Re: The Cyber Jihad Front
How do you locate such domains? I know you use maltego/etc others – isit mostly stumbling onto real domains of interest or do you gain intelligence and link it to the particular domain?
Best Regards, < Redacted >
So, You Want to Track Terrorists Online Eh?…
The email above is one of more than a few that have come my way lately on OSINT as well as using the precepts of OSINT to track Jihadi’s online. I haven’t answered any of these requests (until now… here…) because I just kinda wanted to... Well.. Not.
However, with this last one I just decided to put together a post on my reasons why I will not teach people to do this instead of just ignoring the emails.
I appreciate people want to help out however, anyone who is emailing me asking how to locate Jihadist domains online must first off be unfamiliar with “The Google”. All one really need do is Google for the appropriate content and voila, you have sited to look at.
I am not saying that this person is a moron, but I am saying that common sense need apply when you ask such questions.Anyway, on to the bulleted reasons….
The Reasons I Won’t Teach You…
Ok, so, the basic response is this;
“I will not teach you to track terrorists online because there is no manual for this to start with”
This is an organic process, and I have been up to this stuff since 2001. I learned by just doing it and in the process of “doing it” I had to learn A LOT of other things apart from technology issues like hacking/security/coding etc.
Remember you are dealing with PEOPLE and you have to be adept and reading them, what they write, and their motives/thoughts/ambitions etc. But let me break it down for you further shall I?
- You have to understand the terrorists and their motives
- You have to know the language and the nuances of it
- You have to have historical context and be able to understand the movements
- You have to be a bit of an actor… I’ll leave it at that
- You have to have a natural desire to follow a zillion leads and to analyse them
- You have to be adept at using ‘Teh Googles” (misspelling intended)
- You do it wrong you don’t get good data AND you will have FEDS at your door
- You do it wrong and you could be messing up ongoing investigations (and you have FEDS at your door)
- You do it wrong and you could endanger yourself or others by not being careful (Can you say Fatwa?)
There are probably a million more reasons that I can come up with (and will as I am falling asleep tonight) but you all get the general idea. MOST of all though, I am not going to be responsible for someone screwing the pooch and then getting into trouble (and then saying “but Krypt3ia said!”)
I Got Skillz… Hacking Skillz… Nunchuck Skillz…
The essence here is this, I just happened to get into this after being at the hole post 9/11. I was pissed and because of the nature of the work I do, I had certain facilities that lent themselves to this kind of diversion.
I also had the opportunity to make connections with certain people who could put me in touch with other people yadda yadda yadda... You know…
So unless you have a sponsor, you know Arabi, or you are able to make some connections with the right folks, you will just end up causing yourselves more trouble than anything else by playing in this pool.
There are far more skilled people than I working on this stuff… I am no one to be teaching anyone... Nor will I.
The only reason that I blog about the Jihadist stuff here is that I find it interesting from a philosophical perspective AND I have a reader base within certain circles that can use some of my ravings in their jobs…
So, no, I will not teach you how to look for Jihadi’s online... Because you likely will only muddy the water and make my day more difficult.
Cross-posted from Krypt3ia