There is no evidence that Edward Snowden’s revelations about NSA spying inspired Islamic terror groups to hide their electronic communications behind more sophisticated encryption software, according to a new analysis that challenges other recent research and assertions by U.S. officials about the impact of the leaks.
The analysis by Flashpoint Global Partners, a private security firm, examined the frequency of releases and updates of encryption software by jihadi groups and mentions of encryption in jihadi social media forums to assess the impact of Snowden’s information. It found no correlation in either measure to Snowden’s leaks about the NSA’s surveillance techniques, which became public beginning June 5, 2013.
Evan Kohlmann, a Flashpoint partner who also is a NBC News terrorism consultant, acknowledged that there has been a flurry of releases of encryption software by al Qaeda and other Islamic terror groups, including ISIS, since Snowden went public, but said most have simply extended the existing scheme to new devices or technologies, such as cell phones, chat software and SMS messaging (texting).
“Nothing has changed about the encryption methodologies that they use,” he said. “It’s difficult to reconcile with the claim that they have dramatically improved their encryption technology since Snowden.”
Al Qaeda and its affiliates have developed and used different types of encryption software since at least 2007, beginning with a product known as “Asrar al-Mujihideen” (Secrets of the Mujahideen) that was released by administrators of a now-defunct al Qaeda web forum known as “al-Ekhlaas,” according to the Flashpoint analysis.
The software was quickly endorsed by al Qaeda affiliates like al Qaeda in the Arabian Peninsula (AQAP) and al-Shabab in Somalia. When al-Ekhlaas collapsed, a prominent online jihadi media unit called the Global Islamic Media Front (GIMF) took over its development and began strengthening its capabilities. It also introduced new products, including “Asrar al-Dardashan” (Secrets of Chatting) in February 2013, four months before the Guardian newspaper broke the first Snowden story.
The report appears certain to add fuel to the debate over what U.S. officials say was significant damage to national security caused by Snowden’s disclosure of classified spying programs by the NSA.
U.S. government officials have consistently invoked the terrorist groups to dramatize the damage allegedly caused by the leaks.
Speaking on “Meet the Press”on Jan. 19, Rep. Mike Rogers (R.-Michigan), chair of the House Intelligence Committee, said the Snowden leaks led al Qaeda to change its tactics. “[Y]ou have to remember, al Qaeda has changed the way they communicate based on this,” said Rogers. “That puts our soldiers at risk in the field. That’s a real dangerous consequence.”
Nicholas Rasmussen, deputy director of the National Counterterrorism Center, testified last week before the Senate Homeland Security Committee that, as a result of leaks by Snowden and others, “Terrorists now understand the scope and scale of Western collection capabilities, and they’re changing the way they communicate. They’re adopting encryption technologies. They’re shifting accounts, or avoiding altogether the use of electronic communications, all of which frustrate our counterterrorism efforts.”
Recent research by the web intelligence firm Recorded Future and the Middle East Media Research Institute (MEMRI) also concluded that Snowden had hurt U.S. counterterror efforts by causing terror groups to speed development of new encryption tools.
Christopher Ahlberg, CEO and co-founder of Recorded Future, said his firm’s research showed that the technical wings of al Qaeda and ISIS released three new tools within five months of the first report based on Snowden’s leaks, a faster pace than had been previously seen, and that there was a similar increase in the commercial cryptography sector.
“Just look at the number of products that came out before and after,” said Ahlberg, whose firm collects and analyzes open source data. “The fact (is) that this had an impact.”
But Kohlmann argues that the tech-savvy jihadis were well aware of U.S. government spying long before Snowden, having had experience with having satellite phone calls and emails intercepted -- often with deadly results.
“It’s not a question of whether or not they’re aware of Snowden, it’s a question of whether Snowden caused them to fundamentally change their encryption methodology,” he said. “There is no evidence that he did.”
Steven Stalinsky, executive director of MEMRI, who has studied al Qaeda’s use of encryption since 2011, said one of the most telling signs of Snowden’s impact was found in the most recent issue of Inspire magazine, a jihadi propaganda organ published by AQAP.
“When Issue 12 came out in March, it had a note saying that because of security measures we are not including encryption technology in this edition,” he said, explaining that the publication had included encryption information in all previous issues, promising readers that they could use it to contact its staff without fear of surveillance. “That was a really big deal.”
Bruce Schneier, a leading expert on encryption, said the debate over Snowden’s impact is often framed by political considerations and “whether they view Snowden as a hero or a traitor.”
He said he suspects that the truth lies somewhere in the middle.
“My guess is everybody’s right,” he said.