26 May 2015

Intel fears as jihadis flock to encrypted apps like Surespot

ISIS militants and supporters are flocking to encrypted messaging apps, posing a challenge to security services, who say they are losing the ability to intercept data from terror suspects.

An investigation by Channel 4 News can the reveal the scale of the use of one such encrypted messenger app, which functions like WhatsApp or Facebook Messenger but with very high levels of security.

At least 115 ISIS-linked people appear to have used the popular app Surespot in the past six months, the investigation found.

The number of ISIS-linked users discussing the app online appears to have accelerated in recent months, based on analysis by Channel 4 News that examined discussion of Surespot accounts on Twitter.

Channel 4 News understands that police and security agencies are concerned that they are losing the ability to intercept telecommunications data, a critical tool in interrupting domestic terror plots and monitoring suspects abroad.

‘Interested in emigrating’

ISIS-linked accounts admit online to using the apps when attempting to fundraise for terrorism, discussing the best methods to join ISIS and to pose questions.

“If anyone wishes to sponsor the mujahideen… Contact me on my Surespot for safeways,”

Meanwhile another user writes: “If you want 2 ask questions about Islam, Hijrah [emigration], Jihad or Shaam [Syria]; Ask me on Surespot”.

Others with less expertise seek advice via the app: “Interested in Hijrah [emigration] to Islamic Lands don’t know anyone need help. I was told to use Surespot.”

‘Snooper’s Charter’

The government is expected to soon introduce new legislation that will revive the so-called “Snooper’s Charter” bill, formally known as the Draft Communications Data Bill. It had previously been blocked by the Liberal Democrats in coalition. Discussions of the bill had indicated that the powers may require technology companies to extend the amount of data they retain, and extend the time it is kept for. This is in order to allow the government to request it in relation to investigation of crime.

In January, the Prime Minister said that there should be no method of communication that the government shouldn’t be able to request access to.

But apps like Surespot cannot exist in this context because the servers that run the apps hold the information only in a heavily-encrypted format that the app companies themselves don’t have any access to.

They provide considerably mroe security than other methods of communications like SMS, WhatsApp and Facebook chat. Even the server owners can’t give information to the police. Only by accessing a users’ phone itself could the messages be read.

Gavin Millard, technical director and information security expert at Tenable Security, told Channel 4 News: “I think the genie is already out of the bottle. So, no matter what steps [the govenment] take, the people that want to communicate privately will simply pivot and use a different approach.”

“Encryption has been around for a very long time anyway. People just simply adapt it for their need.”

Terror plot

A recent terror plot is alleged to have featured the use of an encrypted app.

Australian man Sevdet Besim is alleged to have been directed, via the use of the encrypted messaging app Telegram, to conduct a lone-wolf plot to behead a soldier during Anzac celebrations in Melbourne.

Guides released by jihadis about keeping communications secret were being widely shared last year but the methods now appear to have been made a regularly aspect of jihadis’ information security practices.

Encrypted phone apps like Telegram and Surespot provide more safety than other methods of communication such as SMS, WhatsApp and Facebook chat. The messages are completely encrypted so that even the server owners can’t give information over to police.

Surespot has additional safeguards including the ability to sign up without an email or phone number and the ability to delete messages from the receiver’s phone too. The code that runs the app is open-source, meaning it is open to scrutiny and inspection, as well as enabling developers to contribute to ironing out bugs or adding features.

Surespot did not reply to requests to comment from Channel 4 News, but previously the company has said that “any technology has the potential for abuse by nefarious individuals.”

Snowden revelations

Encrypted messengers apps have become popular in the wake of the Snowden revelations that security and intelligence agencies were sweeping up data about British citizens in bulk, regardless of suspicion.

The leaked Snowden documents also revealed that methods of staying hidden online may not be completely secure, with the Guardian reporting that the NSA has made multiple attempts to attack users on the anonymity network Tor, giving it complete control of a target computer.

However, there are no messaging apps that can promise perfect security, and some jihadis have suggested that even programmes like Surespot are far from secure.

One security researcher claimed to have found flaws in the Telegram messenger app that enabled him to read the content of deleted messages from devices.