Feeds

Snowden leaks show that terrorists are JUST LIKE US

... on infosec, that is. Jihadis' OPSEC rivalled GCHQ's, says Glenn Greenwald

Choosing a cloud hosting partner with confidence

NSA whistleblower Edward Snowden's media allies have launched a counteroffensive against allegations by intelligence agencies that terrorists have upped their game in cryptography as a result of his leaks about NSA spying.

Glenn Greenwald's The Intercept published leaked GCHQ mobile phone OPSEC guidance from 2010 alongside excerpts from a comparable jihadist handbook from 2003 to argue that terrorist groups were focused on mobile phone spying risks years before the Snowden leaks began last year.

"So sophisticated is the 10-year-old 'Jihadist Manual' that, in many sections, it is virtually identical to the GCHQ’s own manual, developed years later (in 2010), for instructing its operatives how to keep their communications secure," The Intercept argues.

Greenwald's piece attempts to rubbish a recent NPR Morning Edition radio report suggesting that the Snowden revelations harmed national security and allowed terrorists to develop countermeasures to state surveillance. NPR used research from web intelligence and predictive analytics firm Recorded Future to back up this accusation, which has repeatedly been aired by everyone from Sir Iain Lobban, director of Britain's GCHQ spy agency, who did so last year in front of a parliamentary committee, to former NSA General Counsel Stewart Baker earlier this month (here).*

"Following the June 2013 Edward Snowden leaks, we observe an increased pace of innovation, specifically new competing jihadist platforms and three major new encryption tools from three different organizations – GIMF, Al-Fajr Technical Committee, and ISIS – within a three to five-month time frame of the leaks," Recorded Future states.

NPR failed to point out that financial backers of Recorded Future include In-Q-Tel, the CIA’s investment arm. Mario Vuksan, chief exec of ReversingLabs, a cybersecurity expert who worked on Recorded Future's report, entered into a "strategic partnership" In-Q-Tel two years ago.

"Beyond all these CIA connections, the conclusion touted in the NPR report—that al-Qaeda developed more sophisticated encryption techniques due to the Snowden reporting—is dubious in the extreme. It is also undercut by documents contained in the Snowden archive," The Intercept argues.

Off the shelf

Recorded Future subsequently claimed that terrorists were turning to "off the shelf" methods of cryptography.

It’s pretty clear our earlier point that we’re observing increased pace of innovation in encryption technology by Al-Qaeda post Snowden stands true. And this innovation is based on best practice, off the shelf, algorithms.

Noted cryptographer Bruce Schneier maintains that the changes terrorists appear to be making will, if anything, make the counter-terror role of signals intelligence agencies such as the NSA and GCHQ easier rather than harder.

"Cryptography is hard, and the odds that a home-brew encryption product is better than a well-studied open-source tool is slight," Schneier writes. "Last fall, Matt Blaze said to me that he thought that the Snowden documents will usher in a new dark age of cryptography, as people abandon good algorithms and software for snake oil of their own devising. My guess is that this an example of that."

Compare & contrast: OPSEC advice

The debate about cryptography and the Snowden revelations is politically important and technically significant but Reg readers are also likely to be interested in the consensus view shared between terrorists and intel agencies about mobile phone operational security.

Both GCHQ and the jihadi manual instruct operatives that merely turning off mobile phones is insufficient to avoid tracking. Both the battery and SIM card must be removed.

A partially redacted version of six-page GCHQ guide – which was classified "secret" – is available via whistleblower site ‪cryptome.org‬ here (PDF). Experts in operational security and infosec have been picking through the release to uncover interesting nuggets about the tradecraft of spies.

The Foreign Office provides non-attributable official and personal mobile phones to GCHQ officers while on deployment. Covert mobile phones are equipped with Bluetooth and therefore they must not be switched on or used within a 50-mile radius of GCHQ's Cheltenham HQ, operatives are instructed.

Infosec consultant the grugq said the guidance made sense.

Spy Blog notes that ‪GCHQ‬'s covert mobile phone security guide that only other intelligence agencies - and not terrorists - would have the capability to track mobile phone locations.

Cyberspies are further instructed to use the landline payphones when at airports, rather than their covert mobiles, which can only be charged and not used in international transport hubs. ®

Bootnote

*By contrast, newly installed NSA chief Admiral Michael Rogers has played down the impact of the Snowden revelations on the spy agency's work and the suggestion that terrorists' communications in parts of the world had "gone dark" in the wake of Snowden.

Internet Security Threat Report 2014

More from The Register

next story
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Edward who? GCHQ boss dodges Snowden topic during last speech
UK spies would rather 'walk' than do 'mass surveillance'
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
NOT OK GOOGLE: Android images can conceal code
It's been fixed, but hordes won't have applied the upgrade
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.