A new report documents how extremist groups’ use of secure digital tools software has evolved.
“I don’t think that there are too many [makers of encrypted communication tools who] can say that bad guys don’t use their stuff, accurately,” NSA deputy director Richard Ledgett said during the recent Defense One Tech Summit, describing ISIS’ use of various messaging services and platforms to communicate and distribute propaganda. A new report from cybersecurity group Flashpoint makes an attempt to catalog the digital tools in common use by jihadists, and when they started using them.
Here’s the shortlist:
Tor: Developed by the U.S. Naval Research Laboratory in the 1990s to help installations and military units keep contact during a global conflict, TOR anonymizes connections to the internet, making it harder for snoops to know who is visiting a given site. Throughout the last decade, “Tor’s popularity grew sharply within jihadist Deep and Dark Web forums,” the Flashpoint reports says.
In 2012, the Snowden revelations showed that the NSA could snoop on TOR traffic with a program called XKEYSCORE. In 2014, the German news service Tagesschau poked aroundTOR’s source code and found that the NSA was watching nineTOR servers that allowed it to do deep packet inspection on basically anyone accessing TOR outside of Australia, Britain, Canada, New Zealand, and the United States (the so-called Five Eyes surveillance partners).
Extremist groups have also begun using virtual private networks, or VPNs, which encrypt traffic between computers. As early as 2012, Al Qaeda was discussing the use of the free CyberGhostVPN, the report notes. But today’s savvy suicide bomber is likely to go in for a paid subscription to a better VPN service. “Some safer VPNs require monthly subscription,” the Pro-ISIS United Cyber Caliphate wrote earlier this year, warning loyalists to stay away from cheap VPNs.
Secure messaging apps, such as Telegram, and other services are proliferating and getting easier to use every day. “It used to be that you had to be pretty technically astute to use encryption on a device or for personal communications,” Leggett said. “That’s become very user friendly, very easy to use and now very unsophisticated actors can install very high-grade encryption on their devices, so ISIL, like many other targets, use that to hide their activities from us.”
Read the Remainder at Defense One