ISIS is increasingly turning to encryption-based technology as it continues to elude Western counterterrorism agencies desperate to breakdown the terror group’s digital footprint.
Despite jihadi groups’ widespread and persistent online presence on social media platforms, a complex ‘toolbox’ of encryption instruments are being used by ISIS and other terror organizations to obscure their online communications with one another in the Islamic State’s Caliphate and in the West, according to a report by tech security analysts Flashpoint Intel.
The report notes a list of 36 different online tools, identified as “only a small sampling of the technologies required to overcome security challenges,” that are being employed by jihadis to stay under the radar and operate secretly beneath the surface on social media platforms like Twitter and Facebook.
The list includes mobile security applications, virtual private networks (VPNs), programs used to generate fake phone numbers and temporary secure e-mail addresses that are then used to help generate hundreds of Twitter accounts, encrypted messenger applications like Telegram and WhatApp, and secure browsers like Tor, in particular.
Tor is an encrypted web browser that allows the user to browse the web anonymously using onion routing, which encrypts and relays communications through networks around the globe, and VPN’s allow for encrypted connections on private networks across the internet and are commonly employed in countries with repressive regimes who crack down on uncensored internet.
Earlier this year, the Pentagon declared the start of an unprecedented cyber war against ISIS jihadis, aimed at “disrupting their command-and-control communications,” President Obama said in April 2016.
Encrypted messengers such as Telegram Messenger, popularly used by jihadis for recruitment and distribution of propaganda, are just the tip of the iceberg when it comes to jihadis’ use of Western-made encryption technology.
Among the encrypted email services is Tutanota, an open source program compatible with Android and iOS and “especially recommended for use when registering VPN accounts.”
Many of the programs are legitimate encryption applications used on a day-to-day by companies seeking solutions to things like digital information shredding and privacy lockers but prove extremely useful to jihadis whose “unrelenting drive to adapt and conceal their online operations presents unique challenges to monitoring them,” according to the report.
There’s a word of caution for jihadis using WhatsApp Messenger despite the introduction of end-to-end encryption earlier this year, which remains vulnerable to hacking, according to an informed jihadi tech, who additionally warns that it is “one of the social messaging apps purchased by the Israeli Facebook program!”
“Online jihadists, especially in the wake of ISIS’ rise, have demonstrated a trend of growth, adaptation, and relentless motivation to escape the already-aggressive scrutiny imposed on them. In other words, they’re always under the microscope, and thus they constantly search for ways to protect their identity and cover their digital footprints,” Flashpoint co-founder Laith Alkhouri said in an interview with EWeek.