Feeds

Snowden leaks show that terrorists are JUST LIKE US

... on infosec, that is. Jihadis' OPSEC rivalled GCHQ's, says Glenn Greenwald

Website security in corporate America

NSA whistleblower Edward Snowden's media allies have launched a counteroffensive against allegations by intelligence agencies that terrorists have upped their game in cryptography as a result of his leaks about NSA spying.

Glenn Greenwald's The Intercept published leaked GCHQ mobile phone OPSEC guidance from 2010 alongside excerpts from a comparable jihadist handbook from 2003 to argue that terrorist groups were focused on mobile phone spying risks years before the Snowden leaks began last year.

"So sophisticated is the 10-year-old 'Jihadist Manual' that, in many sections, it is virtually identical to the GCHQ’s own manual, developed years later (in 2010), for instructing its operatives how to keep their communications secure," The Intercept argues.

Greenwald's piece attempts to rubbish a recent NPR Morning Edition radio report suggesting that the Snowden revelations harmed national security and allowed terrorists to develop countermeasures to state surveillance. NPR used research from web intelligence and predictive analytics firm Recorded Future to back up this accusation, which has repeatedly been aired by everyone from Sir Iain Lobban, director of Britain's GCHQ spy agency, who did so last year in front of a parliamentary committee, to former NSA General Counsel Stewart Baker earlier this month (here).*

"Following the June 2013 Edward Snowden leaks, we observe an increased pace of innovation, specifically new competing jihadist platforms and three major new encryption tools from three different organizations – GIMF, Al-Fajr Technical Committee, and ISIS – within a three to five-month time frame of the leaks," Recorded Future states.

NPR failed to point out that financial backers of Recorded Future include In-Q-Tel, the CIA’s investment arm. Mario Vuksan, chief exec of ReversingLabs, a cybersecurity expert who worked on Recorded Future's report, entered into a "strategic partnership" In-Q-Tel two years ago.

"Beyond all these CIA connections, the conclusion touted in the NPR report—that al-Qaeda developed more sophisticated encryption techniques due to the Snowden reporting—is dubious in the extreme. It is also undercut by documents contained in the Snowden archive," The Intercept argues.

Off the shelf

Recorded Future subsequently claimed that terrorists were turning to "off the shelf" methods of cryptography.

It’s pretty clear our earlier point that we’re observing increased pace of innovation in encryption technology by Al-Qaeda post Snowden stands true. And this innovation is based on best practice, off the shelf, algorithms.

Noted cryptographer Bruce Schneier maintains that the changes terrorists appear to be making will, if anything, make the counter-terror role of signals intelligence agencies such as the NSA and GCHQ easier rather than harder.

"Cryptography is hard, and the odds that a home-brew encryption product is better than a well-studied open-source tool is slight," Schneier writes. "Last fall, Matt Blaze said to me that he thought that the Snowden documents will usher in a new dark age of cryptography, as people abandon good algorithms and software for snake oil of their own devising. My guess is that this an example of that."

Compare & contrast: OPSEC advice

The debate about cryptography and the Snowden revelations is politically important and technically significant but Reg readers are also likely to be interested in the consensus view shared between terrorists and intel agencies about mobile phone operational security.

Both GCHQ and the jihadi manual instruct operatives that merely turning off mobile phones is insufficient to avoid tracking. Both the battery and SIM card must be removed.

A partially redacted version of six-page GCHQ guide – which was classified "secret" – is available via whistleblower site ‪cryptome.org‬ here (PDF). Experts in operational security and infosec have been picking through the release to uncover interesting nuggets about the tradecraft of spies.

The Foreign Office provides non-attributable official and personal mobile phones to GCHQ officers while on deployment. Covert mobile phones are equipped with Bluetooth and therefore they must not be switched on or used within a 50-mile radius of GCHQ's Cheltenham HQ, operatives are instructed.

Infosec consultant the grugq said the guidance made sense.

Spy Blog notes that ‪GCHQ‬'s covert mobile phone security guide that only other intelligence agencies - and not terrorists - would have the capability to track mobile phone locations.

Cyberspies are further instructed to use the landline payphones when at airports, rather than their covert mobiles, which can only be charged and not used in international transport hubs. ®

Bootnote

*By contrast, newly installed NSA chief Admiral Michael Rogers has played down the impact of the Snowden revelations on the spy agency's work and the suggestion that terrorists' communications in parts of the world had "gone dark" in the wake of Snowden.

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.