Security

Al Qaeda gets serious about mobile and encryption — reportedly thanks to Snowden

Don't touch my key!

Above: Don't touch my key!

Image Credit: 2jenn/Shutterstock

Edward Snowden’s leaks of some of the National Security Agency’s darkest secrets have benefitted the group responsible for blowing up New York’s World Trade Center: Al Qaeda.

That’s according to a new report on Al Qeada’s embrasure of mobile by the intelligence organization Recorded Future. Its latest report discloses a slew of new mobile apps and encryption tools that the terror group released to communicate with its disparate cells in Africa and the Middle East and to broadcast hate-filled messages against the West.

Al Qeada has long used encryption on mobile, IM, and Macbooks, but security researchers have noticed changes since Snowden broke open the NSA’s treasure chest of intelligence operations. The terror group — and the violent ISIS, which now controls vast areas of Iraq — have used that data to innovate, using advanced encryption tools across most of their platforms as a matter of norm, Recorded Future’s report said.

The report is comprehensive, and it shows how one of Al Qaeda’s media and propaganda arms, Al-Fajr, released a new Android-based encryption app in June, news of which it released on its website. That app uses the AES “4096 bit key” encryption, similar to what some U.S. intelligence agencies use to protect data transfers.

The report noted that another Al Qaeda media arm, GIMF, released new encryption software called “Tashfeer al-Jawwalm,” three months after Snowden’s bombshell’s began landing in the Guardian, the Washington Post and Germany’s De Spiegel. According to Recorded Future, the new software encryption:

“The program uses the cryptographic algorithm Twofish with cipher block chaining which has the same strength as the algorithm for the Advanced Encryption Standard (AES). It uses elliptic curve encryption in exchanging keys with the keys encoded to 192-bit length. It was necessary to use elliptic curve encryption instead of the base encryption RSA because it is very long, and it’s not possible to store it in SMS nor use it with the Bouncy Castle libraries which use algorithms and methods of encryption with tested capabilities proven to be effective. This library does permit developers to change the random algorithms to protect against any misuse or abuse.”

What this means is that its become more difficult for Western intelligence agencies not only to intercept but also crack the terror group’s cyphers. Based on its research, Recorded Future noted that Al Qaeda’s communication networks have pivoted to adapt to the practices utilized in Signals Intelligence collection by using readily available encryption software and not developing their own in-house technology.

A former NSA official told VentueBeat that just as Al Qeada is watching, listening and adapting, so are the agency’s tasked with vacuuming their communication channels — it’s still a cat-and-mouse game.

More information:

Powered by VBProfiles