An unidentified individual posted terrorist propaganda onto the Web in March using an Internet connection at GW. Since officials did not learn of the situation until July, they were unable to track the user.
The individual used a laptop to illegally obtain GW Internet access and create a makeshift file-transfer protocol, which is used to transfer files onto the Web. The individual used the FTP to put al-Qaida-related files onto a Web site for a “short period of time,” wrote Kerry Washburn, director of administrative applications at GW, in an e-mail.
Washburn said the University discovered the problem in July when Laura Mansfield of the Northeast Intelligence Network, a group in Pennsylvania that tracks terrorist activity on the Internet, noticed the pact. With GW’s Internet connection, a user known as both “Terrorist 007” and “irhabi007” had illegally posted terrorist materials that were similar to files found on a server operated by the Arkansas Highway and Transportation Department.
Officials at Northeast Intelligence did not return e-mails from The Hatchet last week.
According to The Washington Post, the files hosted on the Arkansas agency’s Web site featured videos of “Osama bin Laden, Islamic jihadist anthems and terrorist speeches.” Washburn said she had no details about the content of the videos that were posted using a GW connection.
In July, Mansfield told The Post that she had been tracking “Terrorist 007’s” activity since February. His Arabic postings, she said, showed signs of being run through a translator and “Terrorist 007” admitted online that he does not speak Arabic.
Several media outlets, including The Post and The New Yorker, erroneously reported that GW sites were hacked to host the files, University officials said. The unknown individual did not use GW sites, officials said, but merely used a University Internet connection.
Laptop users can access the Internet at numerous GW locations, including Gelman Library and the Marvin Center.
Washburn said Information Systems and Services contacted Mansfield and Northeast Intelligence Network about the incident after seeing The Post’s article. Since ISS was not notified of the incident until months after it occurred, Washburn said, its ability to track the Internet user was undermined.
“GW was not notified until July, and at that time it was too late to ascertain how the individual got the access,” Washburn said.?”If we had been notified within a month then we would have been in a much better position to track down details about what happened.”
She also said GW has been unable to identify the laptop user using an Internet Protocol address, a number assigned to each computer.
“The computer IP address that was cited was not being used at the time we were notified, and the last known computer using that address does not show up on our campus network,” she said.
Washburn said that as part of a series of improvements unrelated to the incident, the University has installed additional Internet security measures, including intrusion detection equipment.
“GW is now able to detect this type of compromise much more quickly than before,” she said.
