Yottabytes: Storage and Disaster Recovery

Apr 28 2016   11:13PM GMT

Yet Another Set of Terrorists Fails to Use Encryption

Sharon Fisher Sharon Fisher Profile: Sharon Fisher


Government officials have been using recent terrorist attacks to try to justify limiting the use of encryption. You may recall, for example, that the Federal Bureau of Investigation (FBI) recently attempted to force Apple to develop a different version of the iPhone operating system to make it easier for the agency to break into encrypted phones thought to be owned by the perpetrators in last December’s San Bernardino attack.

Similarly, states such as California and New York have attempted to put forth bills that would outlaw the sale of cell phones with unbreakable encryption, while agencies such as the FBI have been recommending a mandated “back door” for law enforcement into encrypted phones.

These efforts have been continuing even though there’s been very little indication that terrorists are actually using encryption. For example, the FBI used last fall’s terrorist attacks in Paris to justify their long-held position that governments should mandate a “back door” into encryption, even though there’s no evidence the attackers used encryption — and, in fact, quite a lot of evidence that they didn’t.

One of the most recent incidents was the March bombings in Brussels. Rep. Adam Schiff, the California representative who’s the top-ranking Democrat on the House Intelligence Committee, suggested the same day they occurred that encryption might have been involved, writes Cory Bennett in The Hill.

Since then, law enforcement has been studying the laptop of one of the suicide bombers, Brahim El-Bakraoui, who blew himself up at Brussels airport, writes Lucy Clarke-Billings in Newsweek. “The bomber referred to striking Britain, the La Défense business district in Paris, and the ultra-conservative Catholic organization, Civitas, in a folder titled ‘Target,’ written in English, according to the source,” Clarke-Billings writes. “The laptop was found in the trash by police in Brussels shortly after the suicide bombings on March 22 that killed 32 people at the city’s airport and on a Metro train.”

So let’s get this straight. The data was not only unencrypted, but in English. And on top of that, it was located in a file folder. Labeled TARGET.

That’s right up there with Jurassic Park’s “It’s a Unix system! I know this!”

Security experts who are following the incidents believe there’s no indication that terrorist organizations have some sort of overarching encryption plan. “The clear takeaway from this list is that: 1) ISIS doesn’t use very much encryption, 2) ISIS is inconsistent in their tradecraft,” writes an information security researcher known as “the grugq” in Medium. “There is no sign of evolutionary progress, rather it seems more slapdash and haphazard. People use what they feel like using and whatever is convenient.”

The laptop discovery fits in with what appears to have been the strategy used thus far, writes Quartz. “ISIL’s strategy in last year’s Paris attacks and others was simple: avoid trackable electronic communications like email and messaging apps in favor of in-person meetings and disposable devices, or ‘burner phones,’ that are quickly activated, used briefly, and then dumped,” the organization writes. “Communications from the Paris attacks were reportedly (paywall) largely unencrypted, and investigators have found much of their intelligence through informants, wiretaps, and device-tracking rather than by trying to decipher secret messages. That’s not to say that terrorists won’t use encryption to carry out heinous acts. They will. But encryption is by now a fact of life: your apps, credit cards, web browsers and smartphones run encryption algorithms every day.”

Of course, to some people, the TARGET folder discovery was almost too good to be true. Skeptics on social media have been suggesting that the folder was planted by a group such as the CIA, that the folder was a decoy, and so on.

On the other hand, there doesn’t seem to have been much of a question about confirming who performed the Brussels attacks, especially since they were suicide attacks. If the folder was really planted, wouldn’t it have made for sense for the government agency involved to have used some sort of encrypted – though easily breakable – code? That way, the agency could have used it to justify its attempts to outlaw encryption. If the FBI planted the TARGET folder, it missed an opportunity.

8  Comments on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • Greenber
    Simply use PGP. Public Domain Source. Virtually unbreakable.
    15 pointsBadges:
  • EBaldwin

    When both sides of the debate look backwards, or to worst case scenarios they miss the point. The question is not what was done by terrorists, drug runners, smugglers, or organized crime in the past; the question is what could be done by those groups moving forward, what is the risk, and what is the correct approach from a data protection and law enforcement perspective going forward.

    With the increasing use of widely available encryption applications, and the movement towards encrypted communications, the lawless elements will adopt encrypted communications. The question is, what is balanced approach to deal with this threat.

    130 pointsBadges:
  • Knut Holt
    The encryption mechanisms are most probably already broken or furnished with backdoors that agencies can use, be it legal or not. These guys do not obey the law, or use special law paragraphs with a wide scope that makes it permissible according to some logic. But of course they prefer to have clear permissions stated in the law, and hence their efforts to change the law in their favor.

    The backmen in the terrorist organizations are sophisticated individuals that know about this. But their poor servants are more climpsy, but these do not know whom the backmen are, and the backemen gladly accept some spill caused by local clumpsiness.
    20 pointsBadges:
  • rcbartel
    ISIL should use end to end proprietary encryption supplemented by positioning authentication tied to a dynamic encryption key structure.
    50 pointsBadges:
  • wolfgang2
    I can't follow your argumentation. In encryption this is plainly either you can crack them or you can't. If the bad guys use the same algorithm as the banks for transactions then either both are decryptable and usable or they aren't. That just law enforcement knows the key to decrypt is probable for just a short time. And then? Then we have to either accept that crooks can hijack and loot our bank accounts or we go back to the good ol' times when we did all transactions with paper. Is this what is intended?
    50 pointsBadges:
  • DuskoS
    The fact is that a determined person can use unbreakable encryption of his/her choice and any government can't do anything about it. Let's not forget that encryption existed long before computers. The codes were written on cigarette papers and used once only. And they were very efficient. With today's computing power existing in mobile phones, laptops and gadgets of all sorts, the possibilities are endless. The "mandatory" backdoors can and will be side stepped easily. It's just like pealing onion skins. We can use government mandatory channels, but exchange content (pictures, audio, video, text) with hidden content encrypted with any key and algorithm of any length that we see fit for the occasion.
    20 pointsBadges:
  • Sharon Fisher
    As I've seen others point out, what's so magic about encryption that it is the only thing that requires a back door?
    9,750 pointsBadges:
  • wolfgang2
    May be this is the wrong question: What is so important on terrorism that you need special measures?
    Let's face it: In the USA it's more likely to be killed by: Passive smoking, as a victim of drunk driving or as a bystander while others use firearms. What is the government doing about it? Nothing of that are unavoidable but obviously less important than terrorism.

    Another aspect of that debate is the general view at the USA. On the digital turf their actions are seen outside the US as being another George III, this time for the rest of the world. Crackable encryption is one of the last strokes to paint that picture.
    50 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: