ISIS Communications App: Much Ado About Not Much

Screenshot from the ISIS app.

Defense One

AA Font size + Print

Screenshot from the ISIS app.

The group’s “secure messaging app” doesn’t work. Ghost Security Group backtracks on previous claim.

ISIS fighters may be handy with guns and knives but that doesn’t mean that they can code. Today, a cybersecurity research group that specializes in tracking ISIS online is backtracking on previous statements about one of the terror group’s software creations.

Earlier this month, the Ghost Security Group, a hactivist collective that splintered off from Anonymous after the Charlie Hebdo attacks in Paris, identified a new ISIS Android application called Alrawi. In an email to Defense One, they wrote that the Alrawi app “does have encrypted communication features although rudimentary to Telegram or other more company created ones.”

But after questions from other news outlets and a weeklong investigation from the Daily Dot, the group wrote Defense One today, “The app appears to be a Bluetooth file sharing application created using software.” The statement clearly contradicts the group’s previous statement. Bluetooth file sharing has a maximum range of 50 feet. Above is a screenshot of the app, obtained by Defense One on January 27.

“There was another version of this same application which served as a rudimentary communications tool as previously reported … however it was an overall failure,” the group wrote.

Defense One was unable to confirm if that was true.

“Make no mistake the Islamic State has large ambitions and their use of apps will eventually become a common place [sic] event as companies grow tired of endlessly suspending extremist accounts IS will seek to migrate to platforms they can control but the dev behind Alwari won’t be the one to create that platform,” the group’s email said.

Close [ x ] More from DefenseOne
 
 

Thank you for subscribing to newsletters from DefenseOne.com.
We think these reports might interest you:

  • Federal IT Applications: Assessing Government's Core Drivers

    In order to better understand the current state of external and internal-facing agency workplace applications, Government Business Council (GBC) and Riverbed undertook an in-depth research study of federal employees. Overall, survey findings indicate that federal IT applications still face a gamut of challenges with regard to quality, reliability, and performance management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • GBC Issue Brief: Supply Chain Insecurity

    Federal organizations rely on state-of-the-art IT tools and systems to deliver services efficiently and effectively, and it takes a vast ecosystem of organizations, individuals, information, and resources to successfully deliver these products. This issue brief discusses the current threats to the vulnerable supply chain - and how agencies can prevent these threats to produce a more secure IT supply chain process.

    Download
  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Information Operations: Retaking the High Ground

    Today's threats are fluent in rapidly evolving areas of the Internet, especially social media. Learn how military organizations can secure an advantage in this developing arena.

    Download

When you download a report, your information may be shared with the underwriters of that document.