According to a paper published by the Combating Terrorism Center (CTC), ISIS and their jihadis have developed “help desks” of sorts in an effort to secure communications. As decentralized as they are, the jihadis are still organized enough to recognize that evading the enemy’s attempts to find their networks is the secret to success – and they are taking active steps to teach their converts to have good “digital hygiene”. From the CTC report:
Instead of calling help desk support, jihadists have formed online technical support communities. The authors examined a variety of open source data comprising more than 40 forum conversations over the past year in which terrorists and potential terrorists examine, discuss, and ask for assistance in establishing robust digital operational security. We have leveraged forums including al-Minbar al-I`lami al-Jihadi, an open network that does not require registration unless posting content or engaging in personal communications via the platform; Shmukh al-Islam, a password-protected network with limited user access; and Al-Fida’, a network similar to Shmukh al-Islam. Each of these networks also suffers from its own issues including hacking, but each contains content related to digital operations security.
Very crafty. ISIS and their jihadis are trying to evade the intelligence people feasting on their digital breadcrumbs by picking them up. The skilled communicators are openly teaching the not so skilled. Masters, apprentices and all that. It’s a group effort.
What makes the CTC report interesting is that contrary to popular information on ISIS and their communications, the jihadis are not relying on Skype, Twitter, Facebook and other social media platforms for their official business, but strictly propaganda, and then they are actively finding ways to post without leaving a digital trail. They are using open source material to talk amongst themselves, just with a much smaller audience. And, as usual, they seek to use tools developed by the United States against us.
More experienced users providing advice in our sample pointed to other tools, among them were some that are often used to safeguard human and democracy rights activists around the world. Many of these programs or tools were developed with the expressed intent of safeguarding individuals working under the threat of states to provide added security for their operations. These same tools, often funded in part by the U.S. Government, NGOs, corporations, and others, are now expressly being used for illicit purposes. Programs such as Tor (an anonymous routing network, also referred to as the Onion Network), Tails, DuckDuckGo, StartPage, PhotoMe Beta, ExifTool, MetaNull, Jitsi, JustPasteIt, Silent Circle, and several others from the Guardian Project are being openly discussed on jihadi forums. They are often accompanied by well-written Arabic documents explaining their implementation and use. There are also numerous discussions on how to bypass security mechanisms such as registered emails and phone numbers so that individuals can take advantage of more popular platforms such as Twitter and Facebook for propaganda purposes.
Back doors left in place by well-meaning programmers are also weak points as determined jihadis will sit and test passwords until finding the one that allows them to exploit a secure system.
Far from being just about using social media to spread their message and recruit fighters, ISIS is using the power of the internet to create a tighter net around its communications in order to securely plot, possibly even to create cyber weapons. They are quite aware of the security limitations of regular social media platforms and are seeking to use more developed open source tools to converse knowing that it is harder to detect all while covering up their digital footprint.
…despite multiple other avenues of information, questions of security regarding popular platforms such as Skype, Google, Gmail, WhatsApp, Tor Mail, are being posed in jihadi forums. Individuals with higher levels of technical acumen regularly warn those inquiring about commonly used products, indicating both their fundamental lack of security and the prevalence of surveillance by nation states on these platforms. These low-level questions are quickly and effectively answered. This illustrates a fundamental change in Tactics, Techniques, and Procedures (TTPs) associated with online behavior.
JV squad? Yeah, right.