As the physical caliphate has withered under the Syrian Democratic Forces’ ground offensive, ISIS supporters online are trying to ensure that fellow adherents are up on the latest cybersecurity news to operate and expand a virtual caliphate.
The Electronic Horizon Foundation launched in January 2016 as an IT help desk of sorts to walk ISIS supporters through how to encrypt their communications and otherwise avoid detection online while coordinating with and recruiting jihadists.
“It is time to face the electronic surveillance, educate the mujahideen about the dangers of the Internet, and support them with the tools, directives and security explanations to protect their electronic security, so that they don’t commit security mistakes that can lead to their bombardment and killing,” the group said in its founding announcement.
The EHF has since released a series of print and video tutorials covering a range of mobile security and dark web how-tos.
Last year, the group began distributing a weekly “Tech News Bulletin” including “the most important cyber security news.”
The EHF just issued bulletin No. 33. Which stories piqued ISIS supporters’ interest? A piece on hackers taking down Mozilla Firefox and Microsoft Edge at the Pwn2Own contest. A piece on Telegram — a popular site among ISIS supporters — now allowing private chats to be deleted from all connected devices. A story on hackers compromising thousands of computers through dropping a backdoor in an Asus software update. A piece on widespread, long-term Russian “spoofing” of the global navigation satellite system. An article on a series of iOS flaws including bugs in Webkit and another vulnerability allowing apps to covertly function as listening devices. A piece on Gustuff, an Android banking and cryptocurrency trojan that’s growing in power.
Terror groups are acutely aware of how technology has aided their borderless growth, and equally aware of how important tech training is to their followers to keep them under the radar. Al-Qaeda accounts still seem to fly under that radar with greater ease; ISIS has been staking out new cyber territory in an effort to evade the censors.
ISIS still loves Telegram, but faced with suspensions they’ve been trying out Viber along with forging down other avenues including WhatsApp. An Indian youth told police in July that he had received WhatsApp messages from numbers in Memphis, Tenn., and Starkville, Miss., trying to threaten him into gathering information for ISIS. Terror suspects have been found to be participating in private ISIS WhatsApp chats. What’s key to terror groups is that they can utilize diversified social media to recruit new members, keep open lines of communication among adherents, spread propaganda and remind others of their obligation to do the same in a “media jihad” campaign.
Jihadist leaders take cybersecurity seriously, not just trying to infiltrate disbelievers’ domains and fundraise with Bitcoin but ensuring that followers follow basic password hygiene (stop using “123456,” says al-Qaeda) and encryption protocols. In a January video, al-Qaeda in the Arabian Peninsula emir Qasim al-Raymi railed against cell phones as “a form of a spy agent – an agent that is always with us.”
“When you see what is going on in the web forums you will be surprised,” al-Raymi said. “The transgression against the work of the mujahidin that goes on is unbelievable. They expose mujahidin’s vision and plans, and then go on to open an open debate in a chat room.”