As the US looks to confirm the death of 'Jihadi John', we examine how intelligence agencies go about finding drone targets.
An anonymous former drone operator told the Intercept website that 90% of drone killings in Afghanistan were carried out based on metadata.
For a while, this was as basic as identifying the SIM card used by a militant, then determining its location by triangulating location information from the different mobile phone towers that phone would connect to.
Drones were also fitted with devices that aped mobile phone towers, tricking targets' phones to connecting to them, thus locating the SIM.
IP addresses - the address assigned to devices connected to the internet to send them information - were also used. Many IP addresses contain metadata about location: these were intercepted by GCHQ and the NSA.
Drones were also employed to 'sniff' wi-fi and Bluetooth signals, revealing more data.
However, militants quickly got wise to these tactics. They started distributing multiple SIM cards, or giving phones to civilians to carry.
They stayed off the 'open' internet and flocked to encrypted services which scramble data in a way that makes it much harder for agencies like GCHQ - constantly scouring the internet for chatter - to spot.
Services like Surespot and Silent Circle, encrypted messaging apps, have required new types of signal intelligence.
Intelligence agencies' tactics have grown increasingly sophisticated to deal with the problem.
In August, two British jihadists, Reyaad Khan and Junaid Hussain, were killed in separate drone strikes in Syria.
It was reported that they had been using Surespot, and that GCHQ had hacked the service from Cheltenham.
Surespot insisted it had not been hacked and the truth is actually more elegant.
Hussain and Khan had published their Surespot usernames on Twitter. They accepted a friend invite from a stranger and exchanged messages.
That stranger - an undercover agent - sent a malicious link, which took Hussain to a web page that downloaded a virus to his phone. It's the same principle that hackers use to scam normal people every day.
That allowed GCHQ to track Hussain's communications and movements. When Hussain made a phone call back to friends in the UK, he revealed his location.
That advanced signals intelligence is, ideally, supplemented by human informants on the ground.
In Syria, US drones flying real-time video reconnaissance over the country offer extra opportunities for confirmation.
Then, the strike is ordered. Reconnaissance drones are replaced by attack drones and surveillance pods are swapped for Hellfire missiles
No comments:
Post a Comment