Intelligence officials often insist they can never clue us in on the elaborate ways we're being spied on because enemies like ISIS, otherwise known as Daesh, will gain an advantage. Let them know we have an 11-foot wall, they'll get a 12-foot ladder. Show them the blueprints of the mouse trap and we'll just get smarter mice.
And then we were told Edward Snowden blew the lid off of all that — that the terrorists who slaughtered at least 129 innocent people in Paris got away with it because they've "read Snowden." The message here: Less transparency keeps us safe, while whistleblowers like Snowden help the enemy.
Despite that claim, it turns out that whether or not Daesh uses encryption to hide its dealings has nothing to do with what the group learns about our spying systems. A new study from cybersecurity firm Flashpoint scrubbed millions of jihadi communications from Deep Web forums and found that the Snowden revelations had absolutely nothing to do with whether or not jihadis used encryption.
"The underlying public encryption methods employed by online jihadists do not appear to have significantly changed since the emergence of Edward Snowden," the report reads. "Major recent technological advancements have focused primarily on expanding the use of encryption to instant messenger and mobile communications mediums."
Like the rest of us, Flashpoint's analysts believe that since jihadis have always had some relationship with encryption, that the Snowden revelations were just as much a surprise to Daesh as they were to anyone with a smartphone. That is: no surprise at all.
From the study:
Well prior to Edward Snowden, online jihadists were already aware that law enforcement and intelligence agencies were attempting to monitor them. As a result, the Snowden revelations likely merely confirmed the suspicions of many of these actors, the more advanced of which were already making use of — and developing — secure communications software.
Daesh is most definitely using encryption: They've developed their own tools and tutorials for learning to encrypt digital communications, including a homebrew encryption kit called Asrar al-Mujahideen, or "Secrets of the Mujahideen." Where most people have to use online tutorials to figure out how to encrypt messages, Daesh has a 24-hour "help desk" for jihadists.
There is a countervailing assault on Daesh's online presence that's driving them into the Internet's deeper recesses. Hacktivists who regularly intercept Daesh communications and plant moles in online gathering places for jihadi terrorists told Mic this week that since being driven largely from Twitter, an app called Telegram became a new place for Daesh to plan. Shortly after Mic heard this, Telegram banned 78 Daesh channels:
Regardless, everyone from CIA Director John Brennan to New York City's own tech-savvy police commissioner has been whittling away at encryption in the public eye by painting it as a favorite tool of criminals and blaming Snowden for the fact that no one was able to prevent the terrorist attacks.
"We've seen this before, often in the wake of terrorist attacks, there's kind of this knee jerk reaction and a tendency to push for expansive surveillance programs or other proposals that actually limit freedom that we actually should protect," Neema Singh Guliani, legislative counsel for the American Civil Liberties Union, told the Daily Dot.
"The underlying public encryption methods employed by online jihadists do not appear to have significantly changed since the emergence of Edward Snowden."
Although law enforcement and intelligence officials are exploiting the emotions of people looking for a solution, the proposal that many legislators often set forth — that encryption should include "backdoors" that allow for law enforcement to poke their head through when necessary — are roundly impossible.
Assertions that Daesh has been flocking to encryption lately, that encryptions should be weakened, that Snowden's whistleblowing is to blame and that mass surveillance has ever been the answer to terrorism are well-trod themes with no proof to back them up. They are, however, excellent scapegoats.