A recent article in Wired, Behind Enemy Lines With a Suburban Counterterrorist, details the work of Shannen Rossmiller, a Montana judge who, in her spare time, works as an amateur online terrorist hunter.  There have been stories about her before, but this is one of the most extensive that I have seen.  It is interesting to see the references to hacker/DIY culture.  Here are some excerpts from the article:

In her small, one-chair home office in Montana, I sit beside Rossmiller on a little tiled table normally reserved for a lamp. Outside, the vistas stretch across Big Sky Country to the Elk Horn Ridge Mountains. Inside, Rossmiller shows me what she does as perhaps America’s most accomplished amateur terrorist hunter.

We’re monitoring jihadist chatter, and she has warned me that we’re not likely to come across anything too dangerous. Home-brew cyber-counterterrorism, it turns out, is a lot like most police work — weeks of tedious beat patrols punctuated by occasional bursts of excitement. And the section of the Internet populated by terrorists is a lot like the rest of the Internet — only instead of commenting on, say, a video of 1,500 prison inmates performing Michael Jackson’s “Thriller,” everyone’s chatting about the death of Americans.

Rossmiller hopes to find some people discussing an actual upcoming plot and then join the conversation. But it’s mostly just idle banter today.

Rossmiller developed her remarkable talent for chatting up terrorists after September 11, when she started going into online forums and cajoling valuable information from other visitors. She has passed along numerous case files to federal authorities. Her information has led US forces abroad to locate Taliban cells in Afghanistan, discover a renegade stinger-missile merchant in Pakistan, and help another foreign government identify a ring of potential suicide bombers. She has also assisted in nabbing two domestic would-be terrorists and seen them both convicted of felonies: National guardsman Ryan Anderson received five concurrent life sentences, and Michael Reynolds, convicted in July and awaiting sentencing, faces a similar fate. Timothy Fuhrman, special agent in charge of the FBI’s Salt Lake City office, says Rossmiller was “instrumental in the successful outcome of those cases.”

Rossmiller succeeds by exploiting a fundamental flaw in al Qaeda’s famously decentralized organization. The absence of a strict hierarchy makes it pretty easy for a cunning person to mix among the terrorists. So she poses as a potential al Qaeda soldier looking for like-minded comers. She creates multiple characters and uses her older and more respected personae to invite the new ones into private forums. There are other self-taught counterterrorists like her, but they tend to translate and discuss, lurk and report. Rossmiller works the terrorism boards as if she were playing a complex videogame. Her characters come complete with distinct personalities and detailed biographies that are as richly conceived as any protagonist on an HBO series. She keeps copies of everything, time-stamps files, and takes screenshots. She has an Excel spreadsheet that details the 640 people with whom she has had contact on these boards since 2002.

…she may well have pioneered a new form of intelligence-gathering.

She now has a contact at the Great Falls FBI field office, an agent named Mark Seyler. His boss, Timothy Fuhrman, would not comment on Rossmiller’s claim that she has sent the FBI more than 200 of her “packages” since 2002, saying that he would rather keep the details of her intelligence role restricted to what is already on the public record. He did say that “we can always learn from her.”

In fact, it’s distinctly possible that Rossmiller, alone at her computer, has a better track record than the Justice Department.

“When I was in the White House and doing terrorism, the holy grail was ‘actionable intelligence,’ and she brings a form of actionable intelligence,” says Roger Cressey, a White House counterterrorism official in both the Clinton and George W. Bush administrations. (He learned of Rossmiller after he left the government.) The FBI, on the other hand, has failed in every attempt to modernize its technology since 2001, and it so restricts the software available to agents that they can’t even begin to match what Rossmiller does. “The FBI is a dinosaur in many respects,” says Cressey.

Some of Rossmiller’s tactics are taken straight from the hacker playbook. For instance, on several occasions she has sent individuals in foreign countries images altered to conceal, say, a keylogger that uploads everything the recipient types, including passwords. One key logger recipient was a Middle Eastern journalist who had been a known contact of al Qaeda members. Rossmiller passed along the information she got to government officials.

Once a kind of bare trust is established, she will, like a good con artist, push her mark away, refusing him, telling him he’s not worth her time. Then he will come right back, often with surprising offerings of information to prove that he is the real thing. “If they could see me, little blond me, they’d go crazy,” she says in a burst of hearty laughter.

Much of Rossmiller’s success can be credited to her understanding that the chattiness and chumminess that often cinches digital friendships applies in terrorist chat rooms just as it does in Yahoo Nascar forums.

In fact, her main motivation seems to be literary. She really loves creating these characters and playing them. She cares for them on some level, the way a novelist might. She keeps files on them. She clips pictures off the Internet to give them faces. She gives each a birthday, a hometown, and a biography to make them believable to the people she chats with.

This is one of the main examples of “cyber-vigilantism” or “digilantism” related to national security affairs that I have seen.  There are a number of these groups that have sprung up since September 11, 2001.  The first was a group that was co-founded by Rossmiller, called 7-Seas Global Intelligence.  The original group and website no longer exist.  It has since morphed into Phoenix Global Information Systems, a group with many of the same goals (and members) as the original 7-Seas.  Another more “mainstream” group/website that has been cited in the mainstream media is the SITE Institute, a group that also monitors and infiltrates suspected terrorist websites, chatrooms, etc. for the purposes of collecting intelligence.  All of these groups are examples of the wider Open Source Intelligence (OSINT) movement headquartered at the Open Source Solutions website maintained by Robert Steele.

I definitely hope to do some work on these kinds of groups in the future.  It could be valuable to examine these groups through the perspective of “new social movement” theory and the emerging work on crowdsourcing, passionate labor, etc.  If we think of security as a commodity–it does get spoken of as a commodity in much of the military literature on network-centric warfare, by the way–might we talk of the “convergence” of producers and consumers of security?  Just a quick run-down of how I’ve thought about proceeding.  Any comments/suggestions/leads/etc. would be appreciated.

Tags: , , , , , , , ,