NAT SEC

How ISIS Avoids Digital Detection

The Islamic State and other jihadist groups have dozens of tech products at their disposal to hide their tracks on the internet, a new study finds

NAT SEC
Illustration: Diana Quach
Jul 25, 2016 at 1:20 PM ET

The Islamic State and other jihadist organizations are deftly employing dozens of digital products to mask their activity online, a new study shows.

Islamist terror groups leverage everything from temporary email services to tools that provide bogus GPS locations in order to skirt online detection and minimize the risk of cyber attacks against them, the intelligence firm Flashpoint found. ISIS and its extremist counterparts, such as al-Qaeda, also turn to this technology to help recruit, radicalize, and even orchestrate attacks.

“Although technology is not typically associated with jihadists, it is their lifeblood,” write researchers Laith Alkhouri and Alex Kassirer in their report titled “Tech for Jihad: Dissecting Jihadists’ Digital Toolbox.” The pair based their findings on an analysis of extremist forums on the deep web where ISIS-sympathizes and other professed jihadists gather to swap terror tips and peddle encrypted devices, most of them free and readily accessible online.

Analysts and law enforcement officials have long warned of terror groups “going dark” on the internet by using new tech products to mask their identity and whereabouts, making these groups increasingly difficult to monitor. Earlier this year, the Pentagon unveiled a sweeping plan to target ISIS’ online infrastructure and well-oiled propaganda machine. U.S. military officials, however, told the Washington Post this month that the initiative is off to a slow, sputtering start.

Meanwhile, ISIS and other jihadists continue to benefit from the use of some 36 tech tools identified by Flashpoint. Here’s how they’re becoming more clandestine.

Secure Browsers
The report found that ISIS sympathizers are increasingly turning away from commercial web browsers, such as Google Chrome or Safari, in favor of more protected ones. Secure web browsers do not divulge IP addresses. They also minimize the risk of third-party surveillance. Jihadist-approved products: Tor Browser; Opera.

Virtual Private Networks (VPNs) and Proxy Servers
VPNs and proxy servers create an additional layer of encryption on the internet, providing additional online privacy. Islamist terror groups have been encouraging supporters to use them since at least 2012, Flashpoint found. Jihadist-approved products: F-Secure Freedome; CyberGhostVPN

Protected Email Services
The FBI and other intelligence agencies have long relied on email to monitor the activity of terrorism suspects. Alternative email services, however, provide security features such as end-to-end encryption and anonmyous account capabilities that undercut surveillance. Jihadist-approved products: Hush-Mail; ProtonMail; YOPmail; GhostMail; Tutanota.

Mobile Security Apps
The report shows that ISIS supporters routinely encourage one another leverage a suite of mobile phone security apps. These tools can delete browsing history, secure a user’s location, and disable other apps from using a phone’s camera, microphone or BlueTooth. Jihadist-approved products: Locker; Fake GPS; D-Vasive Pro; iShredder Pro; Hide.me; DNSCrypt; NetGuard; AFWall

Encrypted Messaging Apps
As social media companies such as Twitter and Facebook continue to crackdown on ISIS-related content, supporters have increasingly moved toward encrypted messaging apps, the study shows. Jihadist-approved products: Telegram; Threema.