ISIS Running 24-Hour Terrorist Crypto Help-desk

The New Acunetix V12 Engine


There have been multiple mentioned of ISIS using encryption and ‘encrypted messaging systems’ in the news reports since the Paris incident, it turns out they mostly mean Telegram. Which we’ve only mentioned once before, when they got pounded by an epic DDoS attack.

ISIS Running Terrorist Crypto Helpdesk

Now it turns out, ISIS has a whole help desk infrastructure set-up with what basically maps to tiers of support for cryptography usage in your day to day terrorist communications. When you graduate through the basic levels of encryption your comms, you get moved up to Tier 2 support – wow.

Radical group ISIS is running a help desk to assist jihadists to use encrypted communications, NBC reports.

US Army Combating Terrorism Center (CTC) analyst Aaron F. Brantly says the help desk is a new development which has increased in capacity over the last year.

It is manned with six operatives who train recruits on the use of select messaging platforms to evade intelligence operatives.

“They’ve developed a series of different platforms in which they can train one another on digital security to avoid intelligence and law enforcement agencies for the explicit purpose of recruitment, propaganda and operational planning,” Brantly told NBC.

“They answer questions from the technically mundane to the technically savvy.”

The deranged sys admins are located around the world who hold a minimum university education in tech. Other members help keep the desk as a follow-the-sun operation, Brantly says.

The CTC holds some 300 pages on instances of the help desk providing operational security pointers to recruits.


Seems like they’re adopting start-up culture in some ways on an operational level in ISIS, which is both impressive and scary at the same time.

And with Anonymous announcing Jihad on the Jihadis – things are definitely going get interesting in cyberspace.

Once the would-be jihadis are security savvy, they are connected to more senior operatives to engage in more formal training, Brantly says.

Help desk admins are also warning of the current wave of attacks in retaliation for the Paris attacks from the Anonymous collective, organised through the @opparisofficial Twitter handle.

Reports suggest advice is circulating to jihadis warning against opening suspicious links and suggesting regular IP address shuffles.

The collective has so far focused on taking down Daesh Twitter accounts and claims to have scalped more than 5000 by reporting them to the social network.

Encryption is once again coming under mis-directed fire in the wake of the Paris attacks as news emerges that intelligence services had wind of possible attacks in the French capital but were foiled as jihadis moved to crypto communications platforms.

As always, naysayers will point at Apple, Google and anyone other platform or technology that utilises strong encryption algorithms and say they are supporting terrorist activities.

That’s happening again here, as expected.

Source: The Register

Posted in: Cryptography

, , ,


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


Comments are closed.