How Jihadists Use the Internet
Islamic extremists probably know how to work the web better than you.
A screenshot from a jihadist forum
Jihadists have been on the internet a long time, and they probably know how to use it better than you do. Making use of the nascent world wide web relatively early on, radical Islamist groups were able to utilise this new global network for a number of different jihad-y means, from recruitment and financing to propaganda and communication. But how has this changed over the past decade, and in the wake of the NSA revelations, what does the future hold for jihadists and the internet?
"Jihadists are no different than others in using emerging software, web applications and sites," said Adam Raisman from SITE, an intelligence group that monitors jihadist behaviour on the web. "[The use of the internet to communicate was in effect] long before 9/11."
However, the world of Islamic extremism didn't get its own dot-com boom until late 2001, when al-Qaeda's first official website was launched – a static, not very impressive platform for making press announcements, mostly in Arabic, and with very little video content. And trying to cultivate a brand identity by plastering their black flag logo all over the site meant that it was easy to identify and ended up being constantly shut down, until eventually it didn't resurface again.
But what that initial online presence spawned was a surge of jihadist-themed forums and social networks. They weren't al-Qaeda branded in the same way as the original website, but sympathetic to the cause – fan pages for Mohamed Atta and others fighting the jihadist fight, pooling like-minded people together to share ideologies.
Another screenshot from a jihadist forum
This did, however, mutate into an official al-Qaeda presence on the internet. "What's interesting," said Evan Kohlmann, a terrorism consultant who's worked closely with the FBI, is that "it was organic – it wasn't created by al-Qaeda, but by their supporters. They had demonstrated so much expertise at building a social network that it attracted the attention of actual al-Qaeda members."
The latest forum members had "unusually specific and detailed knowledge" of conflicts taking place in foreign countries, Evan continued. "Enough of these movers-and-shakers group together, and they start to get their own [dedicated] forums." The first of these housed a slew of extreme original content, including the Nick Berg beheading video, posted by a prominent member of al-Qaeda in Iraq. "He started posting videos of suicide bombings," Evan told me. "After a while it became painfully apparent, not just to me, but to everybody else on the forum, that this was al-Qaeda's media representative.
"All of a sudden, the amount of attention this guy generated went crazy. Every other group started creating accounts and posting on this forum. From there, this was the beginning of all this."
By that, Evan means the current jihadist online presence: three main forums that post largely identical content, with some translated into English. Just like the original al-Qaeda site from 2001, certain areas of these forums now carry the official branding – or "blessing" – that legitimises the various videos, photos and speeches hosted on their pages. If one is shut-down, two remain; if two are forced to close, there is still another posting content. "It's like a game of whack-a-mole," Evan explained.
A guide on how to use the Asrar al-Mujahideen encryption software (Click to enlarge)
Perhaps more pertinent in the post-Snowden landscape than social networking, however, is the rise of jihadi software built to conceal identities and avoid detection online. The most prominent encryption program, Asrar al-Mujahideen – or "Mojahedeen Secrets" – became popular after being featured in Inspire, al-Qaeda's quarterly magazine in the Arabian Peninsula. The program allows users to generate a digital "key" that can then be used to encrypt and decrypt text.
Then, in February of last year, Asrar al-Dardashah – a plugin for instant messaging software, like MSN and Google Talk – was released. This, like other encryption programs before it, was endorsed by the Global Islamic Media Front (GIMF) – the organisation that essentially rubber stamps all security software – on the top jihadist forums.
In September, GIMF released "The Mobile Encryption Program" software, which can send encrypted text messages and files on Android and Symbian phones; and, in December last year, al-Qaeda's logistics wing, "Al-Fajr Media Centre" (A-FMC), started to distribute its new software, "Security of the Mujahid" – an advanced piece of encryption technology.
"In my opinion, this is an important development," said Laith Alkhouri, a senior analyst from the security consulting enterprise Flashpoint Global Partners. "It shows that al-Qaeda is actually capable technologically and seeks to elevate the level of online security." Laith continued: "This comes only three months after the US government reportedly intercepted al-Qaeda communications that resulted in the closing of over 20 embassies."
Interestingly, Laith feels that the "development of this software at this point largely has to do with the Syrian conflict". As various rebel factions are fighting for dominance in the conflict, it "gives al-Qaeda a more trusted avenue for communicating with their envoy on the ground […] which makes al-Qaeda feel in control of regional jihadi affairs without actually being in the picture".
Mojahedeen Secrets in use
The reason jihadists are creating their own software (besides the fact it's always nice to have a bit of ownership over your propaganda) is because those involved with – or looking to get involved with – planning acts of terror are warned on forums to avoid more established anonymity programs like the Tor browser. It hasn't been proved that Tor has been compromised by the NSA, but as Evan pointed out, "Anyone who thinks encryption technology is 100 percent solid or 100 percent beyond surveillance is probably fooling themselves."
So, if that's the case, it does seem a little odd that every message encrypted by jihadi software has the banner, "Asrar al-Mujahideen V2.0" – i.e. a pretty good indication that the message includes something relating to terrorism – stuck across the top of it. However, some feel this is more to serve a political purpose; if jihadists are confident in their encryption capabilities, brandishing terrorist affiliations for anyone to see is essentially just a very obnoxious bragging technique.
So what exactly are these forums and encrypted messages being used for? Predominately, it would seem, propaganda, which has seen a dramatic increase in production value over the past few years. "The videos are Hollywood quality, built with the latest version of Final Cut," Evan told me. "They began with videos that were 5MB in size, grainy, and you could barely see what was going on. Now you're talking about Blu-Ray quality videos being sent over the web."
But it's not just indirect recruitment through the spread of propaganda that's carried out on these forums; Evan told me that they are also used for direct communication with those who want to fight jihad – "Recruiting people to travel to foreign conflict zones, or to otherwise serve in various capacities in various terrorist groups." One such middleman lived in London and would facilitate meetings between those who wished to carry out suicide bombings and al-Qaeda members in Iraq. According to Evan, jihadist forums are "almost a telephone book for these guys to find people who are willing to join them".
I asked Evan whether Islamic extremists had embraced any new technological trends other than encryption software, and he told me that "there is significant use of Bitcoin for illicit transactions [with] terrorist organisations", owing to the anonymity it can provide while sending funds overseas. However, he was less sure about jihadists using computers games to communicate, as suggested in the recent Snowden leak that claimed NSA and GCHQ operatives are infiltrating online gaming communities. "I've heard anecdotal stories about Second Life, but I've never seen any direct evidence of that," he said.
A screenshot from a video released by Jabhat al-Nusra, a branch of al-Qaeda operating in Syria. The video itself was removed from YouTube, likely because it is a promotional video for a terrorist organisation.
Mainstream social media, despite its almost intentional lack of anonymity, has also caught on. Facebook is one ready-made platform for the distribution of jihadist propaganda – like, for example, those jihadist selfies or this video posted by a British man, allegedly affiliated with the Islamic State of Iraq and the Levant (ISIL), calling for jihad from Syria – but Twitter is where the radically changing face of online jihadism is really taking place.
The Westgate shopping centre attack was the first to exclusively use Twitter in its coordination, as opposed to jihadi forums, signalling a change in communication tactics. On the 21st of September last year, al-Shabaab started their own Twitter campaign, providing near instantaneous updates from an official "Press Office" account. From here, they claimed responsibility for the attack, formally denied calls for negotiation and even released an audio recording of the group's spokesman, Ali Mahmoud Ragi, promising to carry out additional attacks against Kenya in the future.
But there are problems in using such public software to communicate; as with most developing events on Twitter, the longer something goes on for, the more confused the media landscape becomes. When one al-Shabaab account was shut down after the Westgate attack, two appeared in its place, providing little chance for one to admit the legitimacy of the other. This doesn't happen on jihadi forums, where the practice of releasing information is clear and mediated.
So it's clear that, when possible, jihadists have been switching their previously candid approach to a much more public one. As Adam from SITE told me, "If they can use [technology] to communicate safely and spread propaganda, they'll use it." But will they begin to change their tactics and rein in the more mainstream approach in light of the NSA revelations?
Evan is certain they will, "especially because specific technologies have been referenced to that aren't well known about outside of this sphere. The question is […] will they attempt more compelling [techniques] than what we've seen in the past?"
I'm not so sure. Terrorists have long assumed that their communications are subject to surveillance – it would be irrational to think otherwise – and have taken steps accordingly. Osama bin Laden used physical couriers rather than digital communication (even preferring to build a real stack of porn rather than a virtual one) because he and his team suspected it to be insecure; the Snowden revelations just proved him right.
But the mass unregulated surveillance of a country to safeguard against unknown potential national threats clearly isn't ideal. And as an analysis of terrorism charges in the US found, NSA snooping "had no discernible effect" on preventing terrorist acts. So maybe the next question isn't how online jihadist communication techniques are going to change, but how authorities are going to do a better job of uncovering them.
Follow Jospeh on Twitter: @josephfcox
More people using the internet: