Al-Qaida, other militants said to be changing procedures to avoid surveillance after NSA leaks

  • Article by: KIMBERLY DOZIER , AP Intelligence Writer
  • Updated: June 26, 2013 - 4:20 PM

WASHINGTON — U.S. intelligence agencies are scrambling to salvage their surveillance of al-Qaida and other terrorists who are working frantically to change how they communicate after a National Security Agency contractor leaked details of two NSA spying programs. It's an electronic game of cat-and-mouse that could have deadly consequences if a plot is missed or a terrorist operative manages to drop out of sight.

Terrorist groups had always taken care to avoid detection — from using anonymous email accounts, to multiple cellphones, to avoiding electronic communications at all, in the case of Osama bin Laden. But there were some methods of communication, like the Skype video teleconferencing software that some militants still used, thinking they were safe, according to U.S. counterterrorism officials who follow the groups. They spoke anonymously as a condition of describing their surveillance of the groups. Those militants now know to take care with Skype — one of the 9 U.S.-based Internet servers identified by former NSA contractor Edward Snowden's leaks to The Guardian and The Washington Post.

Two U.S. intelligence officials say members of virtually every terrorist group, including core al-Qaida members, are attempting to change how they communicate, based on what they are reading in the media, to hide from U.S. surveillance. It is the first time intelligence officials have described which groups are reacting to the leaks. The officials spoke anonymously because they were not authorized to speak about the intelligence matters publicly.

The officials wouldn't go into details on how they know this, whether it's terrorists switching email accounts or cellphone providers or adopting new encryption techniques, but a lawmaker briefed on the matter said al-Qaida's Yemeni offshoot, al-Qaida in the Arabian Peninsula, has been among the first to alter how it reaches out to its operatives.

The lawmaker spoke anonymously because he would not, by name, discuss the confidential briefing.

Shortly after Edward Snowden leaked documents about the secret NSA surveillance programs, chat rooms and websites used by like-minded extremists and would-be recruits advised users how to avoid NSA detection, from telling them not to use their real phone numbers to recommending specific online software programs to keep spies from tracking their computers' physical locations.

House Intelligence Committee Chairman Mike Rogers, R-Mich., said there are "changes we can already see being made by the folks who wish to do us harm, and our allies harm."

Sen. Angus King, I-Maine, said Tuesday that Snowden "has basically alerted people who are enemies of this country ... (like) al-Qaida, about what techniques we have been using to monitor their activities and foil plots, and compromised those efforts, and it's very conceivable that people will die as a result."

Privacy activists are more skeptical of the claims. "I assume my communication is being monitored," said Andrea Prasow, senior counterterrorism counsel for Human Rights Watch. She said that's why her group joined a lawsuit against the Director of National Intelligence to find out if its communications were being monitored. The case was dismissed by the U.S. Supreme Court last fall. "I would be shocked if terrorists didn't also assume that and take steps to protect against it," she said.

"The government is telling us, 'This has caused tremendous harm.' But also saying, 'Trust us we have all the information. The US government has to do a lot more than just say it," Prasow said.

At the same time, NSA and other counterterrorist analysts have been focusing their attention on the terrorists, watching their electronic communications and logging all changes, including following which Internet sites the terrorist suspects visit, trying to determine what system they might choose to avoid future detection, according to a former senior intelligence official speaking anonymously as a condition of discussing the intelligence operations.

"It's frustrating. You have to start all over again to track the target," said M.E. "Spike" Bowman, a former intelligence officer and deputy general counsel of the FBI, now a fellow at the University of Virginia's Center for National Security Law. But the NSA will catch up eventually, he predicted, because there are only so many ways a terrorist can communicate. "I have every confidence in their ability to regain access."

Terror groups switching to encrypted communication may slow the NSA, but encryption also flags the communication as something the U.S. agency considers worth listening to, according to a new batch of secret and top-secret NSA documents published last week by The Guardian, a British newspaper. They show that the NSA considers any encrypted communication between a foreigner they are watching and a U.S.-based person as fair game to gather and keep, for as long as it takes to break the code and examine it.

Documents released last week also show measures the NSA takes to gather foreign intelligence overseas, highlighting the possible fallout of the disclosures on more traditional spying. Many foreign diplomats use email systems like Hotmail for their personal correspondence. Two foreign diplomats reached this week who use U.S. email systems that the NSA monitors overseas say they plan no changes, because both diplomats said they already assumed the U.S. was able to read that type of correspondence. They spoke on condition of anonymity because they were not authorized to discuss their methods of communication publicly.

The changing terrorist behavior is part of the fallout of the release of dozens of top-secret documents to the news media by Snowden, 30, a former systems analyst on contract to the NSA.

The Office of the Director for National Intelligence and the NSA declined to comment on the fallout, but the NSA's director, Gen. Keith Alexander, told lawmakers that the leaks have caused "irreversible and significant damage to this nation."

"I believe it will hurt us and our allies," Alexander said.

"After the leak, jihadists posted Arabic news articles about it ... and recommended fellow jihadists to be very cautious, not to give their real phone number and other such information when registering for a website," said Adam Raisman of the SITE Intelligence Group, a private analysis firm. They also gave out specific advice, recommending jihadists use privacy-protecting email systems to hide their computer's IP address, and to use encrypted links to access jihadi forums, Raisman said.

  • get related content delivered to your inbox

  • manage my email subscriptions

ADVERTISEMENT

Connect with twitterConnect with facebookConnect with Google+Connect with PinterestConnect with PinterestConnect with RssfeedConnect with email newsletters

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

ADVERTISEMENT

 
Close