How Islamic State militants attempt to outwit spies
A group claiming Islamic State ties is distributing manuals on a secure messaging app to help the militant group use common encryption tools to thwart government surveillance.
Islamic State supporters have published a series of manuals to help the militants and their followers use smartphone encryption and other technologies to hide from government spy agencies.
Though the militant group has previously released guides for using encrypted mobile apps, the new documents suggest that the terrorist organization is becoming increasingly sophisticated when it comes to the use of digital security.
The Horizon Electronic Foundation, a group claiming Islamic State links, began distributing five Arabic-language manuals via encrypted channels on the messaging service Telegram last month. Security analysts say the releases come with the group increasingly worried about the threat of surveillance from Western intelligence agencies.
"They’ve been pushing ideas that the US government is conducting surveillance on pretty much everybody," said Matt Ortiz, head of cybersecurity at SITE Intelligence Group, a firm that tracks the activities terrorist groups. The documents send a message that militants "have to watch out" for government monitoring, Mr. Ortiz said.
The Horizon group, which first appeared in February to provide technical support to IS, calls on militants to secure their smartphone communications by installing virtual private networks, which increase security while using the Web, and a handful of security and privacy apps available on Google Play and Apple’s App Store.
Horizon also emphasizes anonymizing services such as the Tor Browser, and the e-mail encryption services ProtonMail and Tutanota.
"I warn brothers and sisters against using their personal numbers when activating any service on the Internet regardless of how secure it might be," the manual states. Horizon also lists contact information for militants who need help setting up the applications.
What’s more, the manuals – which appear to be written in fragmented Arabic – advise militants to move away from products and encrypted apps with roots in Silicon Valley, advising militants to disavow Google Chrome and Yahoo. In one document, Horizon provides a link to an encrypted e-mail server and writes, "goodbye Google and Yahoo, Hello to encrypted e-mails."
Though the documents do not specify a reason for recommending the security protocols, the release comes as Islamic State supporters appear to increasingly wary about US digital spying efforts. Last week, Horizon released a video on its Telegram accounts that recounted the Edward Snowden leaks and warned the group’s backers to follow its technical advice – or risk being targeted and tracked.
Islamic State operatives have previously demonstrated their familiarity with tools designed to cloak online communications. For instance, The New York Times reported in March that Islamic State recruits in France had used the digital encryption program TrueCrypt to keep their communications secret. Additionally, the militant group has released a technology guide ranked the security of more than 30 chat apps – including WhatsApp, Telegram, and Signal.
But intelligence analysts who track the group online say the availability of these manuals may still have an important impact on the way that Islamic State communicates – making the militants tougher to pin down.
"More than any other terrorist group, the Islamic State is educating its supporters about the best tools and tradecraft to use to coordinate activities – online and off," said Michael Smith II, chief operating officer at Kronos Advisory, a defense consulting firm.
The US government has acknowledged that militants are getting better at covering their tracks online. In 2014, National Security Agency Director Adm. Michael Rogers noted that terrorist groups were doing more to avoid surveillance after Mr. Snowden's disclosures.
As Islamic State and its supporters become more expert at hiding behind technology, said Mr. Smith, "that will be increasingly difficult for authorities to thwart."