Anti-Forensic Methods Used by Jihadist Web Sites
Extremists use a wide array of techniques to further their cause online
In our comparison of terrorist/extremist Web sites to US government Web sites, we found that terrorists/extremist groups exhibited similar levels of Web knowledge as US government agencies. Moreover, terrorists/extremists had a strong emphasis on multimedia usage and their Web site employed significantly more sophisticated multimedia technologies than government Web sites and is as effective as the US government agencies in terms of supporting communications and interaction using Web technologies.
As international law enforcement, intelligence, and military agencies step up their efforts to monitor these Web sites (which now number in the thousands), Muslim extremists are turning to both low tech and high tech solutions to maintain their operational security.
In the February, 2007 edition of Technical Mujahid is an article that encourages extremists to download a copy of the software program Secrets of the Mujahideen.
Secrets is an encryption software application which can hide data between the pixels of an image, and then compress the file in an attempt to defeat steganalysis. The article provides a detailed example of how 20 messages can be hidden in a 100 x 50 pixel picture. Dr. Chen, director of the Artificial Intelligence lab at the University of Arizona, has confirmed to me that steganography is being used by some of the extremist Web sites that they monitor, although an analysis on its use hasnt been done yet.
The Draft Message Folder
Here is another example of an operational security action that costs nothing to use, yet can defeat the NSAs ability to intercept e-mail messages. Bruce Hoffman of the RAND Corporation reported last year that Jihadis started drafting messages in free e-mail accounts, then allowing others to log in to the accounts and read the drafts. No message ever had to be sent.
The Global Islamic Media Front provided content for the February, 2007 issue of Technical Mujahid on the topic of encryption in general and the software application Secrets of the Mujahideen in particular.
According to Jamestown Foundation report, Secrets offers users:
The highest level of encryption in asymmetric encoding (with) the use of the best five algorithms in encryption science; strong symmetric encryption; private and public asymmetric 2048 bit keys; strong compression of data; use of stealthy encryption keys and algorithms; secure deletion of files, elimination of retrieval possibilities; and the ability to run it from a flash disc, i.e. the program does not have to run from a computer hard drive. The encryption training section is extremely detailed and explains all the technical implications of the program. The writers claim that the program surpasses all international symmetric encryption systems.
This encryption program is an executable file that can be stored on a flash drive and used on any public computer to encrypt an e-mail message or other file. Another distinguishing feature is that, unlike other encryption programs available online, there are no public keys supplied with the software. Therefore, senders of an encrypted file must have a way to transmit the key through some other means.