the Islam faith. The internet site has previous connections to terrorists groups like Hamas. It is likely that jihadists will attempt to connect with Muslims in SL via well-placed propaganda in heavily areas. One user reported a group supportin Osama bin-Laden.

  SL and other virtual worlds will likely increase in size over the next few years. Intellibrief.com estimates that nearly 80% of internet users will belong to at least one virtual network by 2012. The virtual worlds will likely become a prime location for jihadists to spread their message and even recruit. Al-Qaeda's second in command, Ayman Al-Zawahiri, stressed the importance of the internet in an online forum in December 2007. Al Qaeda recognizes the importance of propaganda on all forms of media; therefore, it is likely jihadists will increase their propaganda over the next 2 years and logical that users in SL will promote the jihadist message. The Global Islamic Media Front's misson is "a 'media war' and invasion of U.S. media to influence American public opinion." According to Ahmad bin Abdallah Al-Shayi, a Saudi Arabian ex-jihadists recruited to deliver a tanker bomb, claims that the propaganda on the internet is a driving force in recruiting future jihadists.

  A National Intelligence Estimate in 2007 stated “globalization trends and recent technological advances will continue to enable even small numbers of alienated people to find and connect with one another, justify and intensify their anger, and mobilize resources to attack—all without requiring a centralized terrorist organization, training camp, or leader.” The target is to reach a young impressionable Muslim. As the amount of Islamic organizations and individuals increase their presence in SL, it is likely some radical beliefs will also follow over the next 12-24 months due to previous trends of such behavior on worldwide internet applications such as YouTube, MySpace, and web froums.

Terrorists At Play

Second Life Explosives Training for Real World Terrorism

  Personal connections between in-world characters (avatars) form rapidly within Second Life (SL). This may enhance the communication process. Second Life users are willing to interact with strangers in a way that they would not in real life. Therefore, Second Life is one of the more potent of the new social networking environments to have recently emerged. These in-world connections have led to the formation of a number of groups and also successful SL companies that have acted as the interface between real-life companies and SL. Major corporations hire an SL company to design and maintain its in-world presence. These SL companies benefit from being able to have their staff dispersed across the world and thus are able to work collaboratively without being in the same location. Decentralization allows a wide range of skills can be applied to a project from a variety of localities

  Terrorist groups can similarly bring together widely dispersed individuals to plan operations and conduct training. The probability that this may occur will increase if SL-like virtual worlds are introduced in areas with little government monitoring. In fact, the first Arabic-language virtual world was launched not too long ago.

  Many of the overwhelmingly positive features of SL can be adapted for negative real life ends. The rapid and potent way communication of virtual worlds would seem to be an ideal platform for recruitment into radical groups, especially given the age range of those engaged in the world, typically 18-34. The teaching capabilities of the world can clearly be adapted for use by terrorists.

  Streaming video can be uploaded into SL and a scenario can easily be constructed whereby an experienced terrorist bomb-maker could demonstrate how to assemble bombs using his avatar to answer questions as he plays the video. Using the decentralized organization effect, already successfully used by SL companies, the bomb-maker and his pupils can be spread around the globe and using instant language translation tools (available in the world) could be speaking a variety of languages. Just as real world companies such as Toyota test their products in Second Life so could terrorists construct virtual representations of targets they wish to attack in order to examine the potential targets vulnerabilities and reaction to attack.

  Possibly the most useful tool currently available to radical groups is the ability to transfer in-world money between avatars that can be translated into real currencies. SL's in-world currency, the Linden (approximately $270L to $1US), can be bought using a credit card in one country and credited to one avatar (account) and can be given to a co-conspirator avatar in another country. The person controlling this second avatar can then convert these lindens to the real-world currency wherever they are based using a local credit card or paypal equivalent. Clearly the ability to transfer money in this fashion is a very useful function. While Linden Labs sets a limit on the amount of currency an avatar can buy or sell (typically $5000US) this is likely to change and $5000 gets you a long way in many parts of the world.

  In his excellent book on the economics of "Synthetic Worlds," Edward Castronova examines the issue of terrorism and describes future virtual world where flight simulators can be meshed onto other software to dry-run potential future 9/11s. While this dramatic scenario is not unrealistic it neglects the current potential impact of these worlds, which is the turning of their clearly positive social attributes to radical ends. You can obtain more information here.

  Other virtual worlds might well be used for related purposes.

World of Warcraft Attack Planning

  Someday soon would-be bin Ladens might gather in a virtual world, to plan a real-life attack. While there's been no indication to date of terrorists hatching plots in virtual worlds, online spaces like World of Warcraft (WoW) are making some spooks, generals and Congressmen extremely nervous. They imagine terrorists rehearsing attacks in these worlds, just like the U.S. military trains with commercial shoot-em-up games. They worry that the massively multiplayer games make it incredibly easy to gather plotters from around the world. But, mostly, virtual worlds are nerve-wracking to spies because they're so hard to monitor. The accounts are pseudonymous. The access is global. The jargon is thick. And most of the spy agencies' employees aren't exactly level-70 shamans.

   Here is one scenario, presented to the American intelligence community, as to how such a gathering could allow terrorists to hatch a meatspace plot hidden by in-game chatter. The planning ground is WoW. The main target of this possibly nuclear strike: the White House.

  Two WoW players discuss a raid on the "White Keep" inside the "Stonetalon Mountains." The major objective is to set off a "Dragon Fire spell" inside, and make off with "110 Gold and 234 Silver" in treasure. "No one will dance there for a hundred years after this spell is cast," one player, "war_monger," crows.

  Except, in this case, the White Keep is at 1600 Pennsylvania Avenue. "Dragon Fire" is an unconventional weapon. And "110 Gold and 234 Silver" tells the plotters how to align the game's map with one of Washington, D.C.

  The terminology used here does not exactly match WoW lingo. There is no WoW "White Keep"; "Dragon Fire" is a spell in EverQuest, an old-school role-playing game. But the banter is reminiscent enough of WoW chatter, to give outsiders an idea of how such a conversation might go down - and how hard it would be to identify.

  The scenario may be a bit speculative at this point, but it is the job of intelligence agencies to anticipate threats and counter them. It's a scenario that an intelligence officer is duty-bound to consider. Some day soon, we might find secret agents in World of Warcraft, along with the druids and orcs and night elves.

Terrorist Tech Support

  On November 28, 2006, the Al-Fajr Information Center released the first issue of the Technical Mujahid Magazine. The e-zine discusses various technical topics, such as security for electronic data and databases, using GPS, and video editing and production. Some articles are aimed at professionals, and others for laymen.

  Technical Mujahid's self-proclaimed purpose is "to help prevent acts of aggression against Muslims [in cyberspace], and to assist the mujahideen in their efforts." The introduction explains that "the Internet provides a golden opportunity... for mujahideen to break the siege placed upon them by the media of the Crusaders and their followers in the Muslim countries, and to use [the Internet] for [the sake of] jihad and the victory of the faith." Since the Internet also renders the mujahideen vulnerable, however, the magazine deals with issues of computer and electronic data security.

The articles in the first issue:

Article One - Alternate Data Streams - steganography example given, rootkits - hacker defender covered, examples provided, abomosab.jpg used as an example

Article Two - Satellite Communications and the importance of GPS, handheld GPS, explains triangulation, mentions satellite imagery's power, and satellite transfer speeds, mentions 1575 and 1227 as carrier frequencies and Digital Sequence Spread Specturm - DSSS, mentions handheld GPS receiver, includes photos of 3G data card, laptop. It then discusses a locked device with a "WARNING" sign on it

Article Three - Visual How To Install VMware (VMware is so-called virtualization software; it allows a computer to run one operating system within another. For example a computer running Microsoft Widows could run the LINUX operating system concurrently.)

Article Four - Article on digital media players, the different formats, subtitles, and the NTSC and PAL systems, recording basics as it looks like

Article Five - Introduction to PGP (Pretty Good Privacy; encryption software) - Explanation of the RSA algorithm, recommending the use of PGP Whole Disk, features warning message that trial versions of PGP Whole Disk will self-decrypt

Internet Security - Mujahideen Secrets

  In January of 2007, as reported by the Middle East Media Research Institue the Global Islamic Media Front (GIMF) announced the imminent release of new computer software called "Mujahideen Secrets."

  GIMF is a visual and print media organization associated with al-Qaeda. GIMF produces jihadi multi-media propaganda. Their primary taget audience are young Muslims. GIMF's “products” are disseminated on jihadi web forums in order to reach the widest audience.

  GIMF depicted Mujahideen Secrets as “"the first Islamic computer program for secure exchange [of information] on the Internet," and it provides users with "the five best encryption algorithms, and with symmetrical encryption keys (256 bit), asymmetrical encryption keys (2048 bit) and data compression [tools]." The software is extremely easy to use. This is a significant factor, since the computer skills of terrorists run the gamut from highly advanced to embarrassingly inadequate.

  "Until recently al-Qaeda and other Islamist terrorist groups did not pose a credible Internet threat due to their reliance on outdated technology.

  "However, al-Qaeda-linked militants have rolled out improved security software that provides above-military-grade encryption for terrorists communicating online - the situation has changed.

  "The move to stronger encryption may have been prompted by security breaches on jihadist Web sites back in September, when the U.S. government and counterterrorism analysts obtained copies of an Osama bin Laden video release before it was widely introduced on the Web. At the time, several key jihadist sites temporarily suspended operations to address the breach.

  "During the early and mid-1990s, terrorists were early adopters of laptop computers, PDAs, online publishing and digital file archiving. But while their computer habits were savvy, they were usually less than professional-level.

  "For instance, a laptop computer recovered from Ramzi Yousef in 1995 contained deleted files that were able to be recovered by forensic analysis. Yousef was sophisticated enough to use passwords, but not strong encryption. He removed old and sensitive files, but he didn't know to run a file shredder.

  "With the latest version of Mujahideen Secrets, Yousef's hard drive would have been a much tougher nut to crack. In addition to its 2,048-bit encryption, it includes a shredder and file and folder encryption.

Key features of Mujahideen Secrets include:

• Encryption algorithms using the best five in cryptography. (AES finalist algorithms)
• Symmetrical encryption keys along the 256-bit (Ultra Strong Symmetric Encryption)
• Encryption keys for symmetric length of 2048-bit RSA (husband of a public key and private)
• Pressure data ROM (the highest levels of pressure)
• Keys and encryption algorithms changing technology ghost (Stealthy Cipher)
• Automatic identification algorithm encryption during decoding (Cipher Auto-detection)
• Program consisting of one file Facility file does not need assistance to install and can run from the memory portable
• Scanning technology security for the files to be cleared with the impossibility of retrieving files (Files Shredder)

  An updated version - Mujahideen Secrets 2 - was released in 2008. Mujahideen Secrets 2 appears to have been assembled and compiled from both open-source and copyrighted material. New features introduced in version 2 include:

• Multicast encrypted via text messages supporting the immediate use forums (Secure Messaging)
• Transfer files of all kinds to be shared across texts forums (Files to Text Encoding)
• Production of digital signature files and make sure it is correct
• Digital signature of messages and files and to ensure the authenticity of messages and files

  "New features, an improved GUI and the introduction of digital signing makes the program a handy tool cyber jihadist. An advanced data hiding technique possible with the package is embedding encrypted messages on a web page instead of transmitting - using the Dark Web for secure communications.

  The software is freely distributed on the various iterations of password-protected Ekhlaas.org. Ekhlaas.org has variously been hosted by servers in Minnesota, Florida, and elsewhere. Analysis of the software indicates one of the authors may be be either a Ukrainian or Chechnyan associated with the Islamic Emirate of the Caucasus.

  Mujahideen secrets can be run from USB flash thumb drives allowing terrorists to encrypt communications from otherwise insecure locations such as Internet cafes. There are also LINUX distributions which are small enough to fit on a thumb drive, along with the user's data files, and even Skype-like P2P communications applications, allowing terrorists to have a "computer on a stick." This allows them to use most any computer without leaving any files on the machine for investigators.

  The new efforts by the Jihadist technical supporters are a result of fears that their websites have been hacked by the West and their transmissions decoded. By building their own encryption tools they can then stop any back doors being built into their publicly derived encryption software, according to Henry. Such a development is certain to bedevil law enforcement and anti-terrorism agencies in charge of monitoring these groups.

Fundraising

  LONDON: Islamist terrorist networks, particularly al-Qaeda, are using gambling websites to launder money and train potential terrorists in Britain without them having to risk travelling to camps in Pakistan, a media report said on Friday.

  Al-Qaeda wants to create an "online university of jihad" that is recruiting and training potential terrorists in Britain without them having to risk travelling to camps in Pakistan.

  Speaking at a select conference on the terrorist threat to Britain, experts from Jane's Intelligence Group, said an online community was growing with younger and more impressionable people inadvertently sponsoring terrorism.

Terrorism and Kiddie Porn - Steganography

  Pornographic images of children found on the hard drives of individuals suspected of terrorist involvement in Britain and Italy were being exploited as a secure way of passing information between terrorists. In a process called steganography, information was embedded into child pornographic images in a process called steganography.Pedophile websites are being exploited as a secure way of passing information between terrorists.

  Steganography is the art and science of writing hidden messages in such a way that no-one apart from the sender and intended recipient even realizes there is a hidden message, a form of security through obscurity. For example, the color of every 100th pixel in an ordinary-looking image file can be altered to correspond to a letter in the alphabet. Such alterations are so subtle that someone not actively looking for it is unlikely to notice.

  The British security services believe that it requires further investigation to improve understanding of terrorists’ methods and mindsets. Concerns within the Metropolitan Police led to a plan to run a pilot research project exploring the nature of the link. One source familiar with the proposal said that this could eventually lead to the training of child welfare experts to identify signs of terrorist involvement as they monitor pornographic sites.

  It is not clear whether the terrorists were more interested in the material for personal gratification or were drawn to child porn networks as a secure means of sending messages. In one case fewer than a dozen images were found; in another, 40,000.

  British security sources confirmed that such a link had been discovered in several cases. They noted the contradiction between people supposedly devoted to theocracy and Islamic fundamentalism and their use of child pornography. “It shows that these people are very confused,” a source said. “Here they are hating Western decadence but actually making use of it and finding that they enjoy this stuff.”

  The first British suspicions of a link between child sex abuse and jihadis emerged in London in 2006 when antiterrorism police in two unrelated investigations were shocked to find computerised images of hardcore child pornography. The key case that tipped off the security services to a plausible link involved the “White-chapel Rapist”, Abdul Makim Khalisadar. A former Mujahidin and a preacher at the East London Mosque, he was being examined for his links to a hardcore Islamic militant who was later convicted of terrorism. Khalisadar was never convicted of terrorist offences. The other investigation involved a young religiously observant Muslim.

  The Times has learnt that a criminal investigation also found child pornography on computers after a raid in 2001 at a mosque run by an al-Qaeda recruiter in Milan. Italian police believe that the images were encoded with messages. At a forthcoming terrorism trial in Spain, the alleged mastermind of a Muslim cell has also been accused of downloading hundreds of child sex abuse pictures and videos.

  Meanwhile, police uncovered a right-wing terrorist plot when they raided a home after being tipped off about pornographic images. This June, the Nazi sympathiser Martyn Gilleard was jailed for 16 years after being found guilty of terrorism. Police found 39,000 indecent images of children at his flat in Yorkshire.

Invisible Ink for the Internet

• Messages may be concealed within digital images and audio, video or other files. The method is called steganography, derived from the Greek for “covered writing.”
• Although the average person will not be able to detect the hidden messages by either listening to or viewing a file, the intended recipients can use applications to reverse the steganography process and gain access to the information.
• Experts say that the advancement in encryption technology is outpacing the authorities’ abilities to monitor suspected terrorists and paedophiles.
• Italian authorities uncovered files of child abuse images that had been manipulated by a terrorist cell after a raid on the Via Quaranta mosque in Milan in November 2001. Investigators claimed that the terrorist cell encoded the images before sending them to each other.

Sources:

MetaTerror: The Potential Use of MMORPGs by Terrorists

Terror networks use gambling websites for recruitment, finance

Islamist website presents "Technical Mujahid Magazine"