ISIS: STATE OF TERROR
LINKSBlogs of War
Making Sense of Jihad
Views from the Occident
American Al Qaeda Members
News, analysis and primary source documents on terrorism, extremism and national security.
Saturday, February 2, 2008
Jihadists Add Strong Encryption To Terrorist Toolbox
Al Qaeda-linked militants have rolled out improved security software that provides above-military-grade encryption for terrorists communicating online.
A copy of the software, Mujahideen Secrets 2, was obtained by INTELWIRE and forwarded to Paul A. Henry, Vice President for Technology Evangelism at Secure Computing (www.securecomputing.com), for analysis.
According to Henry, the software is a significant upgrade to an earlier version program used by jihadists. The new software can be used to encrypt chat sessions, as well as e-mail, Web forum postings and electronic communications.
The software can easily be loaded on a USB stick, according to Henry, allowing militants to encrypt communications from otherwise insecure locations such as Internet cafes.
The software is extremely easy to use, Henry said. This is a significant factor, since the computer skills (and general intelligence) of al Qaeda operatives run the gamut from highly advanced to embarrassingly inadequate.
On the higher end of that spectrum, Al Qaeda has traditionally employed fairly sophisticated computer techniques, but until recently, its implementation has generally lagged industry standards.
During the early and mid-1990s, terrorists were early adopters of laptop computers, PDAs, online publishing and digital file archiving. But while their computer habits were savvy, they were usually less than professional-level.
For instance, a laptop computer recovered from Ramzi Yousef in 1995 contained deleted files that were able to be recovered by forensic analysis. Yousef was sophisticated enough to use passwords, but not strong encryption. He removed old and sensitive files, but he didn't know to run a file shredder.
With the new software, Yousef's hard drive would have been a much tougher nut to crack. In addition to its 2,048-bit encryption, Mujahideen Secrets 2 includes a shredder and file and folder encryption.
The move to stronger encryption may have been prompted by security breaches on jihadist Web sites back in September, when the U.S. government and counterterrorism analysts obtained copies of an Osama bin Laden video release before it was widely introduced on the Web. At the time, several key jihadist sites temporarily suspended operations to address the breach.
However, it's unlikely the bulk of those security issues will be solved by strong encryption. While the debut of the software represents a significant and dangerous new development for counterterrorism officials, encryption and straight-up network security do not appear to have been the key factors in earlier breaches. The best encryption in the world won't help if you give away your passwords and encryption keys.
Mujahideen Secrets 2 appears to have been assembled and compiled from both open-source and copyrighted material, according to Henry. The software may be detectable when operating over networks or on targeted machines. This could be useful for counterterrorism professionals tracking terrorist and militant Web usage.
Views expressed on INTELWIRE are those of the author alone.
Tweets referencing this post:
ISIS: THE STATE
Jessica Stern and J.M. Berger co-author the forthcoming book, "ISIS: The State of Terror," from Ecco, an imprint of HarperCollins. The book, which will debut in early 2015, will examine the rise of the Islamic State in Iraq and Syria, its potential fall, how it is transforming the nature of extremist movements, and how we should evaluate the threat it presents. Jessica Stern is a Harvard lecturer on terrorism and the author of the seminal text Terror in the Name of God: Why Religious Militants Kill. J.M. Berger is author of the definitive book on American jihadists, Jihad Joe: Americans Who Go to War in the Name of Islam, a frequent contributor to Foreign Policy, and editor of Intelwire.com.