It’s not clear that French police cracked the app’s encryption. But ISIS and other user groups are becoming wary.
BRATISLAVA, Slovakia — Paris police have charged a French suspect with planning a terror attack, citing messages sent with the secure-messaging Telegram app.
"We were able to detect them, detect this attack plan and were able to arrest them," French Interior Minister Gerard Collomb told BFM TV. He said two suspects were "preparing to commit an attack, with either explosives or ricin, this very powerful poison.” Only one was charged, a 20-year-old illegal immigrant of Egyptian origin, while the other was released.
Collomb didn’t say how police obtained the messages. Perhaps they found some technical flaw in the way Telegram encrypts data, or, less exotically, intercepted login requests but not actual conversations — or maybe one of the alleged conspirators simply informed on his accomplice. Police did find material related to poisoning and bomb-making in the suspect’s residence, but it’s unclear whether they expected to find them there.
Still, the news surprised some in the terrorism and observation community.
Telegram, founded by Russian expatriate Pavel Durov, offers encrypted person-to-person communication. It also has a channel feature that allows a single account to communicate with a large number of subscribers. Members of ISIS have made liberal use of both features, luring subscribers on the general channel into one-on-one conversations about joining an attack cell.
Telegram is also widely used by Russian dissidents and democracy advocates, though the Putin regime has banned its use.
“Obviously, with today’s announcement, the French government was able to identify people on Telegram,“ Laurence Bindner, a London-based consultant on terror and extremist networks, told the GLOBSEC security forum in Bratislava, Slovakia, on Friday.
Bindner said it was not the first time French authorities were known to have done so. She said she did not know if the announcement meant that French authorities were able to crack the encrypted person-to-person feature, or were simply monitoring the heavily subscribed propaganda channel. She said that it was unlikely that terrorists would plan an attack on an open channel.
Would-be terrorists, especially from groups like ISIS, “know that [ the larger channels] are infiltrated by police and researchers,” said Binder.
Some reporting has shown that ISIS has already grown wary of Telegram as an attack-planning tool. Last August, German journalist Björn Stritzel posed as a potential ISIS recruit in order to learn how the group attracts followers and directs terror operations from afar. After he made contact with ISIS on Telegram, recruiters told Stritzel to switch to a different app for attack planning.
“Brother, if you’re planning something, I advise you not to communicate via Telegram,” the ISIS ‘coach’ told Stritzel, who recounted the experience in the German publication Bild. “Abu Abdullah recommends that you also destroy your mobile’s SIM card.”
Defense One reached out to Telegram and Durov on Twitter. We will update this post if we hear back.