By Peter GraffReuters
August 7, 2004
The revelation that a mole within al Qaeda was exposed after Washington launched its "orange alert" this month has shocked security experts, who say the outing of the source may have set back the war on terror. Reuters learned from Pakistani intelligence sources on Friday that computer expert Mohammad Naeem Noor Khan, arrested secretly in July, was working under cover to help the authorities track down al Qaeda militants in Britain and the United States when his name appeared in U.S. newspapers.
"After his capture he admitted being an al Qaeda member and agreed to send e-mails to his contacts," a Pakistani intelligence source told Reuters. "He sent encoded e-mails and received encoded replies. He's a great hacker and even the U.S. agents said he was a computer whiz."
Last Sunday, U.S. officials told reporters that someone held secretly by Pakistan was the source of the bulk of the information justifying the alert. The New York Times obtained Khan's name independently, and U.S. officials confirmed it when it appeared in the paper the next morning. None of those reports mentioned at the time that Khan had been under cover helping the authorities catch al Qaeda suspects, and that his value in that regard was destroyed by making his name public.
A day later, Britain hastily rounded up terrorism suspects, some of whom are believed to have been in contact with Khan while he was under cover. Washington has portrayed those arrests as a major success, saying one of the suspects, named Abu Musa al-Hindi or Abu Eissa al-Hindi, was a senior al Qaeda figure. But British police have acknowledged the raids were carried out in a rush. Suspects were dragged out of shops in daylight and caught in a high speed car chase, instead of the usual procedure of catching them at home in the early morning while they can offer less resistance.
"HOLY GRAIL" OF INTELLIGENCE
Security experts contacted by Reuters said they were shocked by the revelations that the source whose information led to the alert was identified within days, and that U.S. officials had confirmed his name.
"The whole thing smacks of either incompetence or worse," said Tim Ripley, a security expert who writes for Jane's Defense publications. "You have to ask: what are they doing compromising a deep mole within al Qaeda, when it's so difficult to get these guys in there in the first place?
"It goes against all the rules of counter-espionage, counter-terrorism, running agents and so forth. It's not exactly cloak and dagger undercover work if it's on the front pages every time there's a development, is it?"
A source such as Khan -- cooperating with the authorities while staying in active contact with trusting al Qaeda agents -- would be among the most prized assets imaginable, he said. "Running agents within a terrorist organization is the Holy Grail of intelligence agencies. And to have it blown is a major setback which negates months and years of work, which may be difficult to recover."
Rolf Tophoven, head of the Institute for Terrorism Research and Security Policy in Essen, Germany, said allowing Khan's name to become public was "very unclever."
"If it is correct, then I would say its another debacle of the American intelligence community. Maybe other serious sources could have been detected or guys could have been captured in the future" if Khan's identity had been protected, he said.
Britain, which has dealt with Irish bombing campaigns for decades, has a policy of announcing security alerts only under narrow circumstances, when authorities have specific advice they can give the public to take action that will make them safer.
Home Secretary David Blunkett, responsible for Britain's anti-terrorism policy, said in a statement on Friday there was "a difference between alerting the public to a specific threat and alarming people unnecessarily by passing on information indiscriminately."
Kevin Rosser, security expert at the London-based consultancy Control Risks Group, said an inherent risk in public alerts is that secret sources will be compromised. "When these public announcements are made they have to be supported with some evidence, and in addition to creating public anxiety and fatigue you can risk revealing sources and methods of sensitive operations," he said.
In the case of last week's U.S. alerts, officials said they had ordered tighter security on a number of financial sites in New York, Washington and New Jersey because Khan possessed reports showing al Qaeda agents had studied the buildings.
Although the casing reports were mostly several years old, U.S. officials said they acted urgently because of separate intelligence suggesting an increased likelihood of attacks in the runup to the presidential election in November. U.S. officials now say Hindi, one of the suspects arrested after Khan's name was compromised, may have been the head of the team that cased those buildings. But the Pakistani disclosure that Khan was under cover suggests that the cell had been infiltrated, and was under surveillance at the time Washington ordered the orange alert.
The security experts said that under such circumstances it would be extraordinary to issue a public warning, because of the risk of tipping off the cell that it had been compromised.
(Additional reporting by Mark Trevelyan in Berlin)