The latest cybersecurity report circulated online by ISIS supporters to educate followers on vulnerabilities, threats and opportunities to put on their radars included a piece on the Justice Department taking down a dark-web site without breaking encryption and a piece on U.S. lawmakers’ concerns over a video sharing app that was hosting terror propaganda.
The 63rd edition of the weekly Tech News Bulletin from the Electronic Horizons Foundation references a security-news blog linking to an Oct. 16 Wired story on the takedown of child-porn site Welcome To Video. A South Korean national who ran the site and 337 site users in America and other nations were charged.
“Through the sophisticated tracing of bitcoin transactions, IRS-CI special agents were able to determine the location of the Darknet server, identify the administrator of the website and ultimately track down the website server’s physical location in South Korea,” said IRS-CI Chief Don Fort at the time.
The criminal complaint said that law enforcement was able to trace payments of bitcoin, and thus site users, by following the flow of funds on the blockchain. The Wired article quoted an attorney from the nonprofit Electronic Frontier Foundation calling the bust “an example of a high-level investigation with major impact that was not hindered by encrypted communications.”
ISIS has encouraged the use of cryptocurrency for direct fundraising, transfers and illegal side operations that generate income for the group; they’ve also invested in educating followers about operating online protected by encryption.
The EHF bulletin also included an Oct. 25 story on a letter sent by Senate Minority Leader Chuck Schumer (D-N.Y.) and Sen. Tom Cotton (R-Ark.) to Acting Director of National Intelligence Joseph Maguire expressing concern about Chinese-owned social media app TikTok’s potential threat to national security.
A few days earlier, TikTok took down about two dozen accounts that were sharing ISIS recruitment videos.
The senators’ letter did not touch on terrorist activity, but on control from an authoritarian foe. “Security experts have voiced concerns that China’s vague patchwork of intelligence, national security, and cybersecurity laws compel Chinese companies to support and cooperate with intelligence work controlled by the Chinese Communist Party. Without an independent judiciary to review requests made by the Chinese government for data or other actions, there is no legal mechanism for Chinese companies to appeal if they disagree with a request,” Schumer and Cotton wrote. “…With over 110 million downloads in the U.S. alone, TikTok is a potential counterintelligence threat we cannot ignore. Given these concerns, we ask that the Intelligence Community conduct an assessment of the national security risks posed by TikTok and other China-based content platforms operating in the U.S. and brief Congress on these findings.”
Last month, the ISIS cybersecurity bulletin alerted followers to a report on federal officials seeking information from tech giants about users of a gun scope app. The Department of Justice filed an application for a court order seeking the names, phone numbers and other identifying data of at least 10,000 users of Obsidian 4, an app available from Apple and Google to work with American Technologies Network Corp. rifle scopes.
The EHF launched in January 2016 as an IT help desk of sorts to walk ISIS supporters through how to encrypt their communications and otherwise avoid detection online while coordinating with and recruiting jihadists. Recently, they included a report on U.S. Customs and Border Protection applying more scrutiny to the social media histories of travelers attempting to enter the United States.
In July, they led their cybersecurity bulletin with a story on a 10-year review of cybersecurity compliance flaws at the departments of Homeland Security, State, Transportation, Housing and Urban Development, Agriculture, Health and Human Services, and Education, as well as the Social Security Administration. That EHF bulletin also featured stories on Facebook handing over data on hate-speech suspects to French courts, an Android spyware campaign in the Middle East that spread through Telegram and WhatsApp (both favored ISIS platforms), and vulnerabilities in iPhone apps and Microsoft Word.
In June, the EHF highlighted the vulnerability of some million devices to the “BlueKeep” Microsoft flaw dubbed “potentially wormable” by the National Security Agency.
The EHF has also released a series of print and video tutorials covering a range of mobile security and dark-web how-tos for fellow ISIS supporters.