Late last month, Edward Snowden opened a Twitter account, @Snowden, in which he tweets about surveillance, encryption and related subjects. And it’s quickly gotten the attention of jihadists and their supporters, with whom Snowden is engaging in conversations.
Surveillance and encryption are two areas of special interest “to which jihadis and their supporters pay close attention,” said Steven Stalinsky, executive director of the Middle East Media Research Institute (MEMRI), which monitors jihadi social media, noting that, “Snowden’s impact on the tactics and methods of terrorist groups is notable. Al Qaeda … changed their method of communications following Snowden’s disclosures” about the National Security Agency’s (NSA) top secret global communications collection programs and capabilities.
Indeed. Snowden’s disclosures changed the game for how Al Qaeda and other jihadi organizations use encryption to communicate.
MEMRI issued a report in April 2014, Al Qaeda’s Embrace Of Encryption Technology – Part II: 2011-2014, and The Impact of Edward Snowden, which stated that although Al Qaeda had began using encryption technology for its online activities in 2007, the Snowden disclosures prompted further efforts by Al Qaeda and other designated jihadist organizations to secure their communications.
MEMRI’s report contains numerous examples, from interviews with Al Qaeda leadership to chatter in online forums, referencing the impact of Snowden on Al Qaeda’s communications tactics. In one example, on August 30, 2013 Mula’ib Al Assinnah, a senior member of the leading jihadi forum Shumoukh Al Islam, warned online jihadists not to use Google’s Gmail because Google is part of NSA.
“Snowden has done incalculable damage to the NSA and, in the process, to American national security. Officials in position to know said good people have already lost their lives thanks to Snowden,” wrote Professor Robert F. Turner — who holds both professional and academic doctorates from the University of Virginia School of Law, where in 1981 he co-founded the Center for National Security Law, and served for three years as Counsel to the President’s Intelligence Oversight Board at the White House – in the August/September, 2014 issue of Homeland Security Today.
“Countless more are likely to lose theirs now that our enemies know our most closely guarded sources and methods of communications intelligence collection,” Turner bluntly stated, emphasizing that, “If I had to choose between the harm Snowden has done or having our enemies sink a Nimitz-class aircraft carrier with its complement of nearly 6,000 men and women, I wouldn’t hesitate to sacrifice the carrier. That’s how destructive Snowden’s disclosures about the NSA’s capabilities to protect our nation have been. In a strategic sense, the loss of one aircraft carrier will do far less harm to our security than blinding our intelligence services."
Turner said, “Snowden is a pathetic, narcissistic high-school dropout who likely had no idea of the significance of much of the information he stole and knowingly disclosed to America’s enemies, as only a small part of it even arguably has anything to do with the civil liberties of Americans he claimed he was so concerned about protecting.”
“Indeed, according to congressional leaders and other officials familiar with a classified government review of the damage Snowden did, not only did he very helpfully tip off foreign intelligence services and terrorist organizations like Al Qaeda and the Islamic State to some of the most important techniques our government uses to counter the threat they pose to our security, but he also nearly fatally wounded efforts to stop proliferators of weapons of mass destruction, drug cartels … and, yes, even sophisticated pedophile networks,” Turner said, concluding that, “When all of the smoke clears, it may very well be proven that Snowden is the most injurious traitor in American history.”
According to MEMRI’s investigation of Snowden’s illegal disclosures of benefit to jihadists and his latest foray to provide advice to jihadists via social media, the first issue of the English-language magazine Inspire – published by Al Qaeda in the Arabian Peninsula — followed the Snowden debacle and, not only included a focus on Internet security, but, most significantly, noted on the first page in all-capital letters, “DUE TO TECHNICAL AND SECURITY REASONS, WE HAVE SUSPENDED OUR EMAIL ADDRESSES TEMPORARILY.”
“Since, as mentioned, Inspire has always provided email addresses and encryption information for readers wishing to contact it, and, as a major part of its outreach efforts, urged readers to write in, its decision to suspend its email is meaningful,” MEMRI stated.
Al Qaeda and its subsidiaries aren’t stupid. They quickly realized they are operating in a post-Snowden environment. Stalinsky indicated that after the massive leak by Snowden of classified NSA global communications interception capabilities, terrorists on the main online jihadi forums monitored by MEMRI often talked about being “watched” – and,using Snowden’s disclosures of NSA communications capabilities, began altering the way they communicate in an effort to avoid NSA’s communications siphoning.
“Prior to the leaks, Inspire encouraged interested parties to contact the magazine’s editors via encrypted software, and via email. The 12th issue of the magazine stated that due to technical and security reasons, the normal methods of outreach were temporarily suspended. Additionally, Snowden was lauded for his acts in the same issue,” Stalinsky said, adding, Snowden “was also praised in the third issue of the Taliban’s English-language magazine Azan, which was released in August 2013.
As MEMRI research has highlighted, Al Qaeda’s emphasis on encryption technology markedly increased following Snowden’s revelations of the government’s electronic communications intercepts. In addition, jihadis have expressed hesitancy to use certain platforms and to communicate as openly as they had previously. This was especially true in the first six months following Snowden’s disclosures.
Today, jihadi organizations are carefully taking into consideration what Snowden says on his new Twitter account.
As of this writing, Snowden’s account contains 141 tweets and has 1.53 million followers.
According to MEMRI, “Many loyal to either Al Qaeda’s Syrian branch Jabhat Al Nusra or to ISIS follow Snowden’s account. Some retweet his tips or engage him directly by asking questions.”
“On October 13,” for instance, MEMRI reported that “an ISIS supporter named Ali Al Amrikini asked Snowden: ‘Good afternoon boss! Did you really say that ISIS works with USA? I hope you can clear it. Thank you …’ Ali Al Amrikini’s Twitter avatar is of British rapper turned ISIS fighter Abdel Majed Abdel Bary. The user’s background banner is a picture of Anjem Choudary, a radical London-based British preacher who openly promotes the Islamic State.”
Continuing, MEMRI noted that a Jabhat Al Nusra “fighter named Abu Sufyan Al Libi retweeted [a] Snowden tweet from October 11 that included an illustrative graphic. The tweet reads: ‘For those asking how tracking phones and wireless devices (your laptop) from a plane works.’ Snowden shared a link to an article in this tweet.”
Snowden has also provided jihadis advice.
On October 11, he tweeted: "Tech designed to fight Al Qaeda gets used to track Black Lives Matter. War front to home front."
A link to an article in the Washington Post was included in this tweet.
“It should be pointed out that race is a theme that has been exploited by ISIS, and was most recently addressed in the latest issues of Inspire magazine and ISIS’s English-language magazine Dabiq,” MEMRI noted.
On October 12, Snowden tweeted: "Is mass surveillance also a problem in your country? Unlike a VPN, @Torproject is free."
That same day, Snowden responded to a question posed by prominent Black Lives Matter activist Deray McKesson, who asked what protestors could do to combat "state surveillance." Snowden replied: "Organize. Compartmentalize to limit compromise. Encrypt everything, from calls to texts (Use Signal as a first step).”
Signal is an encrypted messaging and voice app for mobile devices.
Feds warned about jihadi groups’ use of encryption
As the public and congressional debate over the NSA’s collection of data under the Patriot Act has raged, so, too, have officials’ concerns over terrorists’ increasing use of sophisticated encryption technology post-Snowden.
At a House Committee on Homeland Security hearing on the matter, chairman Michael McCaul (R-Texas) stated, “Jihadi recruiters … direct users to continue … conversation[s] on more secure apps, where secure communication hides their messages from our intelligence agencies. Such communications can include advice for traveling to terror safe havens, contact information for smugglers in Turkey, or the membership process for joining ISIS itself.”
Continuing, McCaul said, “I know the officials appearing before us today are disturbed by these trends. Mobile apps like Kik and WhatsApp—as well as data-destroying apps like Wickr and Surespot—are allowing extremists to communicate outside of the view of law enforcement. Equally as worrisome are ISIS attempts to use the ‘Dark’ or ‘Deep Web.’”
“These websites hide IP addresses and cannot be reached by search engines, giving terrorists another covert means by which they can recruit fighters, share intelligence, raise funds and potentially plot and direct attacks undetected,” McCaul stated.
This past May, MEMRI said in its report on communications encryption technology now widely used by jihadists, that, “a letter signed by technology industry leaders and advocacy organizations was sent to President Obama; the letter responding to statements by administration officials who, it said, had ‘suggested that American companies should refrain from providing any products that are secured by encryption unless those companies also weaken their security in order to maintain the capability to decrypt their customers’ data at the government’s request,’ and that ‘Congress should ban such products or mandate such capabilities.’”
MEMRI noted that, “The signatories – among them many of the social media companies used and relied on by ISIS, Al Qaeda, and other jihadi groups – urged Obama to reject any proposal that US companies deliberately weaken the security of their products; they included Google, Twitter, Facebook, Internet Archive, Microsoft, Apple, Dropbox, LinkedIn, Tumblr, Wikimedia Foundation and Yahoo, as well as the American Civil Liberties Union, the Council on American-Islamic Relations and the American-Arab Anti-Discrimination Committee.”
Ironically, the letter stated, “Strong encryption is the cornerstone of the modern information economy’s security. Encryption protects billions of people every day against countless threats—be they street criminals trying to steal our phones and laptops, computer criminals trying to defraud us, corporate spies trying to obtain our companies’ most valuable trade secrets, repressive governments trying to stifle dissent, or foreign intelligence agencies trying to
compromise our and our allies’ most sensitive national security secrets.”
The following day, FBI Director James Comey, addressing the third annual Georgetown Cybersecurity Law Institute symposium, called the letter "depressing," because it "contains no acknowledgement that there are societal costs to universal encryption." Comey said he deals every day where "cyber and counterterrorism merge,” and discussed the potential consequences to law enforcement of the default encryption of communications on mobile devices and computers.”
"The logic of universal encryption is inexorable that our authority under the Fourth Amendment … isgoing to become increasingly irrelevant," Comey stated.
Earlier in May, US Cyber Command head and NSA director Adm. Michael S. Rogers said in response to a question about jihadis’ use of encryption that, "A whole set of actors out there is increasingly using encryption as a vehicle to attempt to evade the legal and lawful framework we use both from an intelligence framework, as well as from the law enforcement side."
On June 19, though, White House Press Secretary Josh Earnest stated, “The administration firmly supports the development and robust adoption of strong encryption. The President himself has acknowledged that it can be a strong tool to secure commerce and trade, safeguard private information, and promote free expression and association. At the same time, we’re also understandably concerned about the use of encryption by terrorists and other criminals to conceal and enable crimes and malicious activity.”
“In 2007, MEMRI’s Jihad and Terrorism Threat Monitor Project began monitoring Al Qaeda’s use of encryption technology,” Stalinsky told Homeland Security Today. “At the time, this was limited to its own software, Mujahideen Secrets, which has been updated periodically over the past eight years. Osama bin Laden even realized the value of encryption technology for Al Qaeda and recommended its use, as was disclosed in the documents [taken from Bin Laden’s Abbottabad, Pakistan home when he was finally killed]. Mujahideen Secrets remained in widespread use among jihadis; from 2010-2013 it gained popularity among Western jihadis, as it was advertised in every issue of AQAP’s English-language Inspire magazine.”
“Since then, particularly with the emergence of ISIS, jihadis have both increased their use of encryption technology, moving from Mujahideen Secrets to other software and messaging options, and become more reliant upon it,” Stalinsky said, noting, “This phenomenon, combined with these groups’ expanding use of largely US-based social media such as Twitter, has evolved into a substantial national security threat.”
“With increased dependence on apps and software,” he said, “ISIS and its online legions of supporters on Twitter are now openly promoting the next generation of encryption and privacy apps – Kik, Surespot, Telegram, Wickr, Detekt, TOR, and new ones as they are created.”
Stalinsky also said, “Jihadis have enjoyed the debate taking place between the US government and technology companies, from Apple and Android to Twitter and Yahoo, who are in the process of creating new encryption technology that will not allow built-in backdoor access, and therefore they are hoping this will mean there is less chance their conversations will be listened to. As one pro-ISIS activist cited in the new report, ‘Jihadi John’ (@Islammujahideen) tweeted, ‘The NSA revelations are of extreme academic value, they are really useful and we do operate in accordance with their uncoverings.’”
“In previous reports, MEMRI highlighted how Al Qaeda as well as ISIS were relying heavily on jihadis’ own encryption software,” the MEMRI report stated. Since then, however … distribution of this software among jihadis has slowed, and reliance on new Western social media apps, particularly encrypted ones, has increased.”
“Since its beginnings, ISIS has embraced technology and has used encryption, incorporating these as part of its daily activity and actively recruiting individuals with skills in these areas,” the MEMRI report stated. “For example, in an interview published June 4, 2015, a former computer science student from Madagascar spoke about his conversion to Islam and his decision to join ISIS: ‘I was studying computer science in Antananarivo University and met some brothers from India who were Muslims … After reading the Koran and the Sirah i.e. biography of Prophet Mohammad, I came to this conclusion that the Islamic State have the true methodology and truth … I decided to join Islamic State Caliphate … Now I am asked by Ameer Abu Qubaisa Al Anbari to join the IT department because I have degree in BCS.’”