Feeds

Jihadi-sniffers blame White House for leaking secrets

Backdoor fingered in DC leaky brief rumpus

Top three mobile application threats

An American company dedicated to monitoring al-Qaeda internet activities says that leaks from the US government have destroyed web-snooping capabilities painstakingly built up over years.

SITE, the "Search for International Terrorist Entities", is a small Washington-based outfit which trawls the web for jihadist messages and propaganda. The firm's analysts listen to the much-pontificated-upon net "chatter", often held by media spookery pundits to foretell important terrorist events or trends. SITE operators also penetrate password-protected websites, and generally sniff about in places they aren't welcome.

Last month, according to SITE founder Rita Katz, her people managed to get hold of the latest Osama bin Laden vid prior to its public release. Thinking to give the White House a chance to prep its response ahead of time, she gave Bush administration staffers a link to a private SITE webpage so that they could download copies of Osama's latest thoughts.

When emailing the link to White House counsel Fred Fielding and Michael Leiter of the National Counterterrorism Centre, Katz wrote:

"Please understand the necessity for secrecy. We ask you not to distribute... it could harm our investigations."

Within 20 minutes, according to SITE's computer records - which have been reviewed and verified by the Washington Post - intelligence and security agencies all across the US government had begun to download the video from the SITE site. These organisations included the CIA, the Pentagon and the Department of Homeland Security. Within five hours, the video and accompanying English transcript was on Fox News and other Western media outlets, well in advance of the al-Qaeda release.

Katz says the Fox material definitely originated with SITE, as the transcript page markers on the Fox website were identical to her people's. She says that the premature leak was disastrous. Al-Qaeda supporters, realising that access had been gained to network locations which they had considered secure, immediately changed their security procedures.

"Techniques that took years to develop are now ineffective and worthless," says Katz.

3 Big data security analytics techniques

More from The Register

next story
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Lavabit loses contempt of court appeal over protecting Snowden, customers
Judges rule complaints about government power are too little, too late
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
Denies Q&A cameo was meant to slam US, big-up Russia
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Judge halts spread of zombie Nortel patents to Texas in Google trial
Epic Rockstar patent war to be waged in California
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.