The latest cybersecurity report circulated online to educate ISIS supporters on the latest vulnerabilities, threats and opportunities of interest included a report on federal officials seeking information from tech giants about users of a gun scope app.
According to the Forbes exclusive early this month, the Department of Justice filed an application for a court order seeking the names, phone numbers and other identifying data of at least 10,000 users of Obsidian 4, an app available from Apple and Google to work with American Technologies Network Corp. rifle scopes.
“This is the Future of Optics!” says the app pitch on Google Play, where it’s been installed by users more than 10,000 times. “The Obsidian 4 application is here to enhance your experience when using the ATN X-Sight 4K and/or the ThOR 4 product lines. This application connects your smart phone, or tablet, to your ATN device via Wifi. This connection allows you to watch a live video stream of your hunt on your smart phone or tablet. The Obsidian 4 app lets you to adjust/change the various settings on your ATN Smart scope, and review the images and videos stored on your scopes microSD card.”
The data on app users is being sought as part of an Immigration and Customs Enforcement weapons export investigation, Forbes added, and the government is hoping to use app data to track the scopes. ATN, which is not under investigation, said it would “not provide any information regarding the identity of our customers to any third party unless specifically required by law.”
The 58th edition of the weekly Tech News Bulletin from the Electronic Horizons Foundation references the ZDNet version of the story published on Sept. 16., which notes that “if the order is signed off by the court, the names of those who have downloaded the app since August 1, 2017, will be demanded, alongside their telephone numbers, IP addresses, and activity logs.”
The EHF launched in January 2016 as an IT help desk of sorts to walk ISIS supporters through how to encrypt their communications and otherwise avoid detection online while coordinating with and recruiting jihadists. Recently, they included a report on U.S. Customs and Border Protection applying more scrutiny to the social media histories of travelers attempting to enter the United States.
In July, they led their cybersecurity bulletin with a story on a 10-year review of cybersecurity compliance flaws at the departments of Homeland Security, State, Transportation, Housing and Urban Development, Agriculture, Health and Human Services, and Education, as well as the Social Security Administration. That EHF bulletin also featured stories on Facebook handing over data on hate-speech suspects to French courts, an Android spyware campaign in the Middle East that spread through Telegram and WhatsApp (both favored ISIS platforms), and vulnerabilities in iPhone apps and Microsoft Word.
In June, the EHF highlighted the vulnerability of some million devices to the “BlueKeep” Microsoft flaw dubbed “potentially wormable” by the National Security Agency.
The EHF has also released a series of print and video tutorials covering a range of mobile security and dark-web how-tos for fellow ISIS supporters.