- Apr 5, 2014
- 6,001
A new report from Trend Micro has lifted the lid on the homegrown and commercial tools used by terrorists to communicate and spread propaganda – with many of them also used by cyber-criminals.
With the emphasis on anonymity, many terrorist groups have adopted similar tactics to cyber-criminals, such as using DDoS mitigation tool Cloudflare to keep the IP address of propaganda sites hidden, the report claimed.
Trend Micro said it had also spotted terrorists sharing ‘anonymizing guides’ originally used by journalists and activists, detailing how to stay hidden online.
Communications methods include secure e-mail such as SIGAINT, Ruggedinbox, and Mail2Tor; underground forums, usually TOR-based or similar; and social media.
When it comes to IM, of the 2300 accounts studied by Trend Micro, one third (34%) used Telegram, followed by Signal (15%), WhatsApp (15%) and Wikr (14%).
Unsurprisingly, the file sharing and hosting services used by terrorists were mainly based in regions such as the Middle East – away from the reach of the NSA.
Trend Micro also reeled off a list of the six most popular homebrewed apps used by terrorists, including PGP alternative, Mojahedeen Secrets, mobile encryption app Tashfeer al-Jawwal and news distribution app Alemarah.
Confirmation of these tools would seem to support the argument of many pro-strong encryption supporters that the US and UK government’s stance versus Apple, WhatsApp and others is misguided. Terrorists and criminals have plenty of other platforms they can migrate to if, for example, the FBI or NSA was able to undermine encryption on the iPhone, they argue.
The report also claims many underground terrorist forums warn against the use of smartphones altogether – especially iOS and Android.
It’s also notable from the report that despite the popularity of secure email tools, the number one platform is still Gmail (34%).
“There are a lot of overlaps regarding the online presence of terrorist organizations and cyber-criminals. They both communicate through the same channels and use the same technologies, making the task of tracking terrorists as challenging as it is to track cyber-criminals, if not more,” the report concludes.
“Knowing the channels and technologies they use, however, is a critical first step towards getting a better understanding of how these groups function, which can ultimately help provide ways to stop their activities.”
With the emphasis on anonymity, many terrorist groups have adopted similar tactics to cyber-criminals, such as using DDoS mitigation tool Cloudflare to keep the IP address of propaganda sites hidden, the report claimed.
Trend Micro said it had also spotted terrorists sharing ‘anonymizing guides’ originally used by journalists and activists, detailing how to stay hidden online.
Communications methods include secure e-mail such as SIGAINT, Ruggedinbox, and Mail2Tor; underground forums, usually TOR-based or similar; and social media.
When it comes to IM, of the 2300 accounts studied by Trend Micro, one third (34%) used Telegram, followed by Signal (15%), WhatsApp (15%) and Wikr (14%).
Unsurprisingly, the file sharing and hosting services used by terrorists were mainly based in regions such as the Middle East – away from the reach of the NSA.
Trend Micro also reeled off a list of the six most popular homebrewed apps used by terrorists, including PGP alternative, Mojahedeen Secrets, mobile encryption app Tashfeer al-Jawwal and news distribution app Alemarah.
Confirmation of these tools would seem to support the argument of many pro-strong encryption supporters that the US and UK government’s stance versus Apple, WhatsApp and others is misguided. Terrorists and criminals have plenty of other platforms they can migrate to if, for example, the FBI or NSA was able to undermine encryption on the iPhone, they argue.
The report also claims many underground terrorist forums warn against the use of smartphones altogether – especially iOS and Android.
It’s also notable from the report that despite the popularity of secure email tools, the number one platform is still Gmail (34%).
“There are a lot of overlaps regarding the online presence of terrorist organizations and cyber-criminals. They both communicate through the same channels and use the same technologies, making the task of tracking terrorists as challenging as it is to track cyber-criminals, if not more,” the report concludes.
“Knowing the channels and technologies they use, however, is a critical first step towards getting a better understanding of how these groups function, which can ultimately help provide ways to stop their activities.”
