Study finds no increase in jihadists’ use of encryption since Snowden leaks

Surveillance hawks say otherwise.

Is Edward Snowden to blame, even indirectly, for the Paris attacks that left 129 dead and hundreds others injured?

Ask surveillance hawks, and you’ll likely get an emphatic “Yes!” The rising popularity of encrypted communications following Snowden’s 2013 leak of gigabytes of secret NSA documents has made terrorists far more difficult to identify, they say. Without Snowden, the attackers would still be out in the open.

Not so, according to a newly released study, which found no increase in encrypted communications among jihadist networks.

“To some people the whistleblower Edward Snowden is a hero; not to me.”

Flashpoint Global Partners, a firm that specializes in uncovering threats on the Dark Net and Deep Web and the creator of the study, found that “underlying public encryption methods employed by online jihadists do not appear to have significantly changed since the emergence of Edward Snowden.”

On Monday, CIA Director John Brennan bemoaned “unauthorized disclosures” and “hand wringing over the government’s role in the effort to try to uncover terrorists” as reasons why it has become more difficult to identify terrorists. Brennan didn’t explicitly name Snowden in his remarks, but the implication is clear. 

In an op-ed released Monday, however, London Mayor Boris Johnson explicitly named Snowden, saying he helped terrorists “avoid being caught.”

“To some people the whistleblower Edward Snowden is a hero; not to me,” Johnson wrote. “It is pretty clear that his bean-spilling has taught some of the nastiest people on the planet how to avoid being caught.”

Neema Singh Guliani, legislative council at the American Civil Liberties Union, says the sentiment of Brennan, Johnson, and other pro-surveillance authorities is a “knee-jerk reaction” after terrorist attacks.

“We’ve seen this before, often in the wake of terrorist attacks, there’s kind of this knee jerk reaction and a tendency to push for expansive surveillance programs or other proposals that actually limit freedom that we actually should protect,” Singh Guliani told the Daily Dot in a phone interview. She added that these types of anti-encryption comments “are not really representative of how technologies and how different policies have actually impacted people in the United States.”  

“For example, we see calls from some people to reinstate mass surveillance programs like the bulk metadata program, the analysis shows that those programs have never been effective tools,” Singh Guliani said. “The call metadata program never thwarted a terrorist attack. It doesn’t make sense to pursue policies that at the end of the day don’t actually enhance national security.”

Part of the reason Flashpoint found little uptick in the use of encrypted communications technologies since the Snowden leaks, the study says, is because jihadists were already using them.

“It doesn’t make sense to pursue policies that at the end of the day don’t actually enhance national security.”

“For many years, the jihadi community has been cognizant of the benefits of encrypted communications and, as such, has developed its own proprietary cryptologic software in order to meet this demand,” the report says. “In October 2010, Al Qaeda in the Arabian Peninsula (AQAP) dedicated an entire sub-section of its English-language Inspire Magazine to help teach would-be AQAP recruits about the need for digital encryption.”

In 2007, well before the Snowden revelations in 2013, software called Asrar al-Mujahideen (Secrets of the Mujahideen) was released on an Al Qaeda Web forum known as “al-Ekhlaas.” This software is used to encrypt “messages and files between users and is promoted as a trusted and secure avenue for terrorist groups,” according to Flashpoint. 

Another software suit, “Asrar al-Dardashah” (“Secrets of Chatting”), was released  in February 2013, four months before Snowden exposed the National Security Agency’s programs to global scrutiny. “This software allows jihadi users to encrypt live conversations over instant-messaging software such as Paltalk, Google Chat, Yahoo, and MSN with the multi-platform instant-messaging software Pidgin,” the study says.

Flashpoint also scanned online forums for mentions of terms such as “Snowden,” “encrypt[ion],” “National Security Agency,” “PRISM,” and “Dardashah,” and found that there has been no increase in discussions of encryption since reporting on Snowden’s leaks began.

“Discussions on Flashpoint-monitored jihadi forums including the Arabic term for encryption (تشفير) declined markedly following the beginning of the Snowden leaks in June 2013. Of the 198 mentions of this keyword, 156 (roughly 78.8 percent) occurred in the period between May 2012 and May 2013, leaving only some 21.1 percent of mentions (42 hits) occurring the post-Snowden era. If it were indeed the case that jihadi development and adoption of encryption tools were accelerated by the Snowden revelations, we would expect see the exact opposite trend.”

Because “online jihadists were already aware that law enforcement and intelligence agencies were attempting to monitor them,” the study concludes, “the Snowden revelations likely merely confirmed the suspicions of many of these actors, the more advanced of which were already making use of—and developing—secure communications software.”

 Illustration by Max Fleishman

William Turton

William Turton

Once named one of Forbes’ 20 Under 20 and hired as a staff writer for the Daily Dot when he was still a senior in high school, William Turton is a rising tech reporter focusing on information security, hacking culture, and politics. Since leaving the Daily Dot in April 2016, his work has appeared on Gizmodo, the Outline, and Vice News Tonight on HBO.