Snowden leaks show that terrorists are JUST LIKE US

... on infosec, that is. Jihadis' OPSEC rivalled GCHQ's, says Glenn Greenwald

Secure remote control for conventional and virtual desktops

NSA whistleblower Edward Snowden's media allies have launched a counteroffensive against allegations by intelligence agencies that terrorists have upped their game in cryptography as a result of his leaks about NSA spying.

Glenn Greenwald's The Intercept published leaked GCHQ mobile phone OPSEC guidance from 2010 alongside excerpts from a comparable jihadist handbook from 2003 to argue that terrorist groups were focused on mobile phone spying risks years before the Snowden leaks began last year.

"So sophisticated is the 10-year-old 'Jihadist Manual' that, in many sections, it is virtually identical to the GCHQ’s own manual, developed years later (in 2010), for instructing its operatives how to keep their communications secure," The Intercept argues.

Greenwald's piece attempts to rubbish a recent NPR Morning Edition radio report suggesting that the Snowden revelations harmed national security and allowed terrorists to develop countermeasures to state surveillance. NPR used research from web intelligence and predictive analytics firm Recorded Future to back up this accusation, which has repeatedly been aired by everyone from Sir Iain Lobban, director of Britain's GCHQ spy agency, who did so last year in front of a parliamentary committee, to former NSA General Counsel Stewart Baker earlier this month (here).*

"Following the June 2013 Edward Snowden leaks, we observe an increased pace of innovation, specifically new competing jihadist platforms and three major new encryption tools from three different organizations – GIMF, Al-Fajr Technical Committee, and ISIS – within a three to five-month time frame of the leaks," Recorded Future states.

NPR failed to point out that financial backers of Recorded Future include In-Q-Tel, the CIA’s investment arm. Mario Vuksan, chief exec of ReversingLabs, a cybersecurity expert who worked on Recorded Future's report, entered into a "strategic partnership" In-Q-Tel two years ago.

"Beyond all these CIA connections, the conclusion touted in the NPR report—that al-Qaeda developed more sophisticated encryption techniques due to the Snowden reporting—is dubious in the extreme. It is also undercut by documents contained in the Snowden archive," The Intercept argues.

Off the shelf

Recorded Future subsequently claimed that terrorists were turning to "off the shelf" methods of cryptography.

It’s pretty clear our earlier point that we’re observing increased pace of innovation in encryption technology by Al-Qaeda post Snowden stands true. And this innovation is based on best practice, off the shelf, algorithms.

Noted cryptographer Bruce Schneier maintains that the changes terrorists appear to be making will, if anything, make the counter-terror role of signals intelligence agencies such as the NSA and GCHQ easier rather than harder.

"Cryptography is hard, and the odds that a home-brew encryption product is better than a well-studied open-source tool is slight," Schneier writes. "Last fall, Matt Blaze said to me that he thought that the Snowden documents will usher in a new dark age of cryptography, as people abandon good algorithms and software for snake oil of their own devising. My guess is that this an example of that."

Compare & contrast: OPSEC advice

The debate about cryptography and the Snowden revelations is politically important and technically significant but Reg readers are also likely to be interested in the consensus view shared between terrorists and intel agencies about mobile phone operational security.

Both GCHQ and the jihadi manual instruct operatives that merely turning off mobile phones is insufficient to avoid tracking. Both the battery and SIM card must be removed.

A partially redacted version of six-page GCHQ guide – which was classified "secret" – is available via whistleblower site ‪cryptome.org‬ here (PDF). Experts in operational security and infosec have been picking through the release to uncover interesting nuggets about the tradecraft of spies.

The Foreign Office provides non-attributable official and personal mobile phones to GCHQ officers while on deployment. Covert mobile phones are equipped with Bluetooth and therefore they must not be switched on or used within a 50-mile radius of GCHQ's Cheltenham HQ, operatives are instructed.

Infosec consultant the grugq said the guidance made sense.

Spy Blog notes that ‪GCHQ‬'s covert mobile phone security guide that only other intelligence agencies - and not terrorists - would have the capability to track mobile phone locations.

Cyberspies are further instructed to use the landline payphones when at airports, rather than their covert mobiles, which can only be charged and not used in international transport hubs. ®


*By contrast, newly installed NSA chief Admiral Michael Rogers has played down the impact of the Snowden revelations on the spy agency's work and the suggestion that terrorists' communications in parts of the world had "gone dark" in the wake of Snowden.

New hybrid storage solutions

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
THREE QUARTERS of Android mobes open to web page spy bug
Metasploit module gobbles KitKat SOP slop
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Snowden, Dotcom, throw bombs into NZ election campaign
Claim of tapped undersea cable refuted by Kiwi PM as Kim claims extradition plot
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
prev story


Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.