CNN’s report on the hunt for ISIS terrorists in the darkest corners of the Internet begins with a remarkably dour assessment of the war effort thus far: “After months of bombing by the U.S. and coalition forces, ISIS remains undefeated on the ground and has now entered a new phase, using the cyber-world as a weapon… It’s a trend that has captured the attention of law enforcement and now the military.”
The article discusses the Islamic State’s redoubts in the “dark web” or “deep web,” the regions of the Internet that do not appear in commercial search engines, where only those who know the proper numeric Internet addresses and passwords can access heavily-encrypted forums. It is rather incongruous to kick off this discussion with the #TexasAttack social media hashtag, since Elton Simpson’s online activity is pretty much the opposite of Dark Web skulduggery – he wanted people to see messages he was posting on public forums.
If the point of this contrast is to establish is that ISIS has infested both bright and dark webs like a virus, that point is well made. Admiral Mike Rogers, director of the National Security Agency, speaks of the Islamists transforming the Internet into “a potential weapon system.”
“The U.S. believes ISIS – and other potential terrorists – are now using the most covert part of the online world to recruit fighters, share intelligence and potentially plan real world attacks,” CNN explains. The ability to coordinate attacks across the globe, in near-real-time, without detection is an enormous asset to terror masters. Cracking enemy communications networks is more devastating than any bomb strike, including the hydrogen bombs dropped at the end of World War 2, as Alan Turing could explain, if the civilized world had shown him a fraction of the gratitude he deserved.
The problem with the poorly-understood Dark Web is that no one really knows how big it is, or even how to find any particular location within it. CNN uses the popular “iceberg” model of the Internet, in which common, easily discovered traffic constitutes a modest twenty or thirty percent visible above the surface, while a huge volume of secretive communication occurs beneath the surface.
Another way to think of the Dark Web involves picturing it as a vast and trackless void, in which nothing can be found unless the searcher knows exactly where to look. Dark websites do not appear in Google searches, and you cannot stumble across them by typing portions of their human-language names in a browser. Once these sites are discovered, the more conventional espionage business of breaking their encryption can begin – and that’s a very tall order, in these days of almost incomprehensible computing power – but first you’ve got to find them. Even the finest military, in the real world or in cyberspace, can’t hit targets that it can’t see.
CNN reports the Pentagon has made some strides in exploring the Internet’s shadow lands – a DARPA project called MEMEX, which senses “patterns of activity on the Dark Web” and uses them to track down Internet locations where illicit activity might be occurring.
In a February post on MEMEX, the Naked Security blog noted that the Internet wilderness is difficult to explore even when targets aren’t deliberately hiding. The search engine wars of the early Net era were all about mapping the void and locating websites without requiring the proprietors to actively contact search providers to announce their existence. This effort was driven by commercial considerations – presumably anyone who spent the early Nineties wondering if search engines would become a big business has their answer – but it is also stalled out due to such considerations. Profitable mapping of cyberspace is nearly complete, and no one can say with authority how much space remains beyond the edges of the map. We’ve probably indexed less than half of what is out there. Think about how big the Google-friendly Internet is, and let that sink in for a moment.
DARPA, which laid the groundwork for the network we have come to know as the Internet, created MEMEX to seek out Dark Web traffic and follow it back to the source, using search algorithms radically different from anything a sane commercial engine such as Google would employ. The original application for the project was to root out human traffickers and pedophiles. Law enforcement agencies cited MEMEX tools as crucial components of several big investigations, including at least 20 active sex trafficking cases, according to Naked Security.
Those custom search tools will now be adapted to intercept terrorist chatter on the Dark Web and track it back to the source websites. It is a bit like following whispers through the darkness, in a maze that seems to go on forever. The targets have tools that can help them actively hide from law enforcement and counter-terrorist agencies, including a readily available Dark Web browser called TOR, which CNN describes as “bouncing communications around the world – keeping anyone from knowing what sites you visit and where you are located.”
Stealth and detection, codes and code-breaking… these are old games in warfare, practiced on a new battlefield. The enemy is more elusive than ever; the hunters are better equipped; no-man’s-land is the size of a solar system, or maybe even a galaxy; and the stakes are counted in innocent civilian lives.