Al-Qaeda’s Embrace Of Encryption Technology – Part II: 2011-2014, And The Impact Of Edward Snowden

By: Steven Stalinsky and R. Sosnow*

April 28, 2014

The following report is a complimentary offering from MEMRI’s Jihad and Terrorism Threat Monitor (JTTM). For JTTM subscription information, click here.


GIMF announcement of the release of its Asrar Al-Dardashah encryption software for instant messaging.

Table Of Contents

  • Introduction
  • Edward Snowden’s Impact On Al-Qaeda’s And Other Jihadi Organizations’ Encrypted Communications
  • Al-Qaeda Media Wing Al-Sahab Moves To Using Encryption With UK-Based Company
  • Al-Fajr Technical Committee Releases New Encryption Program
  • Islamic State Of Iraq And Al-Sham (ISIS) Launches Asrar Al-Ghurabaa’ – The First Website For Secure Communication – To Rival Asrar Al-Mujahideen Software By GIMF       
  • Global Islamic Media Front (GIMF): Don’t Trust Asrar Al-Ghurabaa’; Releases Asrar Al-Mujahideen Encryption Software For Mac, Mobiles; Warns Of Fakes
  • Syrian Al-Qaeda Affiliate Jabhat Al-Nusra Announces New Twitter Account, Gains Over 24,000 Followers Within First Days; Provides Encryption Key
  • Ansar Al-Mujadideen Arabic Forum (AMAF): Praise For Hacks Against American Websites And Offers Of Hacking Lessons; Lessons On Encryption, Tor; Quotes By AQAP Leader
  • Pakistan-Based Jihadi Organization Lashkar-e-Taiba Uses Exclusive Skype-Type Application To Plan Terror Attacks
  • Al-Qaeda In The Arabian Peninsula (AQAP): Inspire Magazine And Other Publications Utilization of Encryption Technologies
  • Al-Shabaab Al-Mujahideen, Al-Qaeda’s Somalia Affiliate, Provides Encryption Codes
  • Shumoukh Al-Islam, The Main Al-Qaeda Forum, Provides Instructions For Accessing It Via Encrypted URL
  • Taliban English Magazine Azan Provides Encryption
  • The Internet Archive – Based In San Francisco, Used By Online Jihadis To Provide Encryption Lessons For Communicating With Al-Qaeda

Introduction

In January 2007, Al-Qaeda began to use encryption tools for its online activities, particularly for communication efforts, often utilizing security software based on military grade technology. The goal was to hide messages and to protect data transferred via networks, the Internet, mobile phones, e-commerce, Bluetooth, and the like. This development was in direct response to various security breaches of its websites over the years by Western government agencies.

The issue of encryption by Al-Qaeda made news following the killing of Osama bin Laden. U.S. intelligence sources reported that much of the material seized at bin Laden’s compound was encrypted and stored electronically on computers, laptops, hard drives, and storage devices. In 2009, an Al-Qaeda deputy who was previously Osama bin Laden’s secretary, Nasir Al-Wuheishi, discussed the use of encryption software.[1] He said, “For our part, we will make contact with anyone who wants to wage jihad with us, and we will guide him to a suitable means to kill the collaborators and the archons of unbelief – even in his bedroom or workplace. Anyone who wants to give support to [Al-Qaeda in the Arabian Peninsula’s] operational side and to give tithes [to the organization] can contact us through a special email [set up] for this purpose, using the ‘Mujahideen Secrets’ software and employing the proper security measures…”[2]

In July 2011, MEMRI published a report, Al-Qaeda’s Embrace of Encryption Technology: 2007-2011, which covered the period beginning January 1, 2007, when the Global Islamic Media Front (GIMF) announced the imminent release of new computer software, Asrar Al-Mujahideen (“Mujahideen Secrets”).[3] The promotional material for the software stated that it was “the first Islamic computer program for secure exchange [of information] on the Internet,” and noted that it provided users with “the five best encryption algorithms, and with symmetrical encryption keys (256 bit), asymmetrical encryption keys (2048 bit) and data compression [tools].” Since then, in addition to Asrar Al-Mujahideen, GIMF has released Asrar Al-Dardashah, an encryption plugin for instant messaging (February 2013),[4] and a mobile version of Asrar Al-Mujahideen (September 2013).[5]

This report traces the development of Al-Qaeda’s encryption development efforts from July 2011 to 2014, as well as how the recent NSA leaks by Edward Snowden are impacting Al-Qaeda communications.

Edward Snowden’s Impact On Al-Qaeda’s And Other Jihadi Organizations’ Encrypted Communications

Over the past few months, U.S. and other Western political, governmental, and military leaders have noted that Al-Qaeda has changed its communications following Edward Snowden’s disclosures. Speaking on NBC’s Meet the Press on January 19, 2014, U.S. Rep. Mike Rogers, who chairs the House Permanent Select Committee on Intelligence, discussed how the Snowden episode has led Al-Qaeda to change its tactics. He stated: “…[Y]ou have to remember, Al-Qaeda has changed the way they communicate based on this. That puts our soldiers at risk in the field. That’s a real dangerous consequence. Nation states have started to make changes that concern us greatly. We’re going to have to rebuild whole aspects of operations from our Army, Navy, Air Force, and Marines that will cost billions and billions of dollars because the information he stole and gave, which we believe is now in the hands of nation states who are doing something with it. There’s no honor in that.”[6]

Speaking on CBS’s Face the Nation on January 19, 2014, Mike Morellformer deputy CIA director and NSA Surveillance Review Group member, said in reference to the Snowden affair: “So even before I left government in August, we were watching the adversaries change their approach as a result of the disclosures. So they moved very quickly to adjust to the [data] collection that we were doing against them. And I don’t know it, but I would imagine my former colleagues are working aggressively to adjust as well.”[7]

A November 7, 2013 New York Times article quoted John Sawers, head of Britain’s secret service MI6, as saying: “The leaks from Snowden have been very damaging, and they’ve put our operations at risk… It’s clear that our adversaries are rubbing their hands with glee. Al-Qaeda is lapping it up.”

Iain Lobban, director of the U.K.’s Government Communications Headquarters, which provides signals intelligence (SIGINT) and information assurance to the British government and armed forces told the New York Times that terrorist groups in Afghanistan, South Asia and the Middle East as well as “closer to home” have discussed the Snowden leaks, and that they have assessed “the communications packages they use now and the communication packages they wish to move to… to avoid what they now perceive to be vulnerable communications methods.” The newspaper also quoted Andrew Parker, the head of Britain’s domestic security agency MI5, as saying that the Snowden leaks had caused “enormous damage” to British security, “handing the advantage to the terrorists.”[8]

In fact, many online jihadis have paid attention to what information was revealed by Snowden, in addition to praising him and at the same time issuing warnings for caution about their communications.

Another sign that the Snowden leaks have impacted Al-Qaeda’s communications was the March 15, 2014 release of Issue XII of Al-Qaeda’s English-language magazineInspire. Since its launch in 2010, Inspire has been known for its efforts to reach out to potential Western recruits. These efforts appear to have been successful; to date, over 20 young people have been arrested on terrorism-connected charges with copies of Inspire in their possession. Shortly after this issue came out, British Metropolitan Police issued a warning that anyone found reading the magazine could face prosecution.[9]

The latest Inspire-connected arrest was on March 17, 2014, when 20-year-old Nicholas Teausant of California, who according to the affidavit wanted to bomb the Los Angeles subway system, was taken off an Amtrak train in Washington state at the U.S.-Canada border and charged with attempting to provide assistance to Islamic extremists in Syria. He is being accused of exploring ways to support violent extremist activities since October 2013.[10] The affidavit also notes that he had been active on social media and had posted jihad-related content on his Instagram account. According to the indictment, Teausant frequently referred to Inspire; in one incident he became upset by something in it and texted the informant, “We have to do something now!”[11]

Issues I through XI of Inspire provided readers with encryption information for securely contacting the magazine. One of Teausant’s Instagram posts includes a photo of his computer screen showing him using the GIMF’s Asrar Al-Mujahideen (“Mujahideen Secrets”) encryption software, which Inspire provided to its readers, along with its own encryption key, for readers to communicate with it (this issue, however, announces that AQAP is suspending its email account). In the post, Teausant explains what it is and writes that he can use it to communicate with the Taliban and Inspire: “Lol its Arsar Al-Mujahideen program it allows you to encrypt messages and safly send them to the taliban repersentitives… also allows me to talk to the creators of ‘Inspire.'”


On his Instagram account, Teausant explains what “Mujahideen Secrets” software is and how he can use it to communicate with the Taliban and Inspire.

This issue of Inspire, the first since the Edward Snowden affair, includes a focus on Internet security. Most significantly, it notes on the first page, in all-capital letters: “DUE TO TECHNICAL AND SECURITY REASONS, WE HAVE SUSPENDED OUR EMAIL ADDRESSES TEMPORARILY.” Since, as mentioned, Inspire has always provided email addresses and encryption information for readers wishing to contact it, and, as a major part of its outreach efforts, urged readers to write in, its decision to suspend its email is meaningful.

It is worth noting that this issue includes praise for Snowden, as well as for other Western leakers such as Bradley/Chelsea Manning and Julian Assange. It notes under the heading “Questions We Should Be Asking”: “If those making blasphemy against Islam have the right to express themselves, why aren’t the actions of Assange, Snowden, Manning and Hammond considered freedom of expression?”

The cover story, “Shattered: A Story About Change,” by Abu Abdillah Almoravid, who also authored an article in the previous issue of Inspire, focuses on the immoral nature of America and, in another mention of Edward Snowden, how he helped unmask it. It stated: “Obama lied in regard of the NSA program. He asserted it did not spy on its citizens. But every dog has its day, and NSA’s day came when the whistleblower Edward Snowden revealed the No Secret Agency’s dark secrets. The people called for the government to observe the American principles but it did not listen. It abandoned all its privacy policies. This rogue country did not stop at spying on its citizens, it killed them too. Several of its citizens have been targeted in their extra judicial killing program.”[12]

Praise for Snowden can also be found in Issue III of the English-language online Taliban magazine Azan, released August 26, 2013. An article in it, titled “The Statue of Liberty Is In Reality The Statue Of Slavery In The Early 21st Century,” stated: “Now let’s look at the ‘freedom’ on the other side of the world. The U.S. claims to be the champion of ‘freedom’ in the world while at the same time running huge internal programs that spy on the personal lives of its own people! Edward Snowden, who was an employee at the NSA (National Security Agency), laid bare the U.S. government’s infiltration into the personal email, phone and social media records of its people.”[13]

Also following the Snowden leaks, on August 30, 2013, Mula’ib Al-Assinnah, a senior member of the leading jihadi forum Shumoukh Al-Islam warned online jihadis not to use Google’s Gmail because Google is part of the National Security Agency (NSA). In his post, titled “What is the Best Free and Most Secure Email [Service]?” Al-Assinnah expressed his astonishment that senior jihadi writers as well as media foundations continue to use Gmail. Wondering why no one has yet to warn online jihadis about this “dangerous” issue, Al-Assinnah wrote: “[T]his is one aspect where I have recently noticed the brothers to be regressing and lax in their attention to security… I would like to ask the experts what is the best website that offers free and secure email services.” Responding to Al-Assinnah’s post, Abu Safiyyah, another senior member of the forum, stated that using the Asrar Al-Mujahideen (“Mujahideen Secrets”) encryption software in conjunction with identity concealment software represented the key precautionary measures in terms of communications.[14]

Al-Qaeda Media Wing Al-Sahab Moves To Using Encryption With UK-Based Company

On April 9, 2014, Al-Qaeda’s media wing Al-Sahab announced an upcoming open interview with Maulana Asim Umar, head of the Al-Qaeda Shari’a Committee in Pakistan. The announcement said that people could submit questions in Urdu, Arabic, English or Pashto, and included both a Yahoo and a Safe-mail.net email address to where questions could be sent.

The UK-based Safe-mail bills itself as “the most secure, easy to use communication system. It includes encrypted mail system with collaboration features and document storage functions. Always accessible at any time from anywhere!” It also states that “Safe-mail is designed to provide maximum security and privacy without any complexity. Banks, law firms, health care, accountants and similar professional organizations will not provide security unless requested by you! Remember, your information is yours only. Your privacy is at risk when you communicate. Do not do business with any of the above unless your valuable information is protected!”[15]

Al-Fajr Technical Committee Releases New Encryption Program

On December 10, 2013 a new encryption program called ‘Amn Al-Mujahid (“The Mujahid’s Security”) was released on top jihadi forums. The entity behind the release was the Al-Fajr Technical Committee (FTC).

The FTC, established in September 2012, aims to develop and improve jihadis’ technical knowledge and capabilities to achieve superiority over the enemy in media and propaganda. Previously, the group had stated that it operates openly and that jihadis can contact it via its accredited accounts on the Al-Fida’ and Shumoukh Al-Islam jihadi forums.[16]

‘Amn Al-Mujahid is the latest addition to the list of encryption programs used by jihadis, including for instant messaging[17] and for use with mobile phones.[18] Until the FTC released this program, the leading group developing and releasing encryption programs has been the Global Islamic Media Front (GIMF), whose Asrar Al-Mujahideen (“Mujahideen Secrets”) was first released in 2007 and has been updated several times since. There were, however, other “not trusted” attempts at encryption programs for jihadis; the use of them is generally warned against and thwarted. For example, two weeks previously, a jihadi forum associated with the Islamic State of Iraq and Al-Sham (ISIS) released an encryption program called Asrar Al-Ghurabaa’. Shortly thereafter, however, the GIMF warned jihadis against using it, calling it “not trusted.”[19] Asrar Al-Ghurabaa’ was allegedly developed by ISIS members and their supporters.[20]

To request a full copy of this MEMRI Jihad and Terrorism Threat Monitor report, send us an email with the report title, number, and date in the subject line, and include your name, title, organization, and official contact info in the body of the email.