A series of recent private, open source/reports have suggested that leaks of sensitive information from the National Security Agency (NSA) by former analyst Edward Snowden, which began in June 2013, have noticeably accelerated the development of secure communications tools by jihadi/terrorist groups, their recruits, and their affiliates. Specifically, these reports have focused on the significance of several online communications encryption tools that were officially released by jihadi-affiliated groups in the months following Snowden’s initial disclosures.
Using proprietary software tools developed by Flashpoint Global Partners to mine the dark web, our analysts have investigated the question of whether open source information posted on top jihadi social networking platforms would tend to indicate that the Snowden revelations have indeed had a measurable impact on the logistical subterfuge techniques of terrorist organizations – principally, Al-Qaida. Upon completing their research, our analysts have concluded that, in fact, there is very little open source information available via jihadi online social media that would indicate that Snowden’s leaks served as the impetus for the development of more secure digital communications and/or encryption by Al-Qaida.
In order to determine whether the Snowden revelations have had a measurable impact on the methodology of jihadi operations online, our researchers relied upon two primary analytical models: 1) the formal release of jihadi encryption software packages charted over time and 2) the statistical frequency of discussions about encryption by jihadi forum users charted over time.
While we note several caveats to our results in the conclusion section of this report, our primary findings are as follows:
- The underlying public encryption methods employed by online jihadists do not appear to have significantly changed since the emergence of Edward Snowden. Major recent technological advancements have focused primarily on expanding the use of encryption to instant messenger and mobile communications mediums.
- Aside from warning of tampered copies of “Asrar al-Mujahideen” that were deliberately infected with spyware, none of the prominent jihadi logistical units have expressed any public doubt as to the continued effectiveness of encryption methods employed in their software packages that were released prior to the Snowden leaks.
- The actual release of new jihadi-themed encryption software packages, like “Asrar al-Dardashah,” seems to have had a far more noticeable impact in terms of driving waves of interest in the subject of encryption among users of jihadi web forums than the publication of the Snowden NSA revelations in June 2013.
- Well prior to Edward Snowden, online jihadists were already aware that law enforcement and intelligence agencies were attempting to monitor them. As a result, the Snowden revelations likely merely confirmed the suspicions of many of these actors, the more advanced of which were already making use of – and developing –secure communications software.
The report itself goes on to make the point that, “Well prior to Edward Snowden, online jihadists were already aware that law enforcement and intelligence agencies were attempting to monitor them.” This point would seem obvious in light of the fact that terrorist groups have been employing tactics to evade digital surveillance for years. Indeed, such concerns about their use of sophisticated encryption technology predate even 9/11. Contrary to claims that such groups have fundamentally altered their practices due to information gleaned from these revelations, the report concludes. “The underlying public encryption methods employed by online jihadists do not appear to have significantly changed since the emergence of Edward Snowden.”
These findings are notable both for empirical rigor through which they ascertained, as well as their contradiction of apparently baseless statements made by high-ranking U.S. officials regarding the impact of the leaks on U.S. national security. This is particularly important as it pertains to the ongoing public debate over the alleged threat of ISIS. In making his case that the danger from ISIS to the United States is “imminent”, Marco Rubio recently claimed that the group has: “…learned a lot about our intelligence-gathering capabilities through a series of disclosures and other sorts of things, and they have become increasingly capable of evading detection.”
Earlier this month former NSA head Michael Hayden also stated, “The changed communications practices and patterns of terrorist groups following the Snowden revelations have impacted our ability to track and monitor these groups”, while Matthew Olsen of the National Counterterrorism Centre would add “Following the disclosure of the stolen NSA documents, terrorists are changing how they communicate to avoid surveillance.”
Olsen went on to say that terrorist groups are, “….moving to more secure communications platforms, using encryption and avoiding electronic communications altogether.” In fact, it’s well known that terrorist groups have employed such tactics as a means to protect their data and communications for years. Correspondingly, it’s difficult to imagine how statements suggesting that such tactics are new developments prompted by Snowden could be made in good faith.
Contrary to official statements and farcical attempts to launder information through pliant media outlets, no substantive case has ever been made that the Snowden revelations have harmed the ability of intelligence agencies to monitor terrorist organizations. The source of this most recent study is notable as it comes from a private security firm whose analysts actually have in past been accused of threat inflation; and yet who nevertheless conclude that the danger from extremist groups has not been materially impacted by the Snowden leaks.