Sunday, August 28, 2016

Tracking Islamic State

Jihadists Launch Tech Magazine Focusing On Cryptography

The cover of the German-language online magazine Kybernetiq
The cover of the German-language online magazine Kybernetiq
By Joanna Paraszczuk

A group of German-speaking jihadists has released the first issue of an online magazine that provides information on encrypted communications and Internet security.

The magazine's release highlights the growing awareness of, and interest in, security and encryption among Islamist militants as a tool to help them operate and spread propaganda undetected.

The jihadists' apparent effort to wring opportunity from the greater availability of encrypted communications platforms could enable them to better evade monitoring by government security services.

The magazine, Kybernetiq, is in German and was released on social media on December 28 by a group that claims on its Twitter account to be "not ISIS," an acronym referring to the Islamic State (IS) group. The group told RFE/RL in a direct message exchange on Twitter that "it is enough for you to know that we aren't from ISIS" but would not say if they had an affiliation with any other militant group.

According to the SITE Intelligence group, which translated extracts from the magazine, Kybernetiq includes an article on how jihadists can protect their identities online. One piece of advice tells would-be militants to avoid applications that have "a mujahid branding," -- i.e., a distinct jihadist identity that would identify them as militants to law enforcement. 

According to SITE, Kybernetiq also recommended that jihadists use Tor or Tails, free software that enables users to surf the Internet anonymously.

Kybernetiq also advised would-be militants to use the Whatsapp or Telegram messaging apps, which have built-in encryption, and praised the GNU Privacy Guard cryptographic software as a "nightmare for intelligence agencies," according to a translation by SITE.

'Security-Aware' Militants

Encrypted platforms like Tor and popular messaging apps like WhatsApp have many desirable uses for the privacy-conscious. They keep user data safe and can allow those living in repressive regimes to communicate without being snooped on, for instance.

But intelligence and law-enforcement agencies have warned that such technologies are also increasingly used by extremists, including IS.

The Twitter page of the German-language online magazine Kybernetiq, released on social media on December 28.The Twitter page of the German-language online magazine Kybernetiq, released on social media on December 28.
The Twitter page of the German-language online magazine Kybernetiq, released on social media on December 28.
The Twitter page of the German-language online magazine Kybernetiq, released on social media on December 28.

Those tracking jihadists' usage of encrypted technology also say the problem is growing.

In recent months, there has been a visible shift by IS militants toward using some of these secure platforms, particularly Telegram, to spread propaganda messages over the web.

A source in the anti-IS Anonymous subgroup GhostSec said that in the past five days alone there has been a surge in the creation of new jihadist chat rooms in Telegram and the hacktivist group is now tracking nearly 300 chat rooms in various languages.

"I feel that their Telegram usage is being overlooked and is a lot more powerful than anyone realizes," the source told RFE/RL.

'Long Tradition'

According to Alex Krasodomski from the Center for the Analysis of Social Media at the London-based think tank Demos, the use of encryption technology by militant groups is not a new phenomenon but part of a "long tradition."

Al-Qaeda released its own encryption software in 2007. (Notably, Kybernetiq advises would-be militants not to use it because it is jihadist-affiliated.)

What is new is the increase in number and availability of apps that use encryption software, many of which -- like messaging apps Telegram and WhatsApp -- can be downloaded for free from the Internet.

So it's not surprising that "wannabe jihadis are early adopters" of such technology, says Krasodomski.

The boom in availability of encrypted communications platforms has raised fears that militants' use of these technologies could pose a serious threat by allowing them to evade monitoring by security services.

In the immediate wake of the November 13 Paris attacks, for which IS claimed responsibility and which killed 130 people, there was speculation that the attackers had used encrypted communications in order to plot and direct the attacks.

But does the increasing use of encrypted communications by jihadists really pose a threat?

Krasodomski points out that, despite the initial fears, signs show the IS networks involved in plotting the Paris attacks used unencrypted technologies -- old-fashioned text messaging -- to communicate.

So laying the blame for the attacks "at the door of cryptography is not the answer," Krasodomski says.

Nevertheless, "encryption is a fact and security services have to have the capability and tools under law to deal with it, that reflect this new reality," says Krasodomski. "But I don't think that [encryption] will paralyze the security services."

It's worth noting that even the authors of Kybernetiq magazine are not convinced that encryption software will make them invulnerable to the security services.

Jihadists should write really important messages down on paper, and these must be "quickly burned," they wrote.

This forum has been closed.
Comment Sorting
by: Neil Nelson from: UT, USA
January 09, 2016 22:02
I expect the common use of keyed locks makes searching for criminal behavior more difficult than otherwise but I doubt anyone would hold against keyed locks because of that argument.
Encryption as we speak of it in this post is a keyed lock on a message. The post notes that some messages can be associated with anti-social behavior and that to maintain the coordination of anti-social behavior in a group against surveilling forces, encrypted messages are used.

The surveilling forces would of course prefer unencrypted messages but encryption is a basic and common communication tool that would be difficult to legislate against and so the surveilling forces will have some portion of encrypted messages to deal with. That proportion is likely much greater since revelation of the NSA excesses, which argues that proper surveillance will likely over time reduce the encrypted proportion. That a particular message is encrypted is easily determined and so this observation can be added to a person's profile from which decisions of additional surveillance can be made. For example, given this person's profile, what are the risk factors associated with that person's usage of encryption and according to the related communications meta-data. Meta-data commonly records connection time, bandwidth usage, IPs and ports connected, etc.

There is no capability or tool that can defeat good encryption in the sense of revealing the unencrypted text without having the algorithm and key. Standard algorithms such as RSA 4086 bit (public-private key pair to transfer the stream encoder) and AES 256 bit (stream encoding) are very safe and because of their recognized effectiveness should be preferred. RSA is the weaker of the two and there are a variety of better alternatives including larger RSA keys and elliptic curve methods. Onion routing, used on Tox and the dark net is also another surveillance barrier. The useful tools will be those that can gather context/meta information and correlate that to risk factors.
In Response

by: peter from: ottawa
January 10, 2016 15:29
In other words. Suckers Beware.
In Response

by: Earthling from: Earth
January 11, 2016 18:03
"the common use of keyed locks makes searching for criminal behavior more difficult than otherwise"

A very poor analogy. Every competent locksmith knows how to pick 99% of household locks. Police simply need to bring a locksmith along. Not to mention that police can simply break the door down. Locks are very effective at keeping common criminals out. In contrast, encryption can lead to 100% secure communications for jihadists, Russian cyber-thieves stealing cash, Chinese cyber-thieves stealing trade secrets, child porn purveyors, and those who share songs and movies.

"encryption is a basic and common communication tool that would be difficult to legislate against"

On the contrary, laws could be passed that made the use or creation of encryption illegal, unless the keys were shared with the appropriate authorities. Someone who was suspected of child porn could be jailed for refusing to unencrypt his cache. Companies such as Apple could be put out of business unless they made an arrangement with law enforcement. The problem is that Apple and the other encryption vendors refuse to work with law enforcement because they vehemently believe in Internet Darwinism. If the high-tech community actually worked with law enforcement, it could create a scheme with no back-doors for miscreants to abuse. And we could have an open discussion regarding how to prevent abuse of the system by government officials.
In Response

by: Neil Nelson from: UT, USA
January 11, 2016 21:01
Earthling, You make some very good points. Perhaps we could start with an open discussion about preventing the abuse of surveillance by government officials. One clear example of how open the discussion would be is that Snowden is hiding in Russia facing criminal charges for bringing the massive violations of the 4th amendment by the NSA to light.

But the key problem with legislating encryption is that any junior programmer with Internet access can obtain the necessary algorithms to create their own strong encryption apps. And they are right here:

Go to Google and put in 'aes algorithm in C'.
and so on.

Go to Google and put in 'rsa algorithm in c'.
and so on.

You can also get an integrated encryption package that includes the C code in the SSL software common on Linux.

There are plenty of people and nations on the planet that are not going care about any particular government's legislation against encryption, will have good encryption, and it will be available on the Internet world-wide.

There is a Surveillance Law class at Stanford and I recollect that warrants or similar can be applied to people to decrypt their data. The key point being that an official warrant must be provided and not where the NSA just does what it feels like and threatens ISPs to go along and be quiet.
In Response

by: Earthling from: Earth
January 12, 2016 15:39
I agree that a public discussion must be held on the proper use of the FISA Court, but there's no point in doing it first while unbreakable encryption exists. Unlike you, I believe that Edward Snowden is no different than Robert Hanssen. Snowden should have released some documents to the press and hung around to face the music. Instead he gave Chinese and Russian intelligence direct access to the files he was carrying because he is not as clever as he thinks. We are in agreement that the NSA should not be going on fishing expeditions. but I also think that certain types of profiling, e.g. for Islamist or child porn activities, should be allowed.

While it is true that "any junior programmer with Internet access can obtain the necessary algorithms to create their own strong encryption apps," it is also true that any person can buy a hunting knife in their local sporting goods store and then go out and stab a large number of people. It does not happen, except with Islamists and mentally ill people, for two reasons: public morals and the fear of being put into prison. It is very easy for someone to use encryption, to be sure, but the FBI could quickly determine that it is occurring -- an automated ISP sniffer could determine that the packets are not readable -- and arrest him.

By the way, your references to Google made me chuckle. You are very worried about the NSA, but not at all worried about a company which rakes in billions of dollars via the hoovering of user data, including data from student accounts. The educational system is an accomplice to this crime by mandating that students use Google student accounts for all work, with Google knowing full well that students will use those accounts for much more than school work. You are not Google's user, you are the product it is selling. Here's something for you to search on, though I suggest you use Duckduckgo: "google privacy student accounts."

About This Blog

"Under The Black Flag" provides news, opinion, and analysis about the impact of the Islamic State (IS) extremist group in Syria, Iraq, and beyond. It focuses not only on the fight against terrorist groups in the Middle East, but also on the implications for the region and the world. The blog's primary author, James Miller, closely covered the first three years of the Arab Spring, with a focus on Syria, and is now the managing editor of The Interpreter, where he covers Russia's foreign and domestic policy and the Kremlin's wars in Syria and Ukraine. Follow him on Twitter: @Millermena

Daily E-Mail Reports

Subscribe to receive daily e-mail updates from Under The Black Flag in your inbox.