Government to Seek Terrorists in World of Warcraft: The Full Proposal - Via Threat Level:

Loyal readers might remember that the government's spooks are working on software that can spot terrorists lurking in massive, multi-player games, something it dubs the Reynard Project.

THREAT LEVEL just got a copy of the November 2007 proposal for the cutting edge Intelligence Advanced Research Projects Activity (IARPA).  

In it, Dr. Rita Bush and Kenneth Kisiel from the Disruptive Technology Office cite the current advantages of terrorism in the online world -- anonymity, covert communication channels and the ease of information warfare -- as reason to start studying multi-player games and virtual worlds like Second Life and World of Warcraft. 

The proposal opens with a scenario of what would happen if the nation's intelligence community failed to get a head start:

I had been following the Recruiter through this virtual world for several weeks now and was finally able to catch him in the act of soliciting a new recruit. It took some quick thinking and shape shifting but I was able to follow the new recruit to a primitive training island and watched while he was given some rudimentary instructions. In the meantime, I relayed this new information back to the Intelligence Analysis Center and requested background information on the new recruit. 

As I watched the team approach the gate, the requested information appeared in floating billboards (that only I could see) next to each soldier. The information was not good. I have once again been investigating kids who have been trying unsuccessfully for many months to get into this base when I should have been looking for actual terrorists. There has to be a better way of telling them apart.

The rest of the proposal describes the history of online gaming and virtual worlds, describes cyber terrorism as the imminent apocalypse and then speculates on how terrorists will soon be using virtual worlds to train for terrorism in the real world.

That's why Reynard project is necessary:

The virtual world is rapidly evolving into a close representation of the real world with all the opportunities and consequences of the real world. However, there may be many things possible in the virtual world that can’t be done in the real world. Our challenge is to figure out what these actions are before our adversaries. To do this, we need to be able to recognize the behavior of a real threat and exploit the information that is available to us in the virtual world.  

As our adversaries continue to expand their presence and use of virtual environments, we need to keep pace and possibly leapfrog their abilities; else, we will miss the indicators for the next attack. 

I for one welcome our Second Life overlords.

Also it turns out that Robert O'Harrow at the Washington Post had this story and this document weeks before I did..

Proposal to study virtual world terrorism (.pdf) 

Photo: CyberExtruder HT: Anonymous

Covert Communication. Communication is the key to coordinating attacks. Keeping these communications private is key to not being caught. Virutal environments provide many opportunities to exchange messages in the clear without drawing  unnecessary attention. Additionally, there are many private channels that can be employed to exchange secret messages. 

Training/Rehearsal. What was once the exclusive domain of the military and law enforcement, the virtual world now provides a high fidelity near-real environment for mission rehearsal for amateurs and professional alike.

Money transfer/laundering.  Money launderers can now move illicit cash through the growing number of virtual reality role- playing games, and convert that cash into real currency before withdrawing it. This is now a potential money  laundering problem,  as one can set up an account, send in identification, such as a bogus drivers' license and altered utility  receipts, fund the account with the proceeds of crime, and have an associate on the other side of the world withdraw funds as profits, or even as working capital for a criminal enterprise. One even has the option of withdrawing the funds from a financial institution. 

Denial of Service (DOS). A denial-of-service attack is an attempt to make a computer resource unavailable to its intended users. Although the means to, motives for and targets of a DOS attack may vary, it generally comprises the concerted, malevolent efforts of a person or persons to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely.

Perpetrators of DOS attacks typically — but not exclusively — target sites or services hosted on high-profile web servers; a pair of DNS Backbone DOS Attacks, on October 22, 2002 and February 6, 2007, targeted DNS root servers, in an apparent attempt to "disable the Internet" itself by taking away an option of addressing Internet servers by their human-friendly names.

Information warfare. Information warfare is the use and management of information in pursuit of a competitive advantage over an opponent. Information warfare may involve collection of tactical  information, assurance that one's own information is valid, spreading of propaganda or disinformation to demoralize the enemy and the public, undermining the quality of opposing force information and denial of information collection opportunities to opposing forces.

These threats are just the ones we know about. What additional things are possible in the virtual world that  cannot be done in the real world?  The IC needs to “red team” some possible scenarios of use.

(Read Original Article - Via Threat Level.)