Internet Domain Names May Have Warned of Attacks
By Jeff Johnson
CNSNews.com Congressional Bureau Chief
September 19, 2001

(CNSNews.com) - The terrorists who planned and executed the September 11 attack on America may have registered as many as 20 Internet domain names, or web addresses, that experts believe should have warned authorities of a possible assault on the World Trade Center in New York City.

Internet domain names like 'attackontwintowers.com' and 'worldtradetowerattack.com' were registered more than a year ago. It's not known at this time who registered the suspicious names or what their purpose was.

"It's unbelievable that they (the registration company) would register these domain names, probably without any comment to the FBI," according to Neil Livingstone, head of Global Options LLC, a Washington, D.C.-based counter-terrorism and investigation company.

"If they did make a comment to the FBI, it's unbelievable that the FBI didn't react to it," he added.

A spokeswoman in the FBI press office would only say that the agency will not comment on its investigation into the attacks.

According to Livingstone, at least 17 domain names, including 'pearlharborinmanhattan.com' and 'worldtradetowerstrike.com,' were registered as early as June 2000, 15 months prior to the attacks.

Two of the domain names contained the dates August 11 and September 29, which Livingstone said may have indicated the window of opportunity during which the attackers planned to strike.

He also dismissed speculation that the domain names were a reference to the bombing of the World Trade Center eight years ago. "You have two other names containing 2001, so there's no confusion over the 1993 World Trade Center attack."

To protect his sources, Livingstone would not say with which company the domain names in question were registered. He had no information about the identity of the person or people who registered the names.

A domain name search Tuesday indicated that hundreds of web addresses containing references to the terrorist attacks were registered in the past week, and four of the older domain names provided by Livingstone have already been re-registered.

Domain name registrants are required to use a credit card for payment, and must provide administrative, technical, and billing contact information.

That information, except the credit card data, is available to the public as long as the registration is kept current.

Livingstone indicated that the required use of a credit card should mean that authorities would at least have a starting point to investigate the registrant.

"This is something that someone should have noticed," he said, "but privacy issues probably kept it from being noticed."

Telephone calls to several domain name registration companies Tuesday were not returned.

The website for Network Solutions, the world's largest domain name registrar, included a privacy statement indicative of industry standards regarding confidentiality: "We will not share such information with other third parties, except in response to formal requests (e.g., subpoena or court order) made in connection with litigation or arbitration proceedings directly relating to a domain name registration or other services we provide."

Former CIA Director James Woolsey said current laws make it difficult for the FBI to get a warrant for electronic surveillance and wiretaps, or to recruit informants based on actions such as registering threatening domain names.

"There would not be enough material that is close enough to a specific crime for an investigation to be opened," Woolsey said.

But Livingstone believes authorities should have the right to investigate inflammatory rhetoric, even something as simple as the registration of a web address that might indicate criminal intent.

"Something like this ought to come to our attention, and we ought to investigate whether you do intend to act on it, or whether you're just a nut case out there who's just venting," he said.

The attackers might have been planning a propaganda campaign following the attacks, according to Livingstone. "Maybe their success was so overwhelming that they didn't need to use this," he said. "Or they may have decided it was too dangerous to do."

Domain names on the list provided to Livingstone by an industry insider included:

"attackamerica.com,"
"attackonamerica.com,"
"attackontwintowers.com,"
"august11horror.com,"
"august11terror.com"
"horrorinamerica.com,"
"horrorinnewyork.com,"
"nycterroriststrike.com,"
"pearlharborinmanhattan.com,"
"terrorattack2001.com,"
"towerofhorror.com,"
"tradetowerstrike.com,"
"worldtradecenter929.com,"
"worldtradecenterbombs.com,"
"worldtradetowerattack.com,"
"worldtradetowerstrike.com,"
"wterroristattack2001.com."