Al Qaeda gets serious about mobile and encryption — reportedly thanks to Snowden

cloud-security-key (1)Edward Snowden’s leaks of some of the National Security Agency’s darkest secrets have benefitted the group responsible for blowing up New York’s World Trade Center: Al Qaeda.

That’s according to a new report on Al Qeada’s embrasure of mobile by the intelligence organization Recorded Future. Its latest report discloses a slew of new mobile apps and encryption tools that the terror group released to communicate with its disparate cells in Africa and the Middle East and to broadcast hate-filled messages against the West.

Al Qeada has long used encryption on mobile, IM, and Macbooks, but security researchers have noticed changes since Snowden broke open the NSA’s treasure chest of intelligence operations. The terror group — and the violent ISIS, which now controls vast areas of Iraq — have used that data to innovate, using advanced encryption tools across most of their platforms as a matter of norm, Recorded Future’s report said.

The report is comprehensive, and it shows how one of Al Qaeda’s media and propaganda arms, Al-Fajr, released a new Android-based encryption app in June, news of which it released on its website. That app uses the AES “4096 bit key” encryption, similar to what some U.S. intelligence agencies use to protect data transfers.

The report noted that another Al Qaeda media arm, GIMF, released new encryption software called “Tashfeer al-Jawwalm,” three months after Snowden’s bombshell’s began landing in the Guardian, theWashington Post and Germany’s De Spiegel. According to Recorded Future, the new software encryption:

“The program uses the cryptographic algorithm Twofish with cipher block chaining which has the same strength as the algorithm for the Advanced Encryption Standard (AES). It uses elliptic curve encryption in exchanging keys with the keys encoded to 192-bit length. It was necessary to use elliptic curve encryption instead of the base encryption RSA because it is very long, and it’s not possible to store it in SMS nor use it with the Bouncy Castle libraries which use algorithms and methods of encryption with tested capabilities proven to be effective. This library does permit developers to change the random algorithms to protect against any misuse or abuse.”

What this means is that its become more difficult for Western intelligence agencies not only to intercept but also crack the terror group’s cyphers. Based on its research, Recorded Future noted that Al Qaeda’s communication networks have pivoted to adapt to the practices utilized in Signals Intelligence collection by using readily available encryption software and not developing their own in-house technology.

A former NSA official told VentueBeat that just as Al Qeada is watching, listening and adapting, so are the agency’s tasked with vacuuming their communication channels — it’s still a cat-and-mouse game.

Al Qaeda gets serious about mobile and encryption — reportedly thanks to Snowden

Learn how to protect your LAN and WAN and important corporate information with Certified Ethical Hacking (CEH), Computer Forensics (CHFI), Security Analyst (ESCA), CISSP, and Cisco Security courses.

CED Solutions is a Cisco Learning Partner, Microsoft Gold Learning Partner and the #1 location for Microsoft Certifications in North America for the last 6 years combined.  CED Solutions is a CompTIA Partner, EC Council Partner, and many others and is one of the largest providers of training in North America.  The Atlanta facility provides IT training for up to 300 students per day, with separate buildings dedicated to training. CED Solutions provides training for up to 10,000 students per year and students take up to 800 certification exams every two weeks.

Share this post