ISIS Running 24-Hour Terrorist Crypto Help-desk


There have been multiple mentioned of ISIS using encryption and ‘encrypted messaging systems’ in the news reports since the Paris incident, it turns out they mostly mean Telegram. Which we’ve only mentioned once before, when they got pounded by an epic DDoS attack.

ISIS Running Terrorist Crypto Helpdesk

Now it turns out, ISIS has a whole help desk infrastructure set-up with what basically maps to tiers of support for cryptography usage in your day to day terrorist communications. When you graduate through the basic levels of encryption your comms, you get moved up to Tier 2 support – wow.

Radical group ISIS is running a help desk to assist jihadists to use encrypted communications, NBC reports.

US Army Combating Terrorism Center (CTC) analyst Aaron F. Brantly says the help desk is a new development which has increased in capacity over the last year.

It is manned with six operatives who train recruits on the use of select messaging platforms to evade intelligence operatives.

“They’ve developed a series of different platforms in which they can train one another on digital security to avoid intelligence and law enforcement agencies for the explicit purpose of recruitment, propaganda and operational planning,” Brantly told NBC.

“They answer questions from the technically mundane to the technically savvy.”

The deranged sys admins are located around the world who hold a minimum university education in tech. Other members help keep the desk as a follow-the-sun operation, Brantly says.

The CTC holds some 300 pages on instances of the help desk providing operational security pointers to recruits.


Seems like they’re adopting start-up culture in some ways on an operational level in ISIS, which is both impressive and scary at the same time.

And with Anonymous announcing Jihad on the Jihadis – things are definitely going get interesting in cyberspace.

Once the would-be jihadis are security savvy, they are connected to more senior operatives to engage in more formal training, Brantly says.

Help desk admins are also warning of the current wave of attacks in retaliation for the Paris attacks from the Anonymous collective, organised through the @opparisofficial Twitter handle.

Reports suggest advice is circulating to jihadis warning against opening suspicious links and suggesting regular IP address shuffles.

The collective has so far focused on taking down Daesh Twitter accounts and claims to have scalped more than 5000 by reporting them to the social network.

Encryption is once again coming under mis-directed fire in the wake of the Paris attacks as news emerges that intelligence services had wind of possible attacks in the French capital but were foiled as jihadis moved to crypto communications platforms.

As always, naysayers will point at Apple, Google and anyone other platform or technology that utilises strong encryption algorithms and say they are supporting terrorist activities.

That’s happening again here, as expected.

Source: The Register

Posted in: Cryptography

, , ,


Latest Posts:


zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors
Memhunter - Automated Memory Resident Malware Detection Memhunter – Automated Memory Resident Malware Detection
Memhunter is an Automated Memory Resident Malware Detection tool for the hunting of memory resident malware at scale, improving threat hunter analysis process.
Sandcastle - AWS S3 Bucket Enumeration Tool Sandcastle – AWS S3 Bucket Enumeration Tool
Sandcastle is an Amazon AWS S3 Bucket Enumeration Tool, formerly known as bucketCrawler. The script takes a target's name as the stem argument (e.g. shopify).
Astra - API Automated Security Testing For REST Astra – API Automated Security Testing For REST
Astra is a Python-based tool for API Automated Security Testing, REST API penetration testing is complex due to continuous changes in existing APIs.
Judas DNS - Nameserver DNS Poisoning Attack Tool Judas DNS – Nameserver DNS Poisoning Attack Tool
Judas DNS is a Nameserver DNS Poisoning Attack Tool which functions as a DNS proxy server built to be deployed in place of a taken over nameserver to perform targeted exploitation.
dsniff Download - Tools for Network Auditing & Password Sniffing dsniff Download – Tools for Network Auditing & Password Sniffing
Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network


Comments are closed.