An article in the official ISIS weekly Al-Naba’ on encryption and secure communication warned against the use of the instant messaging apps Telegram, Skype, and WhatsApp, emphasizing that these apps were all developed by the enemy, and as such, should never be trusted. ISIS also questioned Telegram’s security, warning that its image of having an unbreakable encryption should not lead jihadis to use it, warning of possible backdoors in the software. ISIS also emphasized the need for jihadis to always encrypt sensitive communications by using well-established and well-trusted encryption schemes, preferably that they themselves have developed.
The article refers to the Internet as a weapon that the mujahideen have long used more effectively than their foes. As such, “it has become incumbent upon every sincere mujahid to use this weapon well in order for it not be used against them.” In that regard, the article reminds the mujahideen that their starting point when it comes to communicating online should always be that their communication is seen and read by the enemy before reaching its intended recipient; therefore, it urges them to always encrypt sensitive communication.
“Sending secret information via the Internet without encryption is [considered] a breach of Muslim secrets, [which] helps the unbelievers against them,” the article warns. It also notes that the implementation of encryption used by jihadis, rather than how strong it is in theory, is what matters the most. In that regard, the article warns the mujahideen not to fall victim to “misleading ads” by companies like Telegram, which boasts about using unbreakable encryption, and reminds them about the dangers of backdoors that might be installed in these programs: “The most important thing to discuss in Information Security is how the encryption was built, and whether a security breach [i.e. a backdoor] was put in place.” The article also advises the mujahideen to always investigate the party behind a certain product, and warns them against trusting a program merely because some mathematician or expert endorsed it: “Whoever knows the enemy and his tricks will ask a specific question: Who developed the program? And the answer [to that question] is [the thing] that dictates the [level of] trust in the encryption, and not the advertisement or [encryption] algorithms [used in it].” The article also notes that ” a conniving software developer can easily hide decryption tools within the encrypted file or data.”