Encrypting and Decrypting Terror

Terrorist Communications and Propaganda groups have struggled for a while with securing their communications to keep them from the ever-watchful eyes of the NSA and the cyber-warfare soldiers. In the past the terror supporters were reluctant to use many standard encryption software and hardware devices such as PGP, encryption chips or other software for the fear that those companies have given their master decryption keys to the US government. They have been waiting for one of their own Muslim terror-sympathizers to issue secure communications tools.

The Middle East Media Research Center says that GIMF, or the Global Islamic Media Front, who operate many terrorist propaganda websites and forums, issued software on January 1st that was designed to encrypt and mask communications among terrorists and terrorist sympathizers while online. The software was called “Mujahideen Secrets” and according to its advertisements, it is “the first Islamic computer program for secure exchange [of information] on the Internet,” and it provides users with “the five best encryption algorithms, and with symmetrical encryption keys (256 bit), asymmetrical encryption keys (2048 bit) and data compression [tools].”

Another key part of this software tool is that it is designed to be completely portable, such as on a thumb drive, and can operate on any system without administrator priveleges.

But the terrorists screwed up. Wanting to distribute this as fast as possible, some muslim idiot hacker wannabe uploaded the entire program and toolkit to an unprotected online forum where our boys in the DOD and private sector contractors downloaded it. And iDefense, the defense research group of Verisign announced that they cracked it.

From the CounterTerrorismBlog here:

On January 1, 2007, the pro-terrorist group, “Global Islamic Media Front” (GIMF) announced the “imminent release” of what they called “the first Islamic computer program for secure exchange on the Internet.” iDefense/VeriSign has since found a copy of this program, “Mujahedine Secrets,” on a pro-terrorist Arabic language forum and has begun analyzing its capabilities and assessing what its impact will be. Earlier this week we announced this to our client base, which includes numerous key elements of the U.S. government.

The “Mujahedine Secrets” encryption program offers terrorists and their sympathizers several key features, some of which are common features of PGP programs that are currently available elsewhere as well as other features that appear to be new. Technical analysis is ongoing and will be assessed in future iDefense reporting. Most importantly, this program is an executable application that does not need to be installed onto a PC and can be used with a USB drive.

There are many out there that argue that all terror-supporting websites should be DoS’ed off the ‘net. I disagree. It allows us to harvest the websites for open source information and we often get lucky and download key software such as this.