The latest cybersecurity report geared toward educating ISIS supporters included a report on U.S. Customs and Border Protection applying more scrutiny to the social media histories of travelers attempting to enter the United States.
The TechCrunch report last week said that people were increasingly being denied entry on the basis of social media messages received, not written, by the traveler. These messages, images and video sent by contacts or strangers over mediums such as Facebook, Twitter and WhatsApp have been downloaded to the receiver’s phone.
The story specifically highlighted the case of Ismail Ajjawi, 17, a Palestinian national who was denied entry to attend his freshman semester at Harvard. Ajjawi told The Harvard Crimson that an agent who searched his phone and computer “found people posting political points of view that oppose the U.S. on my friend[s] list.” After outcry from the university and lawyers, Ajjawi was allowed entrance Monday to start classes today.
The latest cybersecurity bulletin — their 55th issue –from the Electronic Horizon Foundation included the story along with reports on data breaches, Google and Windows vulnerabilities, and a new Middle East hacking group focused on the oil and gas sector. The inclusion of the CBP report is in line with the intense messaging from ISIS and supporting media groups regarding followers being careful — while prolific — with their social media operations.
The EHF launched in January 2016 as an IT help desk of sorts to walk ISIS supporters through how to encrypt their communications and otherwise avoid detection online while coordinating with and recruiting jihadists. In July, they led their cybersecurity bulletin with a story on a 10-year review of cybersecurity compliance flaws at the departments of Homeland Security, State, Transportation, Housing and Urban Development, Agriculture, Health and Human Services, and Education, as well as the Social Security Administration.
That EHF bulletin also featured stories on Facebook handing over data on hate-speech suspects to French courts, an Android spyware campaign in the Middle East that spread through Telegram and WhatsApp (both favored ISIS platforms), and vulnerabilities in iPhone apps and Microsoft Word.
In June, the EHF highlighted the vulnerability of some million devices to the “BlueKeep” Microsoft flaw dubbed “potentially wormable” by the National Security Agency.
“It is time to face the electronic surveillance, educate the mujahideen about the dangers of the Internet, and support them with the tools, directives and security explanations to protect their electronic security, so that they don’t commit security mistakes that can lead to their bombardment and killing,” the group said in its founding announcement.
The EHF has since released a series of print and video tutorials covering a range of mobile security and dark-web how-tos.
Last year, the group began distributing the weekly “Tech News Bulletin” including “the most important cyber security news.”