http://www.nytimes.com/2004/03/04/international/europe/04PHON.html [This story has no information security content, but definately an interesting read nevertheless. - WK] By DON VAN NATTA Jr. and DESMOND BUTLER Published: March 4, 2004 LONDON - The terrorism investigation code-named Mont Blanc began almost by accident in April 2002, when authorities intercepted a cellphone call that lasted less than a minute and involved not a single word of conversation. Investigators, suspicious that the call was a signal between terrorists, followed the trail first to one terror suspect, then to others, and eventually to terror cells on three continents. What tied them together was a computer chip smaller than a fingernail. But before the investigation wound down in recent weeks, its global net caught dozens of suspected Qaeda members and disrupted at least three planned attacks in Saudi Arabia and Indonesia, according to counterterrorism and intelligence officials in Europe and the United States. The investigation helped narrow the search for one of the most wanted men in the world, Khalid Shaikh Mohammed, who is accused of being the mastermind of the Sept. 11 attacks, according to three intelligence officials based in Europe. American authorities arrested Mr. Mohammed in Pakistan last March. For two years, investigators now say, they were able to track the conversations and movements of several Qaeda leaders and dozens of operatives after determining that the suspects favored a particular brand of cellphone chip. The chips carry prepaid minutes and allow phone use around the world. Investigators said they believed that the chips, made by Swisscom of Switzerland, were popular with terrorists because they could buy the chips without giving their names. "They thought these phones protected their anonymity, but they didn't," said a senior intelligence official based in Europe. Even without personal information, the authorities were able to conduct routine monitoring of phone conversations. A half dozen senior officials in the United States and Europe agreed to talk in detail about the previously undisclosed investigation because, they said, it was completed. They also said they had strong indications that terror suspects, alert to the phones' vulnerability, had largely abandoned them for important communications and instead were using e-mail, Internet phone calls and hand-delivered messages. "This was one of the most effective tools we had to locate Al Qaeda," said a senior counterterrorism official in Europe. "The perception of anonymity may have lulled them into a false sense of security. We now believe that Al Qaeda has figured out that we were monitoring them through these phones." The officials called the operation one of the most successful investigations since Sept. 11, 2001, and an example of unusual cooperation between agencies in different countries. Led by the Swiss, the investigation involved agents from more than a dozen countries, including the United States, Pakistan, Saudi Arabia, Germany, Britain and Italy. Cellphones have played a major role in the constant jousting between terrorists and intelligence agencies. In their requests for more investigative powers, Attorney General John Ashcroft and other officials have repeatedly cited the importance of monitoring portable phones. Each success by investigators seems to drive terrorists either to more advanced - or to more primitive - communications. During the American bombing of Tora Bora in Afghanistan in December 2001, American authorities reported hearing Osama bin Laden speaking to his associates on a satellite phone. Since then, Mr. bin Laden has communicated with handwritten messages delivered by trusted couriers, officials said. In 2002 the German authorities broke up a cell after monitoring calls by Abu Musab al-Zarqawi, who has been linked by some top American officials to Al Qaeda, in which he could be heard ordering attacks on Jewish targets in Germany. Since then, investigators say, Mr. Zarqawi has been more cautious. "If you beat terrorists over the head enough, they learn," said Col. Nick Pratt, a counterterrorism expert and professor at the George C. Marshall European Center for Security Studies in Garmisch-Partenkirchen, Germany. "They are smart." Officials say that on the rare occasion when operatives still use mobile phones, they keep the calls brief and use code words. "They know we are on to them and they keep evolving and using new methods, and we keep finding ways to make life miserable for them," said a senior Saudi official. "In many ways, it's like a cat-and-mouse game." Some Qaeda lieutenants used cellphones only to arrange a conversation on a more secure telephone. It was one such brief cellphone call that set off the Mont Blanc investigation. The call was placed on April 11, 2002, by Christian Ganczarski, a 36-year-old Polish-born German Muslim whom the German authorities suspected was a member of Al Qaeda. From Germany, Mr. Ganczarski called Khalid Shaikh Mohammed, said to be Al Qaeda's military commander, who was running operations at the time from a safe house in Karachi, Pakistan, according to two officials involved in the investigation. The two men did not speak during the call, counterterrorism officials said. Instead, the call was intended to alert Mr. Mohammed of a Qaeda suicide bombing mission at a synagogue in Tunisia, which took place that day, according to two senior officials. The attack killed 21 people, mostly German tourists. Through electronic surveillance, the German authorities traced the call to Mr. Mohammed's Swisscom cellphone, but at first they did not know it belonged to him. Two weeks after the Tunisian bombing, the German police searched Mr. Ganczarski's house and found a log of his many numbers, including one in Pakistan that was eventually traced to Mr. Mohammed. The German police had been monitoring Mr. Ganczarski because he had been seen in the company of militants at a mosque in Duisburg, and last June the French police arrested him in Paris. Mr. Mohammed's cellphone number, and many others, were given to the Swiss authorities for further investigation. By checking Swisscom's records, Swiss officials discovered that many other Qaeda suspects used the Swisscom chips, known as Subscriber Identity Module cards, which allow phones to connect to cellular networks. For months the Swiss, working closely with counterparts in the United States and Pakistan, used this information in an effort to track Mr. Mohammed's movements inside Pakistan. By monitoring the cellphone traffic, they were able to get a fix on Mr. Mohammed, but the investigators did not know his specific location, officials said. Once Swiss agents had established that Mr. Mohammed was in Karachi, the American and Pakistani security services took over the hunt with the aid of technology at the United States National Security Agency, said two senior European intelligence officials. But it took months for them to actually find Mr. Mohammed "because he wasn't always using that phone," an official said. "He had many, many other phones." Mr. Mohammed was a victim of his own sloppiness, said a senior European intelligence official. He was meticulous about changing cellphones, but apparently he kept using the same SIM card. In the end, the authorities were led directly to Mr. Mohammed by a C.I.A. spy, the director of central intelligence, George J. Tenet, said in a speech last month. A senior American intelligence official said this week that the capture of Mr. Mohammed "was entirely the result of excellent human operations." When Swiss and other European officials heard that American agents had captured Mr. Mohammed last March, "we opened a big bottle of Champagne," a senior intelligence official said. Among Mr. Mohammed's belongings, the authorities seized computers, cellphones and a personal phone book that contained hundreds of numbers. Tracing those numbers led investigators to as many as 6,000 phone numbers, which amounted to a virtual road map of Al Qaeda's operations, officials said. The authorities noticed that many of Mr. Mohammed's communications were with operatives in Indonesia and Saudi Arabia. Last April, using the phone numbers, officials in Jakarta broke up a terror cell connected to Mr. Mohammed, officials said. After the suicide bombings of three housing compounds in Riyadh, Saudi Arabia, on May 12, the Saudi authorities used the phone numbers to track down two "live sleeper cells." Some members were killed in shootouts with the authorities; others were arrested. Meanwhile, the Swiss had used Mr. Mohammed's phone list to begin monitoring the communications and activities of nearly two dozen of his associates. "Huge resources were devoted to this," a senior official said. "Many countries were constantly doing surveillance, monitoring the chatter." Investigators were particularly alarmed by one call they overheard last June. The message: "The big guy is coming. He will be here soon." An official familiar with the calls said, "We did not know who he was, but there was a lot of chatter." Whoever "the big guy" was, the authorities had his number. A Swisscom chip was in the phone. "Then we waited and waited, and we were increasingly anxious and worried because we didn't know who it was or what he had intended to do," an official said. But in July, the man believed to be "the big guy," Abdullah Oweis, who was born in Saudi Arabia, was arrested in Qatar. "He is one of those people able to move within Western societies and to help the mujahedeen, who have lesser experience," an official said. "He was at the very center of the Al Qaeda hierarchy. He was a major facilitator." In January, the operation led to the arrests of eight people accused of being members of a Qaeda logistical cell in Switzerland. Some are suspected of helping with the suicide bombings of the housing compounds in Riyadh, which killed 35 people, including 8 Americans. Later, European authorities discovered that Mr. Mohammed had contacted a company in Geneva that sells Swisscom phone cards. Investigators said he ordered the cards in bulk. The Mont Blanc inquiry has wound down, although investigators are still monitoring the communications of a few people. Christian Neuhaus, a spokesman for Swisscom, confirmed that the company had cooperated with the inquiry, but declined to comment. Last year, Switzerland's legislature passed a law making it illegal to purchase cellphone chips without providing personal information, following testimony from a Swiss federal prosecutor, Claude Nicati, that the Swisscom cards had become popular with Qaeda operatives. The law goes into effect on July 1. One senior official said the authorities were grateful that Qaeda members were so loyal to Swisscom. Another official agreed: "They'd switch phones but use the same cards. The people were stupid enough to use the same cards all of the time. It was a very good thing for us." - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Mar 04 2004 - 05:24:07 PST