U.S. intelligence agencies are scrambling to salvage their surveillance of al-Qaeda and other militants who are working frantically to change how they communicate after a National Security Agency (NSA) contractor leaked details of two of its spying programs. It’s an electronic game of cat-and-mouse that could have deadly consequences if a plot is missed or a militant operative manages to drop out of sight.
Edward Snowden was believed to still be at a Moscow airport and officials said he had not booked a flight out despite pressure from Russian President Vladimir Putin to leave.
Militant groups had always taken care to avoid detection, from using anonymous e-mail accounts, to multiple cellphones, to avoiding electronic communications at all, in the case of Osama bin Laden. But there were some methods of communication, like the Skype video teleconferencing software that some militants still used, thinking they were safe, according to U.S. counterterrorism officials who follow the groups. They spoke anonymously as a condition of describing their surveillance of the groups.
Those militants now know to take care with Skype, one of the 9 U.S.-based Internet servers identified by former NSA contractor Edward Snowden’s leaks to The Guardian and The Washington Post. Two U.S. intelligence officials say members of virtually every militant group, including core al-Qaeda members, are attempting to change how they communicate, based on what they are reading in the media, to hide from U.S. surveillance. It is the first time intelligence officials have described which groups are reacting to the leaks. The officials spoke anonymously because they were not authorized to speak about the intelligence matters publicly.
Yemeni offshoot and Arabian Peninsula
The officials wouldn’t go into details on how they know this, whether it’s militants switching e-mail accounts or cellphone providers or adopting new encryption techniques, but a lawmaker briefed on the matter said al-Qaeda’s Yemeni offshoot, al-Qaeda in the Arabian Peninsula, has been among the first to alter how it reaches out to its operatives.
Shortly after Edward Snowden leaked documents about the secret NSA surveillance programs, chat rooms and websites used by like-minded extremists and would-be recruits advised users how to avoid NSA detection, from telling them not to use their real phone numbers to recommending specific online software programs to keep spies from tracking their computers’ physical locations.
House Intelligence Committee Chairman Mike Rogers, R-Mich., said there are “changes we can already see being made by the folks who wish to do us harm, and our allies harm.”
Sen. Angus King, I-Maine, said June 25 that Snowden “has basically alerted people who are enemies of this country … (like) al-Qaeda, about what techniques we have been using to monitor their activities and foil plots, and compromised those efforts, and it’s very conceivable that people will die as a result.”
At the same time, NSA and other counterterrorist analysts have been focusing their attention on the militants, watching their electronic communications and logging all changes, including following which Internet sites the militant suspects visit, trying to determine what system they might choose to avoid future detection, according to a former senior intelligence official speaking anonymously as a condition of discussing the intelligence operations. “It’s frustrating. You have to start all over again to track the target,” said M.E. “Spike” Bowman, a former intelligence officer and deputy general counsel of the FBI, now a fellow at the University of Virginia’s Center for National Security Law. But the NSA will catch up eventually, he predicted, because there are only so many ways a militant can communicate. “I have every confidence in their ability to regain access.”