‘Terror Plot? There’s An App For That;’ Mysterious ‘MuslimCryppt’ App Helps Jihadists Send Covert Messages
The above title is from Lilly Hay Newman’s March 29, 2018 post on the security and technology website, WIRED.com. In an unsettling/worrisome; but, not surprising article, Ms. Newman explains how ISIS, al-Qaeda, and other Islamic extremists are using a newly developed app/technique called, MuslimCrypt,’ to covertly communicate and no doubt plan and orchestrate terrorist operations. I refer you to WIRED for Ms. Newman’s full article.
“ISIS has long taken advantage of secure communications tools; and, used mainstream communications platforms in unexpected ways,” Ms. Newman began. “Extremist groups even develop their own software at times to tailor things like encrypted messaging to their specific needs.” Indeed, we saw in the aftermath of the Snowden leaks, al-Qaeda, ISIS, and other extremist groups altered, changed, and enhanced their encrypted software; and, changed their communications techniques, tactics, and procedures, in order to better evade intelligence collection and law enforcement activities — in order to thwart terrorist attacks.
Now, Ms. Newman writes, “one such project is the clandestine, and unfortunately named communication tool, MuslimCrypt, which uses an encryption technique called stenography to spread secret messages. And, while many homegrown tools don’t live up to their promised protections,” she wrote, “a new evaluation of MuslimCrypt by the Middle East Media Research Institute (MERI) reaches a basic; but, crucial conclusion: MuslimCrypt’s stenography works.”
“MuslimCrypt was first released by unknown actors on January 20  in a private, pro-ISIS Telegram channel; and, like other stenographic tools, it hides information in plain sight,” Ms. Newman noted. “Think of writing in invisible ink,” she adds, “except it’s encoding a digital message in an otherwise unremarkable piece of software. And, while stenography has of late, been linked to malicious hacks, MuslimCrypt brings the technique back to its clandestine communication roots.” (In fact, Osama bin Laden was apparently a regular practitioner).”
“Specifically,” Ms. Newman wrote, “MuslimScrypt hides information in images that can be shared, or posted freely — because only the recipient will know to check it for the secret [embedded] message.”
MERI’s Marwan Khayat, “who worked to trace the tool’s history on Telegram,” Ms. Newman wrote, also conducted a thorough digital autopsy to fully appreciate and understand the value of this tool for terrorists and the darker angels of our nature. “It’s really fascinating they’re using stenography,” Mr. Khayat told WIRED. “I found random pictures online, checked that you could embed a message; and, that you could extract it, and compared the two images visually. Someone online who see’s the resulting image, they is no way to tell — so, it’s working.”
But, “MuslimCrypt’s murky origins, pose the biggest barrier to understanding more about its intended uses; and, the real goals behind the project, we don’t know who released it [into the digital wild],” Mr. Khayat said.
“Stenography’s value as a secret communication tool makes it unsurprising that jihadi’s would eventually adopt the technique,” Simon Wiseman, Chief Technology Officer at the British network security firm, Deep Secure, told WIRED. Mr. Wiseman’s firm, “works on malicious stenography defense,” Ms. Newman noted.
‘Terror Plot? There’s An App For That’
The above is the title of Steven Stalinsky’s April 13, 2018, Op-Ed in the Wall Street Journal (WSJ). Mr. Salinsky is the Executive Director of MERI; and author of the 2017 book, “American Traitor: The Rise & Fall Of al-Qaeda’s U.S.-Born Leader, Adam Gadahn.”
Mr. Salinsky warns that “right now, [the] Islamic State and its followers around the world are using mobile devices to choose targets, discuss methods and timing, and even raise funds. With the aid of encrypted messaging apps — most of which are developed by Western companies — these terrorists can communicate fully, out of sight of intelligence and law enforcement agencies. The murders of countless innocent people have been planned this way; and, most Western leaders seem unsure how to stop it.”
Moreover, “the number of encrypted apps — used and experimented with by terrorist groups — is constantly increasing,” he added. “Many of the companies responsible for developing and disseminating these apps are based in Europe, where officials have been quick to criticize American social media companies like FaceBook, Twittter, and YouTube for hosting terrorist content.” Pot calling the kettle black? “These same officials,” Mr. Salinsky observes, “have been notably slow in addressing terrorists’ affinity for platforms based in their countries [on the continent].”
“Counterterrorism officials are overwhelmed by the sheer number of potential terrorists using these apps on mobile devices,” Mr. Salinsky wrote. “And, they are further handicapped by their inability to access the encrypted information — which could help them stop future attacks.” In a January speech at the International Conference on Cyber Security, FBI Director Christopher Wray called the threat from terrorist use of encrypted apps, “an urgent public safety issue.”
Director Wray, revealed at the conference just referenced, that “the FBI tried and failed to access encrypted information on nearly 8,000 devices in 2017,” Mr. Salinsky noted.
In conclusion, Mr. Salinsky scolds those producing and disseminating these encrypted apps, such as MuslimCrypt, for ignoring, or turning a blind-eye to how these apps are empowering the clandestine communications of those who want to kill Westerners. Greater attention needs to be devoted to this burgeoning and looming threat — by the private sector and Silicon Valley, as well as government leaders. The Intelligence Community, hopefully has tracking, defeating, and corrupting or monitoring these devices and their attendant communications — as a top priority. All the leaks and compromises of NSA’s intelligence collection tradecraft ,techniques, and actual devices has certainly harmed and undermined our ability to do so. Hopefully, the new NSA leader and members of the Congressional Intelligence Committees are also looking for new and novel ways to attack this most worrisome of issues. RCP, fortunascorner.com