ISIS Running 24-Hour Terrorist Crypto Help-desk


There have been multiple mentioned of ISIS using encryption and ‘encrypted messaging systems’ in the news reports since the Paris incident, it turns out they mostly mean Telegram. Which we’ve only mentioned once before, when they got pounded by an epic DDoS attack.

ISIS Running Terrorist Crypto Helpdesk

Now it turns out, ISIS has a whole help desk infrastructure set-up with what basically maps to tiers of support for cryptography usage in your day to day terrorist communications. When you graduate through the basic levels of encryption your comms, you get moved up to Tier 2 support – wow.

Radical group ISIS is running a help desk to assist jihadists to use encrypted communications, NBC reports.

US Army Combating Terrorism Center (CTC) analyst Aaron F. Brantly says the help desk is a new development which has increased in capacity over the last year.

It is manned with six operatives who train recruits on the use of select messaging platforms to evade intelligence operatives.

“They’ve developed a series of different platforms in which they can train one another on digital security to avoid intelligence and law enforcement agencies for the explicit purpose of recruitment, propaganda and operational planning,” Brantly told NBC.

“They answer questions from the technically mundane to the technically savvy.”

The deranged sys admins are located around the world who hold a minimum university education in tech. Other members help keep the desk as a follow-the-sun operation, Brantly says.

The CTC holds some 300 pages on instances of the help desk providing operational security pointers to recruits.


Seems like they’re adopting start-up culture in some ways on an operational level in ISIS, which is both impressive and scary at the same time.

And with Anonymous announcing Jihad on the Jihadis – things are definitely going get interesting in cyberspace.

Once the would-be jihadis are security savvy, they are connected to more senior operatives to engage in more formal training, Brantly says.

Help desk admins are also warning of the current wave of attacks in retaliation for the Paris attacks from the Anonymous collective, organised through the @opparisofficial Twitter handle.

Reports suggest advice is circulating to jihadis warning against opening suspicious links and suggesting regular IP address shuffles.

The collective has so far focused on taking down Daesh Twitter accounts and claims to have scalped more than 5000 by reporting them to the social network.

Encryption is once again coming under mis-directed fire in the wake of the Paris attacks as news emerges that intelligence services had wind of possible attacks in the French capital but were foiled as jihadis moved to crypto communications platforms.

As always, naysayers will point at Apple, Google and anyone other platform or technology that utilises strong encryption algorithms and say they are supporting terrorist activities.

That’s happening again here, as expected.

Source: The Register

Posted in: Cryptography

, , ,


Latest Posts:


Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.
GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc


Comments are closed.