“No computer is safe,” Donald Trump told us over the weekend . And nobody knows that better than the world’s terrorists. But at the e...
“No computer is safe,” Donald Trump told us over the weekend.
And nobody knows that better than the world’s terrorists. But at the
end of the day, just like the rest of us, they still stay online—and in
many cases, fortunately, that costs them.
As
ISIS overtook much of Iraq and Syria in 2014, the terrorist
organization ran a parallel campaign on the internet from Facebook and
Twitter to Telegram and WhatsApp. Social media offered the militants
an opportunity to recruit jihadi followers and spread radical
interpretations of Islam. Articles in The New York Times, The Wall Street Journal, and The Washington Post
foretold the dangers of the caliphate’s rule over internet messaging
platforms and social networking services popular with teenagers.
The news media neglected to mention
what the militants had risked in their ambitious online venture. In
theory, every computer and phone
that ISIS used intelligence, law-enforcement, and security agencies
could track, passing the information to warplanes stalking the skies of
the Middle East.
It
emerged last year that the U.S. Air Force was relying on social media
to locate and target ISIS command hierarchies. In one incident, a
fighter posted a picture of himself in an ISIS operations room with a
geotag. American airstrikes hit the military base 22 hours later.
Insurgents across Africa and Asia have struggled to balance the importance
of public relations in the Information Age with the dangers of the
internet, a cesspool of hackers, informants, and spies. “Surveillance
has had a role in the liquidation and murder of a large number of
insurgents,” said Nasser Abu Sharif, an official of Palestinian Islamic
Jihad (PIJ). “Our military policy is not to carry cellphones, but there
are unfortunately some fighters who do not abide by these axiomatic
rules.”
The militants who must use cellphones
and computers, such as propagandists and spokespeople, find themselves most at risk.
“The
social media spokespeople of terrorist organizations are often high on
the targets list for drone strikes by the U.S. and others,” noted Dan
Gettinger, co-director of the Center for the Study of the Drone at Bard
College. “People like Junaid Hussein, Reyad Khan, and even Anwar
al-Awlaki all demonstrated their ability at using the internet and
social media to spread their message and encourage attacks against their
U.K. and U.S. homelands and were all killed in drone strikes.”
The Intercept reported
that the CIA and the NSA have cooperated to monitor terrorists’ SIM
cards through mass surveillance and metadata. One target was al-Awlaki,
the Yemeni–American ideologue of al Qaeda in the Arabian Peninsula
killed in a 2011 American airstrike.
The leadership of the Taliban has
tried to confuse Western intelligence agencies, distributing SIM cards
to random fighters and reshuffling them at impromptu meetings.
“We take a range of measures, such as not communicating classified information over the phone
,”
Zabihullah Mujahid, the Taliban’s primary spokesman, told The Daily
Beast over WhatsApp. “Senior leaders don’t talk on the phone to avoid
the tracking of their location.” The Taliban only allows Mujahid and
secondary spokesman Qari Muhammad Yousuf Ahmadi to talk to the news
media to minimize the risk of airstrikes.
“Well-established terrorist organizations are generally quite conscious of the risks of electronic
surveillance and interception and take security measures in response, such as frequent swapping of phones
or SIM cards,” said Paul R. Pillar, a former executive assistant to the
Director of Central Intelligence. “Such measures do not preclude them
from use of social media and the internet for propaganda and
recruitment; cut-outs can be used in posting material so that it is
difficult to trace key individuals involved.”
But the Taliban’s commitment to cybersecurity has limits. American intelligence agencies last May assassinated
Mullah Akhtar Mansour, the insurgents’ previous leader, by intercepting
his mobile devices. Mansour’s predecessor, Mullah Muhammad Omar, had
avoided a similar fate by living in secrecy; the Taliban even managed to
hide news of his 2013 death for two years. Osama bin Laden, Omar’s ally
and friend, evaded detection for years by foregoing cellphones
(though his aides owned them).
“Any time an individual interacts
with information networks, that does present an opportunity for law
enforcement or the intelligence community to attempt to identify
someone, determine a location, or otherwise gather available electronic
information,” observed Susan Hennessey, a former attorney with the NSA.
Taliban spokespeople have lapsed in the past. In 2012, Ahmadi CC’d
subscribers to a Taliban email list instead of BCC’ing them, revealing
the email addresses of over 400 recipients. In 2014, Zabihullah Mujahid tweeted his location in Pakistan by accident.
“The spread of easy-to-use encryption and other countersurveillance tools
allow these groups to develop complex communications networks and
reduces the number of mistakes which might be exploited for collection,”
Hennessey told The Daily Beast.
Terrorist
organizations prefer application software secured by end-to-end
encryption. The putschists in Turkey’s failed coup d’Ă©tat plotted over WhatsApp. Telegram, an internet messaging platform developed by Russian dissident entrepreneurs, remains a favorite of ISIS.
But both apps come with their own hazards.
Participants in the Taliban’s WhatsApp chatrooms can view the cellphone
numbers of all the other members, allowing even the laziest
intelligence officer to see with ease who is controlling and following
the Taliban’s instant messaging. Gizmodo has also questioned the privacy
afforded by Telegram, ranking iMessage as more secure.
As rebels grapple with the pros and
cons of media manipulation over the internet, even states without
access to the Western world’s high technology are enjoying the benefits
of mass surveillance in their bloody counterinsurgencies. Leaders in the
Justice and Equality Movement (JEM) and the Sudanese Liberation
Movement/Army (SLM/A) alleged that the Sudanese government launched an
airstrike in 2011 on Khalil Ibrahim, the most prominent of Darfur’s
rebels, after tracking his cellphone.
“The death of Dr. Khalil resulted
from the Global Positioning System,” Adam Eissa Abakar, a JEM leader,
told The Daily Beast. “When an individual speaks on the telephone, there
will be an airstrike within half an hour.”
“The government in Khartoum
controls the telecommunications market in Sudan and brought
sophisticated surveillance equipment to monitor all calls and messages
within the country,” claimed Muhammad Abdulrahman al-Nair, an SLM/A
spokesman. He asserted that Sudanese intelligence officers had studied
computer and network surveillance in China, Iran, Malaysia, Pakistan,
Russia, and South Korea. According to him, the Sudanese government
relied on Emirati support to locate Ibrahim.
Elsewhere in Africa, failed states
depend on Western intelligence sharing to target well-armed insurgents.
“We know that our Libyan enemies are watching
our phones, but they couldn’t know this technique without Western
help,” asserted Muhammad Idris Taher, a press secretary for the Derna
Mujahideen Shura Council, a Libyan militia with alleged links to al
Qaeda.
The Middle East Eye confirmed
the West’s relationship with Khalifa Haftar, a renegade Libyan warlord
and self-proclaimed secularist enemy of jihadis, after obtaining
recordings of air traffic controllers with American, British, and French
accents directing airstrikes. Human rights defenders accuse Haftar of
war crimes in Benghazi and Derna, strongholds of Libya’s Islamist militias.
Vastly outgunned and out-spent by
Western militaries and intelligence services, terrorist organizations
have embraced high- and low-tech methods of evasion and subversion.
ISIS fooled
Europe intelligence agencies into believing that Abdelhamid Abaaoud,
who masterminded suicide attacks in Belgium and France, was still in
Syria by using his WhatsApp account there after he left. The militants
have embraced bitcoin, a cryptocurrency, and the dark web, a system of overlay networks requiring custom software to access.
PIJ has managed to hack Israeli drones, stoking fears of cyberterrorism against Western governments.
For now, however, most terrorists must confront more mundane challenges.
The Ghost Security Group, a hacker organization tied to Anonymous, keeps harassing the Taliban’s websites. It will take some time before insurgents have the capabilities and technologies to respond in kind.
Intelligence agencies, meanwhile, also rely on more traditional methods of espionage.
“Keeping
track of recruitment trends and the substance of messaging is the most
useful purpose for intelligence and security services of monitoring
social media,” Pillar, the former CIA official, told The Daily Beast.
“It is not a matter of pros and cons of doing this versus collecting
human intelligence,” he notes. Human intelligence is “necessary to learn
of any operational plans.”
The collection of defectors, double agents, and informants, has played
a critical role in operations such as the assassination of Osama bin
Laden. It can explain the interpersonal relationships that signals
intelligence might overlook. Still, human intelligence comes with its
own risks. A triple agent posing as an informant killed
seven Khost-based CIA operatives in a 2009 suicide attack. And there
have always been tensions between proponents of human intelligence and
signals intelligence: HUMINT vs. SIGINT.
“Successful operations often
involve multiple agencies using a variety of specialized methods,” said
Hennessey, the former NSA official. “For example, a signals intelligence
interception might generate
a lead which is then investigated and verified through non-SIGINT
methods. Or human intelligence sourcing about a terrorist’s identity and
approximate location or use of a particular phone
or number might be supplemented with more SIGINT metadata information to determine an exact location.”
Insurgents will always need to prepare countermeasures to protect themselves from the informants living among them and the spies watching
their cell phones. Then, Western intelligence, law-enforcement, and
security agencies reap the benefits of the terrorists’ strategic errors
online.