Cyber technology as potent terror tool in jihadi hands

Thursday, 27 October 2016 | Prabha Rao | in Edit 1 2 3 4 5 0 Local franchises of terror groups with access to basic Internet resources, can increase the scale of propaganda and training content, and make anticipation and prevention of terror attacks difficult, writes PRABHA RAO From its very inception in July 2014, the Islamic State in Iraq and Syria (ISIS)/Daesh utilised cyberspace for propaganda and recruitment in a manner that was both innovative and extremely hard to counter. There is an active digital jihadi group within the IS which has designed effective Android Apps, and used the comparatively secure end-to-end encrypted instant messaging app Telegram, (and to a lesser degree, WhatsApp) for propaganda, weapons procurement, and to direct and publicise lone wolf/wolf pack attacks. As entry into its communication networks is difficult, prevention and countering of such terrorist acts is one of the most challenging tasks confronting intelligence and law enforcement agencies. The cyberjihadis (several groups such as the Cyber Caliphate, and three United Cyber Command have been identified) have proved their expertise on the dark web and have set up several websites for recruitment and tutorials on weapons-making, which can be entered only on invitation. The UCC has been able to hack (April 2016) into the Pentagon, the Department of Homeland Security, and several other federal agencies in the US, and has obtained data of around 43 personnel and put them on a so-called Kill List, which was circulated through a channel on the Telegram, Al Nashir. While the IS has not acted on the Kill List so far, the expertise of the hackers is cause for disquiet. Also, serious attempts have been made in the past one-and-a-half years to establish covert secure, encrypted financial networks. The Paris (November 13, 2015) and Belgium (March 22, 2016) attacks underscored the danger of encrypted messaging. In both cases, security agencies were unable to get any advance information of the terrorist strikes, despite several perpetrators being on their watch-lists. In September this year, an IS-affiliated group, Cyber Kahalifah, began to advertise the use of a lesser known technology, the ZeroNet, as the safest mode of communication. The Zero Net, which is in the public domain and can be downloaded free of charge from https.zeronet.io, is a web-hosting platform which decentralises the hosting of content and allows for asymmetric encryption of domain names and addresses. It offers an unprecedented degree of anonymity. For instance, normally, a website is hosted at a server, and is allotted an IP address, or a series thereof. Users, identifiable by their own unique IP addresses, communicate and interact with the website by specifying the web address (url). Then, a DNS (Domain Name Server), directs the user to the IP address of the website the user wishes to access. Data can then be exchanged between the user and the website. The ZeroNet, on the other hand, can host a single website in a number of locations (for example, user computers), by leveraging Peer-to-Peer (P2P) networks, the most notable of which is BitTorrent. In P2P networks, users (called peers) communicate and share data directly between one another, as opposed to communicating via a central server, as is the case with most websites. A server, called Tracker, connects peers to one another and handles requests for transfer(s) of data. Other differentiators are that ZeroNet ensures the fidelity of the websites themselves is maintained through asymmetric two-way encryption. Authors of a website receive a private key, which enables only he/she to make changes to the website, while interested peers receive the public key (analogous to a website url) which allows them to access the site. This has two consequences: First, the entire build of the website remains on the author’s computer, and not on any server; and second, there is guaranteed verification of the creator of the website and any files downloaded therefrom. The ZeroNet also offers full Tor compatibility, which means that IP addresses can be masked, adding another layer of security. Moreover, ZeroNet claims that it can be used over non-Internet networks as well, such as Bluetooth, which would be a valuable enabler forjihadi networks. Finally, content can be distributed remarkably quickly, and very likely scales with the number of visitors and seeders of the site. Cyber Kahalifah has set up a website on ZeroNet, which in late September gave calls for lone wolf attacks in various countries, and directed visitors to an application called ‘Alrawi’, designed by the IS, which works on Android platforms for logistic and monetary help. The IS’s English online magazine, which had been called Dabiq, has been suspended and the group has brought out a replacement, Rumaiyah(Rome). The Rumaiyah contains explicit exhortations for violent action in the Dar ul-Harb and unsurprisingly has been posted on the ZeroNet. Given the above backdrop, the use of ZeroNet by the Islamic State terror organisation and other terrorist groups is of great concern. With the IS facing international bludgeoning in Iraq and Syria, it is likely that it will lose Mosul and Aleppo sooner rather than later — and possibly Raqqa will follow. The exodus of foreign fighters from the region is now very evident, and the re-migration of a sizeable section to the Af-Pak region is a possibility. The IS is attempting to establish itself in Afghanistan through its franchise, the Wilayat Khorasan, and has been able to attract some Indians there, notably the group of 21 young people from Kerala. One of them, Sajjer Mangalachari Abdullah, from Kozhikode, has now been identified as a key IS recruiter, and is reportedly functioning from Nangarhar in Afghanistan. Attempts to radicalise vulnerable sections are ongoing in India, and the National Investigation Agency has been able to intercept scores of such individuals. International jihadi inter-connectivity could result in the ZeroNet gaining traction in India through these networks. From an Indian security standpoint, this is of particular concern: Local franchises of terrorist organisations with access to even meagre Internet resources, could increase the scale of propaganda and training content, and make prevention and anticipation of terror attacks a Herculean task. Agencies involved in monitoring and law enforcement need to urgently familiarise themselves with the working of ZeroNet, as jihadi groups have shown considerable fleet-footedness in adapting to technological challenges. The Indian state cannot afford to be out of sync on this issue. (The writer is senior fellow at the Delhi-based Institute for Defence Studies and Analyses