TIME Magazine has published a new article on the simmering debate over whether the U.S. government should be aggressively shutting down and destroying jihadist Internet websites. This debate has received added attention in recent weeks from a series of unrelated incidents, including the Ft. Hood massacre and the arrest of several would-be American Al-Qaida recruits in Pakistan. In each of these cases, Internet websites and "virtual radicalization" have played a significant role in either persuading someone to carry out an act of violence--or even by providing the apparent contacts necessary to join a real terrorist group.
In reflecting on this series of events, some well-intentioned observers have suggested that the appropriate remedy for the Internet being used as a recruitment machine by terrorist networks is to methodically take apart the underground jihadi social networking forums, one after the next. While I understand where those sentiments come from, I personally don't agree with them -- and I don't believe I'm alone. From TIME:
"But Arquilla's logic doesn't add up, counters Evan Kohlmann of the non-profit NEFA Foundation, created following 9/11 to track Islamic terrorism. Shutting down jihadist web sites "would be like firing cruise missiles at our own spy satellites," he argues, referring to the intelligence the U.S. and its allies glean from such sites. Besides, it can't be done. "If you shut down one of their websites today, they have a complete copy elsewhere and can put it up on a new server and have it up tomorrow," Kohlmann says. Such websites are the only window the rest of the world has into al-Qaeda and other such groups. "If you start shutting down the websites," he adds, "it's like chopping up a jellyfish — you end up with lots of little pieces that are very difficult to monitor." Kohlmann believes that the websites are a treasure trove of valuable intelligence, most of which is being overlooked by the U.S."And this, of course, does not even take into account the myriad of freedom of speech and civil liberty issues that would inevitably arise if the U.S. government was to start blacking out independent websites on the basis of content. And what about YouTube, which allegedly has served as the point of contact for Taliban recruiters looking for American volunteers -- are we planning on shutting them down, too? In this case, perhaps it is a wiser policy to walk softly and carry a big stick -- as opposed to swinging it around wildly in hopes of randomly hitting something.
I asked myself this very question several years ago. At the time, I was watching the AQIM website go and down every couple of months.
Back in those days, I was helping Castlecops take down dozens and dozens of phishing sites....so it was easy for me to apply the same mindset to jihadist websites. However, it was clear that these sites don't serve the same functions.
Phishing sites are commonly hosted on hacked servers and the bad guys rapidly get their stolen data and run away....so the faster it is taken down, the less viable information the attackers can get...thus its a no-brainier takedown decision. But phishing sites do offer some OSINT to professionals - how the sites are constructed, attacker e-mails addresses embedded in backend scripts, how the sites are packed and deployed, etc.
Was what type of information could you get out of jihadist websites?
Think Shadowcrew (and Operations Firewall)....and you start to see what could be done, OSINT on a massive scale - especially with sites hosted in the US or in nations that are willing to assist.