ISIS’ OPSEC Manual Reveals How It Handles Cybersecurity
After the gruesome Paris attacks, there have been various reports of varied use of Internet by ISIS for propagating its ideology as well as coordinating its deadly terrorist attacks. While some reports state that ISIS used encrypted channels of communication like the PlayStation 4 and Telegram, other reports state that they used plain vanilla unencrypted SMS to communicate with each other and coordinate the attacks.
While the jury be still be divided on this pending the closure of investigations into the Paris attacks, it seems that ISIS does have a OPSEC manual for its members. It turns out ISIS has a 34-page guide to operational security(.pdf), which instructs its cadre to follow a particular set of cyber life.
The manual is in Arabic and offers nitty gritty of using the Internet for terrorist and propaganda operations. While some of it is pretty basic like using HTTPS websites instead of non secure HTTP websites to communicate, there is also a advanced section in the manual.
For example, the first page of the manual tells the ISIS followers “When you enter the network Twitter through the browser always make .1 sure you enter the correct site Twitter.com (https://twitter.com/) and that an encrypted site at the beginning of the link Pal HTTPS, or green tag, and note any marks (error) called or the appearance of a page to the testimony of false requests “acceptance” or conversion for another site requires no .powers or entry on your account.”
The guide is a handy compilation of advice on how to keep communications and location data private, as well as links to dozens of privacy and security applications and services, including the Tor browser, the Tails operating system; Cryptocat, Wickr, and Telegram encrypted chat tools; Hushmail and ProtonMail for email; and RedPhone and Signal for encrypted phone communications.
ISIS does not like Google’s Gmail. The manual notes that Gmail is safe only if used with fake credentials and only on Tor anonymity network. Similarly, the ISIS have a dislike for Android smartphones and iPhone. The manual states that Android and iOS platforms are only secure when communications are routed through Tor.
The manual instructs operatives to disable the GPS tagging feature on their mobile phones to avoid leaking location data when taking photos. The ISIS cadre is advised to use the Mappr app to falsify location data and throw intelligence agencies off their trail.
ISIS’ OPSEC manual also advises against using Instagram because its parent company, Facebook, has a poor track record on privacy, and it warns that mobile communications can be intercepted, even though GSM networks are encrypted. It advises followers to use encrypted phones like Cryptophone or BlackPhone instead.
The ISIS advises its followers against using Dropbox. For documents, it follows the same recommendations that human rights workers, political activists, whistleblowers and reporters follow. It advises its followers to secure their communications and obscure their identity or hide their location. Use of VPN for hiding origin IP is encouraged. The Manual notes,
“Use the VPN services and prefer to stay away from the American Arab or .1 .services in this area Use the service Freedome (https://www.f- .2 secure.com/en/web/home_global/freedome) of VPN phones for the iPhone from here (https://itunes.apple.com/us/app/f-secure-freedomevpn/id771791010?mt=8) and for Android from (https://play.google.com/store/apps/details? id=com.fsecure.freedome.vpn.security.privacy.android&hl=en)here, a service of the Finnish security company F-Secure which is not free, but a quick control and protect you from spyware and fraudulent websites and so .on Or use application Avast SecureLine! From security company Avast .3 (https://www.avast.com/index) can download application for the iPhone from (https://itunes.apple.com/us/app/secureline-vpn-wifi-security/id793096595? mt=8)here, and for Android from (https://play.google.com/store/apps/details? id=com.avast.android.vpn&hl=en)here, as it can be used for windows systems”
The documents indicate that the terrorist have not only studied these other guides closely, but also keep pace with the news to understand the latest privacy and security vulnerabilities uncovered in apps and software that could change their status on the jihadi greatest-hits list.
Resource : Wired.