Wednesday, October 24, 2007
Behind Enemy Lines With a Suburban Counterterrorist
http://www.wired.com/print/politics/security/magazine/15-11/ff_rossmiller
Behind Enemy Lines With a Suburban Counterterrorist By Jack Hitt 10.23.07 12:00 AM
Subscribe to:
Post Comments (Atom)
"Look," Shannen Rossmiller says, pointing at her computer screen. She's in an online chat room, and the name Terrorist11 has just popped up. "He's one of the more popular guys."
ReplyDeleteTo get here, she signed onto alfirdaws.org. Then she clicked into the Paradise Jihadist Supporters Forum. The site is in Arabic, so she turns on the basic Google text translator that renders the discussion into clumsy phrases.
"Take a charge with caution," warns one jihadist posting, "this thread is monitored." Meanwhile, Terrorist11 is praising the 2004 Madrid train bombings and posting videos of the dead for other jihadist wannabes to enjoy. Old news, terrorism-wise. Rossmiller flips her blond hair. She looks bored. "They are just flaming, ranting and raving," she says. "Do you want to see some blood and guts? Let's go find it."
In her small, one-chair home office in Montana, I sit beside Rossmiller on a little tiled table normally reserved for a lamp. Outside, the vistas stretch across Big Sky Country to the Elk Horn Ridge Mountains. Inside, Rossmiller shows me what she does as perhaps America's most accomplished amateur terrorist hunter.
We're monitoring jihadist chatter, and she has warned me that we're not likely to come across anything too dangerous. Home-brew cyber-counterterrorism, it turns out, is a lot like most police work — weeks of tedious beat patrols punctuated by occasional bursts of excitement. And the section of the Internet populated by terrorists is a lot like the rest of the Internet — only instead of commenting on, say, a video of 1,500 prison inmates performing Michael Jackson's "Thriller," everyone's chatting about the death of Americans.
Rossmiller hopes to find some people discussing an actual upcoming plot and then join the conversation. But it's mostly just idle banter today. We come upon a thread in which participants are discussing a Baghdad sniper who has been killing US soldiers. "They call him Juba," Rossmiller says. She suspects there isn't a single sniper but rather a cell, and that the thread is designed to create an identity for Juba, a hero who might attract others to the cause.
It's hard for me to pay attention to Rossmiller. I'm distracted by a little GIF that pops up at the end of one person's posts. It's a 1.5-second cartoon of an American GI poking up from the hatch of a tank, getting shot in the head, and slumping over dead. Rossmiller is rushing to the next page, but I ask her to scroll back so I can stare at the clip again. The little GIF's repetition has an adolescent playfulness to it, so loopy and horrifyingly goofy, so Internet-y, I can't stop staring. Hatch, headshot, slump. Hatch, headshot, slump. Hatch, headshot, slump. Hatch, headshot, slump.
Shannen Rossmiller grew up on a Montana wheat farm. She is blond and slim:
When she was a cheerleader in high school, she typically wound up at the top of the human pyramid. Her husband runs a wireless Internet company, and they have three children. After college, she was appointed a local judge in a small Montana town, where she and her family still live and which she'd rather not identify. Although she's happy to talk about what she does, she fears for her safety: She has received phone threats, and her car got shot up once, an incident she attributes directly to her counterterrorism work.
Now 38, Rossmiller spends her weekdays in Helena working in the civil litigation department of the attorney general's office. She gets up at 4 am and does her hunting predawn. On the weekends, she tracks down killers while relaxing in the bosom of her family. Some days she's at the computer when her kids — two young daughters and a son who graduated from high school earlier this year — wake up. "I'll say, ‘You get your own breakfast; there's a Jimmy Dean sausage in the kitchen.' Meanwhile, back in Kurachi... "
She has long had an attraction to criminally deviant minds. In the seventh grade, Rossmiller made a poster for school that explored the "mind of the serial killer," from Vlad the Impaler to Ed Gein, who had a habit of wearing the tanned skins of his victims. Now she can pursue her childhood obsession with a utilitarian twist: She goes right inside the minds of killers, and, if it works out, she catches them.
Rossmiller developed her remarkable talent for chatting up terrorists after September 11, when she started going into online forums and cajoling valuable information from other visitors. She has passed along numerous case files to federal authorities. Her information has led US forces abroad to locate Taliban cells in Afghanistan, discover a renegade stinger-missile merchant in Pakistan, and help another foreign government identify a ring of potential suicide bombers. She has also assisted in nabbing two domestic would-be terrorists and seen them both convicted of felonies: National guardsman Ryan Anderson received five concurrent life sentences, and Michael Reynolds, convicted in July and awaiting sentencing, faces a similar fate.
Timothy Fuhrman, special agent in charge of the FBI's Salt Lake City office, says Rossmiller was "instrumental in the successful outcome of those cases."
Rossmiller succeeds by exploiting a fundamental flaw in al Qaeda's famously decentralized organization. The absence of a strict hierarchy makes it pretty easy for a cunning person to mix among the terrorists. So she poses as a potential al Qaeda soldier looking for like-minded comers. She creates multiple characters and uses her older and more respected personae to invite the new ones into private forums. There are other self-taught counterterrorists like her, but they tend to translate and discuss, lurk and report. Rossmiller works the terrorism boards as if she were playing a complex videogame. Her characters come complete with distinct personalities and detailed biographies that are as richly conceived as any protagonist on an HBO series. She keeps copies of everything, time-stamps files, and takes screenshots. She has an Excel spreadsheet that details the 640 people with whom she has had contact on these boards since 2002.
Rossmiller admits that all this makes for a bit of a weird hobby. But not only has she gotten an amygdala's-eye view of America's adversaries, she may well have pioneered a new form of intelligence-gathering.
Ryan Anderson
Who: Army National Guard tank crew member
Crime: Attempted espionage to help al Qaeda Rossmiller's role: Posing as Abu Khadija, a terrorist operative based in Germany, she befriended Anderson in a Yahoo chat group. He sent her information on US military strategy and defense weaknesses.
Status: Convicted in Washington state, serving life sentence
Michael Reynolds
Who: An aspiring domestic terrorist living in Wilkes-Barre, Pennsylvania
Crime: Aiding al Qaeda, distributing explosives Rossmiller's role: Posing as a terrorist financier named Abu Zeida, she got Reynolds to agree to a rendezvous on a highway. He was met by the FBI instead.
Status: Convicted in Pennsylvania, sentence pending
"Hakim"
Who: Jihadist based in the Middle East
Alleged crime: Planning suicide attack on US forces in Iraq Rossmiller's role: Posing as Abu Musa, a fellow jihadist she created as a financier of terrorist operations, she persuaded Hakim to meet in a public area to make further arrangements.
Status: Apprehended by Middle Eastern intelligence agents
"Rocket Man"
Who: Weapons dealer based in Pakistan
Alleged crime: Trying to sell nine US Stinger missiles Rossmiller's role: Posing as Abu Issa, an operative who claimed to have bombed United Nations facilities in Afghanistan, she got the dealer's contact info and photos of the missiles. She then passed these to the Feds.
Status: Unknown
Like most Americans, Rossmiller woke up on September 11, 2001, and couldn't believe what she was seeing on TV. She could barely get her kids ready for school. At work, the television was on all day, drawing her in. That night, she decided to relax in the family's Jacuzzi. She slipped and fell hard to the ground, knocking her head.
When Rossmiller came to, she had an excruciating hairline fracture in her pelvis. After a stay at the hospital, she spent six weeks in bed at home, flat on her back, watching nonstop cable news about the hunt for Osama bin Laden and the threats from a new kind of terrorism. "The painkillers and the muscle relaxers affect your mentality. You're in a depressed state anyway. I think that contributed a lot to how I got radicalized."
Rossmiller admits to a certain tunnel vision when she decides she's going to master some field of knowledge — her husband, she says, sees her as a kind of idiot savant. Every time she heard a scholar quoted on television, she'd ask her husband to fetch their book. "I bought The Koran for Dummies, and then I bought a Koran." As her health returned, she read textbooks on Arabic, took a nine-week online language course, and began quietly lurking around jihadist Web sites.
"I just clicked around and looked at the pictures," Rossmiller says. At first she was at the mercy of mediocre shareware translators. "The stupid machine would translate sentences like ‘Respect my mustache! I have a happy mustache!'" she says, bursting into a fit of giggles.
But then she started her online courses and bought high-quality translation software. In February 2002, as her Arabic improved and she became more comfortable with her software skills, she wrote herself a goal: "I was going to try to talk to these people as someone not me."
She quickly encountered technical obstacles: For instance, it would be easy for someone to figure out that her email was originating in the US, specifically in Montana. So she invested in a proxy server application, which creates a fake IP address off a known IP server someplace real. That way, Rossmiller could send her email as someone living, say, in Yemen, and anyone closely examining the email header would see that the message did appear to come from Yemen. Rossmiller researched the area she was purporting to be emailing from and learned the neighborhood so she could casually mention a nearby restaurant or mosque, sometimes even the name of a local imam.
Rossmiller registered on several major sites, including arabforum.net. "I just wanted to see if I could post something in Arabic and have them respond. Someone would say a car bomb went off and killed three infidels and praise be Allah. And every Joe was going, ‘Praise be Allah.' So I added a simple greeting and said, ‘Praise be Allah.'" No one outed her, so she decided to add a few words of what she considered to be plausible terrorist chatter.
"I went to bed but couldn't sleep," she says. "So, finally, I went to see if I got a nibble. My thought was that I would get around 10 to 12 replies, but it was a total dud." She squints a bit while admitting this, as if embarrassed that she didn't succeed in her first spin as a terrorist.
She began making her postings more sophisticated, and she started watching overseas news programs on cable TV. She worked references to local events into her messages, and suddenly her postings began to draw comments. And she quickly mastered the rather baroque salutations that open many missives in Islamic culture. For instance, when she first wrote to Ryan Anderson, her character decreed how "Allah is ever forgiving of the faithful and most beneficent and merciful. It is never too late to feel the call of the will of Allah."
Rossmiller took language from Mohammed Atta's favorite poem and included it in some of her flowery posts. She got a lot of hits and replies, so she's been laying down the purple prose ever since. "I would change and tailor it to what I needed," she says. She knew that Arabic communication and speech often quote the Koran, so she would page through it, learning the stories and noting suitable verses. "These are handy little things to adjust for different occasions," she says, "like Hallmark cards for jihad."
In May 2002, Rossmiller saw a post from a man in Pakistan who said he had access to Stinger missiles he wanted to sell. She wrote back to the person she now identifies in her files as Rocket Man, posing as someone interested in purchasing his wares. After a few exchanges, she abruptly threatened to cut off contact unless he provided proof he was who he said he was. "And I'll be gol-danged if a few days later, a nice little zip file appears with pictures of him sitting on some crates." The inventory numbers of the Stingers were clearly visible. Rossmiller then realized that her hobby had turned into something that needed attention from the FBI.
Rossmiller put a file together and drove to the FBI office in Great Falls, about an hour away from her home. But she wound up just circling the building and never going in. "I chickened out," she says. "I thought they'd lock me up. So I put all the information into little digital files and sent them to the FBI tip line." She included her name, social security number, educational background, and a note saying, "I am not a crazy person." Within a week, she got a phone call from the FBI Joint Terrorism Task Force in New Jersey, and the Feds began working on the case. She later learned that the inventory numbers matched those on Stingers the US had supplied to the mujahideen — likely remnants of their war against the Soviets in 1980s.
She caught her next big break a year later when she was poking around a Yahoo chat group called bravemuslims . Mostly she had been watching and listening, learning the styles and attitudes that marked the conversations at these sites. One day she saw a post from someone named Amir Abdul-Rashid who wrote a garbled Arabic greeting, "Wa salaam alaaykum," and then went on in English: "Just curious, would there be any chance a brother who might be on the wrong side at the present, could join up... defect so to speak?"
Rossmiller wrote back as Abu Khadija, email address khadija1417@hotmail.com, to say that she was organizing some training camps in Pakistan and noted firmly, "To receive an order, contact me." And the guy did. Pretty soon, it became obvious to Rossmiller that he was an American. He asked to write in English and confided that he was "due to enter the war zone" and "unfortunately due to my position, I will be bearing the arms of the enemy."
Rossmiller realized he was an American soldier and saw that his IP address put him in Washington state. After a few more back-and-forths, she learned his real name was Ryan Anderson and that he was a tank crew member in the Army National Guard, destined to ship out for Iraq soon.
Many of Anderson's emails with Rossmiller were full of chatty banter, the kind people use when they're thrilled with a new online friend — except that every once in a while, he would throw in riffs about killing Americans or Arabs. But he would also offer upbeat raves about his fellow soldiers. In one email he cheerfully describes his commanding officer as "a really cool guy, and a vet of a couple of other deployments including Gulf War I." Later he flattered Khadija by describing how tough terrorists are and how they are "a real Alliance of Evil like our C in C says... (yes, I still like George Bush, even though he's sending us there, he's the guy I voted for, and I'll probably vote for him again... )."
For weeks, Rossmiller, posing as Khadija, had regular exchanges with Anderson. In notes replete with emoticons, Anderson told her that he would be going to Iraq. This was a time when few knew how the US military intended to station itself in Iraq, and yet he explained that his exact destination would be "Baghdad proper — something my CO called the ‘Green Zone,' we're not supposed to talk about it to the newspapers for some reason but I guess family and friends are OK, so I'm not too worried about telling you :)."
Anderson wrote that he got "a copy of the Qur'an" for his PDA and then became "so conflicted about all this." He continued, "What am I to do if I must fire on someone attacking me when I wish I was with them?"
As he prepared to ship out, he wrote, "Our oppertunities are coming to an end." And, indeed, they did — with his arrest on charges of attempted espionage and trying to aid the enemy. When Rossmiller was summoned to the witness stand of a military court in Fort Lewis, Washington, she described publicly for the first time her methods and techniques. She explained how difficult some of this work was — she trawled through sites for a year and a half before coming upon Anderson. She also described how easily she could gain certain types of information, like how she had typed Anderson's email address into Google and quickly discovered not only her contact's name but also his Army email address, as well as menacing pictures of him clutching rifles and handguns.
After her testimony, Rossmiller says, the FBI made her an intelligence asset. She now has a contact at the Great Falls FBI field office, an agent named Mark Seyler. His boss, Timothy Fuhrman, would not comment on Rossmiller's claim that she has sent the FBI more than 200 of her "packages"
since 2002, saying that he would rather keep the details of her intelligence role restricted to what is already on the public record. He did say that "we can always learn from her."
In fact, it's distinctly possible that Rossmiller, alone at her computer, has a better track record than the Justice Department. A Washington Post analysis in 2005 of the 400-plus people charged with terrorism-related crimes by the federal government found that only 14 of those convicted actually had any ties at all to al Qaeda or its network. Rossmiller's cases have come with solid backup, while the feeble evidence in the other high-profile Justice Department cases makes many prosecutors roll their eyes. Consider the seven Miami men arrested in the summer of 2006 and hyped as desiring to wage a "ground war" against the US and intending to blow up the Sears Tower in Chicago. They turned out to be a bunch of trash-talking blowhards whose plans were formulated while smoking pot in an empty warehouse. In contrast, the man Rossmiller most recently implicated — Michael Reynolds — had prepared meticulous plans to blow up pipelines and was shopping online for used gas trucks to implement his plot. The Pennsylvania resident was arrested after traveling 2,000 miles to southern Idaho, lured by Rossmiller into a supposed meeting with a financial backer.
"When I was in the White House and doing terrorism, the holy grail was ‘actionable intelligence,' and she brings a form of actionable intelligence," says Roger Cressey, a White House counterterrorism official in both the Clinton and George W. Bush administrations. (He learned of Rossmiller after he left the government.) The FBI, on the other hand, has failed in every attempt to modernize its technology since 2001, and it so restricts the software available to agents that they can't even begin to match what Rossmiller does. "The FBI is a dinosaur in many respects," says Cressey.
Rossmiller agrees. "I went to a meeting in Great Falls, and we got to talking, and someone had to look something up online," she says. "I asked, ‘What do you use for Internet access?' and one agent said, ‘We have to go to the public library down the street.'"
She also tells a story about another agent who had to get permission to open a Yahoo account because it violated office regs. "They weren't allowed," she says.
Some of Rossmiller's tactics are taken straight from the hacker playbook.
For instance, on several occasions she has sent individuals in foreign countries images altered to conceal, say, a keylogger that uploads everything the recipient types, including passwords. One key logger recipient was a Middle Eastern journalist who had been a known contact of al Qaeda members. Rossmiller passed along the information she got to government officials.
But many of Rossmiller's most innovative techniques are shockingly simple.
To get a good ID of some of her targets, she bullies them into filling out an oath of allegiance known as a bayat. Her bayat is hilariously blunt. Here are the first few lines translated:
Oath of Allegiance to the Jihad
My legal name is...
The son of...
My family's tribe...
My country...
The contact information for the leadership for my family If it is Allah's will I become a martyr in the cause of Jihad my family members shall be contacted...
Early computer hackers did this, too. Despite their reputations for technical wizardry, much of the information they obtained was procured through "social engineering" — calling up people and bullshitting them out of their login names and passwords. To succeed at social engineering, you must maintain a strong dominant character, and Rossmiller is quite good at this. The most important strategy, she says, is attitude: A true terrorist has to possess a certain kind of haughtiness. Not anger or even belligerence but a subtle pushiness, even mild disdain for other jihadists.
"If I'm posing as a courier, financier, or recruiter, I try to take the upper hand," she says. "A lot of times there will be talk about a private forum. I'd message someone and take a demanding tone. ‘What is this? Why didn't I know about this?' I always take a demanding tone, and usually there's some little Joe who will give me an invite."
Then, once in private contact with someone, she will chastise them for talking too much in public. She'll often propose a method for private communication, such as sending notes as text in an online greeting card (which is hard to search or scan for).
Once a kind of bare trust is established, she will, like a good con artist, push her mark away, refusing him, telling him he's not worth her time. Then he will come right back, often with surprising offerings of information to prove that he is the real thing. "If they could see me, little blond me, they'd go crazy," she says in a burst of hearty laughter.
Much of Rossmiller's success can be credited to her understanding that the chattiness and chumminess that often cinches digital friendships applies in terrorist chat rooms just as it does in Yahoo Nascar forums. This skill was on display when she struck up an online correspondence with a jihadist in the Middle East named "Hakim" (for Rossmiller's protection, his name has been changed).
On this mission, Rossmiller assumed the identity of a particularly murderous terrorist known as Abu Musa. She befriended Hakim, who lived in a country bordering Iraq and was looking to travel there, possibly for martyrdom, with 10 other people. The talk quickly turned to personal travails, and soon Hakim was complaining about the biggest obstacle to his desired glory as a
martyr: his mother. Hakim, it turned out, lived alone with her, and, because of that, was having trouble finding the time to go fight in Iraq. "I am trying to send her to live with a brother of mine who lives in a country close by," he wrote, "if Allah will." (The cliché of the reactionary blogger as angry vigilante plotting schemes from his mother's basement appears to be
universal.)
Hakim seemed to be a big fan of orotund flourishes, and Rossmiller happily indulged him. "Brother in Allah... I still pray to Allah that my message arrives to you and you are in the more perfect of the health and the good health and protected from the eyes of the spies and polytheists and the cross slaves," she wrote him in Arabic. Hakim also happily filled out the bayat form, giving Rossmiller all his real data, including address and phone numbers.
As usual, Rossmiller, aka Abu Musa, bragged about participating in events at which her presence couldn't easily be corroborated (such as fighting in Fallujah a few weeks before). But then Abu Musa made a mistake: He told Hakim he was located in a village that turned out to be just a cab ride away from Hakim, who then wanted to visit. Rossmiller had already alerted her contact in the federal government about Hakim. Now, this contact explained, he needed her to play for time while he contacted local authorities.
Suddenly Abu Musa found himself summoned to Syria for an important mission.
When Abu Musa returned after a week, Hakim was briefly suspicious but then returned to being chatty and revved up for jihad. Abu Musa had ordered him to create a new email account and a new password so they could be safe. "And he's a good boy," Rossmiller says. "Here, he's made an email account. I love the password. 123456." Soon, Hakim is comfortable enough to tell Abu Musa that he and his friends are ready to go to Iraq and that he needs some ingredients for a bomb .
This email is amazingly long, detailed, revealing, and inadvertently funny.
Sure, he'd need "1000 sulfur Match sticks," potassium nitrate, acetone, glycerin, and potassium permanganate. But he also wanted a food processor, a fan, a hair dryer, two cell phones, a remote control, a knife, and Scotch tape. Abu Musa agrees to send a contact to meet in the public area of an upscale neighborhood, and Hakim gives specific details as to his dress and appearance. Hakim is hopeful, praying for "Allah's mercy and its blessings and pray to Allah that it keeps us and protects us from the cunning of the enemies." And then, his last words: "We meet on our date God willing."
"All I know," Rossmiller says, "is that he showed up, and it played out to script." He led his new contact to a warehouse where the other brothers were training. The local authorities took over from there.
Rossmiller jokes that she's needed to become twisted herself to deal with all the beheading videos she's had to watch. But after a few days of hanging around her, it's clear that she's not in the least bit abnormal. Her gallows humor is just a way of dealing with the world she lives in. (Imagine the kind of jokes you'd have to tell yourself if the hookers and chop-shop thugs in your Grand Theft Auto game were real.) In fact, her main motivation seems to be literary. She really loves creating these characters and playing them.
She cares for them on some level, the way a novelist might. She keeps files on them. She clips pictures off the Internet to give them faces. She gives each a birthday, a hometown, and a biography to make them believable to the people she chats with.
"Do you want to see Abu Musa?" she asks me suddenly, as if he were hiding in the closet. She clicks on some files and up comes a picture of a fairly dashing man with a pair of hip glasses and one of those jaw-defining beards.
He's wearing a fashionable kafia around his neck, and his posture is catalog-ready. Of course, Abu Musa is his jihadi name. His "real" name is Walid Ali Mustaffa.
She scrolls through his biography. On December 17, 2003, Abu Musa was involved in a truck explosion that killed nearly 30 people outside the Mount Lebannon Hotel in Baghdad.
"Those are real events," says Rossmiller, who has, of course, extensively researched the explosion. "He could have been involved in that."
Not long after his interactions with Hakim, Abu Musa was martyred by Rossmiller. "Abu Musa had been used enough," she says, pointing at the screen. "Here's the last one," she says. "An insurgent gun battle in Ramadi.
August 21, 2005. That's when he dies." Rossmiller is serious, almost solemn.
"I have a hard time letting go of these guys, because I kinda become them.
When you develop a personality, you essentially morph into it. It's hard to let it go. He's the one I cried the most for."