The Evolution of Jihadi Electronic Counter-Measures

After each attempted terrorist attack, whether botched or successful, government security forces worldwide are typically tasked with reviewing and analyzing the incident to draw lessons from the mistakes made in order to better prepare for possible future attacks. The same process, however, takes place in the opposite camp. Jihadis analyze their failed attacks and try to train their members to penetrate the defenses of international security forces. Since communication is essential for any operation and the internet is a favorite tool of Islamist militants, jihadi forums and websites contain information on the secure use of computers and mobile phones.

Electronic training explains to jihadis the vulnerability of the internet. It warns against electronic methods that security services use to penetrate jihadi networks, such as computer viruses and by actual infiltration of jihadi computers by using Trojans viruses. In addition, the training lessons discuss security gaps in mobile communications by explaining the basics of mobile technology and giving real examples of cases where security forces tracked jihadi militants using the mobile phone system. As part of this discussion on electronics, jihadis also provide information on how to beat polygraph tests.

Internet Communication Security

In a forum relating to internet communication security, located at https://www.gsm4arab.net, jihadi users begin by highlighting the importance of internet forums for reciprocation among members and for propaganda against the enemy, acknowledging the fact that intelligence services are constantly attempting to penetrate these forums [1]. The training underlines a few steps that the forum participants should take in order to avoid being identified by security forces. Some of the paraphrased steps are below:

– Be aware that some participants are pretending to be sincere, asking many questions on ways to travel to mujahideen war zones to take part in the holy war—these “participants” are often intelligence officers logged on from their offices. The officers will defend the mujahideen and write long articles praising jihad. They will ask you to cooperate with them in furthering the cause. If you fall for their bait, you will end up in jail.

– By signing up in a forum, forum owners can obtain a participant’s IP address and pinpoint the location of the computer to a very precise proximity. We recommend that honest owners of forums cancel the IP address option. Nevertheless, be aware that IP addresses can also be obtained by tracking e-mails. If you are tasked with publishing mujahideen news or if you are wanted by the intelligence services, it is better to use internet café computers. Do not forget, however, that most Internet cafés spy on their clients.

– Do not provide accurate personal data when signing up in any forum.

– Always use different internet cafés to post in the forums, delete internet temporary files and do not stay long in the café.

– Be careful of spyware when downloading files from the forums.

– Do not install any software on your computer if requested by the forum.

– Do not give your email to anyone in the forum.

– Use different passwords and nicknames for different forums.

– Do not mention critical information in the forum and apply the need-to-know principle.

– Remember that jihadi forums are not for making friends.

The training provides solutions to some of the points mentioned in the lessons such as how to hide the computer’s IP address. Furthermore, the training covers other aspects of internet security such as safe web surfing, avoiding sites and forums already penetrated by some authorities and the secure use of e-mail and messenger programs. Finally, the training advises jihadis to update frequently their anti-virus, anti-spy, IP hiding and network identity card software.

The training also discusses electronic dead letter boxes. An example of an electronic dead letter box is sharing the same e-mail address and password with all the individuals/parties communicating. Rather than send an e-mail from that e-mail address, the user instead saves the message that they want to convey as a “draft” so that the other parties can log in and read the draft—if an e-mail is not sent over the internet, it is very difficult to intercept. Acknowledging the fact that al-Qaeda’s global jihad depends on the internet to instigate and train Salafi-Jihadi adherents to commit terrorist acts makes secure internet usage a critical component of Islamist militant strategy.

Mobile Communications

On mobile technology, the training documents at https://www.almaqdese.net explain the basics of mobile communication such as handover or communication towers and repeaters that convey the conversation of the caller to the tower closest to the receiver of the call [2]. In the process, each mediating tower will register all technical details of the caller such as the phone number, SIM card serial number and the location of the caller. The mobile phone lessons also explain the ability of phone company operators to locate mobile phones by using the paging and signaling technique to an accuracy of a few centimeters; if intelligence services are able to identify a phone as belonging to a potential suspect, they are able to track the movement of the suspect through this technology. Citing examples from Palestine, the training refutes the misconception that powered-off mobile phones can still be remotely activated as a listening device. One example explains how secret Israeli agents managed to plant eavesdropping equipment in mobile phones that were then sent to Palestinian suspects as gifts. In general, the writer advises methods for jihadis to avoid capture by authorities. These methods include:

– All jihadis in contact with a captured member must eliminate the mobile phone numbers they used to contact the arrested and destroy the SIM cards.

– Refrain from calling officials who know your identity from your unofficial/secret number because that will reveal the fact that you are using a phone under a fake name. This will make your behavior suspicious if the official ever spoke with security agents. The “unofficial number” refers to the phone numbers that the jihadis purchase under false names and use for operational communication.

– Do not give your unofficial number to anyone except your jihadi contacts. If the number becomes known by relatives and uninvolved friends, discard the mobile phone and the SIM card.

– Do not use the unofficial phone from the same location (such as your home) repeatedly.

– Do not keep phone numbers under surveillance turned on in the same location for long periods of time because security forces will uncover your address.

In a related topic, the training touches on the subject of voiceprint, warning jihadis of intelligence services’ capabilities to establish voiceprint through eavesdropping on the jihadis and later uncovering any attempted terrorist acts even if the jihadis use fake names and unknown phone numbers. To further explain the voiceprint notion, the lesson draws an example from Israeli intelligence and air force operations against four members of al-Qassam Brigade. The four members of al-Qassam Brigade were meeting in an open area at the Gaza beach. Israeli intelligence, which had established the voiceprints of the four in an earlier encounter, was able to intercept their calls and pinpoint their location even though they were using different numbers and fake names. Finally, the writer suggests preventive measures such as:

– Change the tone of voice from hoarse to soft or vice-versa.

– Shield the phone speaker with a piece of cloth.

– Change breathing rhythm.

– Change the accent.

– Speak in a noisy environment.

– Avoid commonly used phrases.

– Use computers to change the tune of voice in recorded messages or communiqués.

Needless to say, like other jihadi training documents, the mobile communication lessons are thorough and scientific. Also, keeping up with the latest technology that the intelligence services are using, the writer added to the lesson at a later date a warning about the capability of some advanced intelligence services to send out magnetic signals to locate powered-off mobile phones.

The Polygraph

In a section on polygraph testing, located at https://www.tawhed.ws, jihadi training describes the test as a psychological hoax to pressure the mujahideen during interrogation, reiterating the mythology that Western security services propose about the machine’s ability to detect lies [3]. Furthermore, the training identifies the functions of the polygraph machine such as how it registers the physiological reflexes of the subject and how the interrogator uses control questions to convince the mujahid of the capability of the machine. The control questions, the training explains, are a group of question with known answers for both the interrogator and the mujahid designed to register the mujahid’s normal reflexes to be compared later with reflexes from the serious questions. Therefore, the training outlines steps to counter the polygraph, especially during control questions, such as:

– Controlled breathing. The mujahid must train on controlling the rate of his breathing all through the test.

– Controlled blood pressure. Blood pressure must be raised above the normal rate by solving complicated mathematical problems in his mind while the interrogator asks polygraph control questions or by imagining mind stimulating situations like falling from a high cliff.

– Biting the tongue to induce pain.

– Give short answers and deny any knowledge of polygraph machine technology.

The polygraph training concludes with a few reminders of interrogators’ behaviors in pretending that the mujahid has failed the test even if he or she did pass because the overall objective is to extract information from the subject by any possible means. To further convince mujahideen that the test is a hoax and to protect them from collapsing during interrogation, the postings quote former presidents of the United States and ex-FBI and CIA officials criticizing the effectiveness of the polygraph system.

Conclusion

Terrorists and suicide bomber communicate on jihadi sites and forums to learn different terrorist tactics. The internet remains jihadis’ favorite means of tactical support since it is easy to access and easy to remain relatively anonymous, consequently directing and guiding the global jihad movement. The small cells and temporary groups of this global movement, inspired by jihadi ideology, are acting increasingly independent from al-Qaeda. Jihadis are also using the technological evolution for propaganda and for the recruitment of new terrorists. For instance, there are many successful cases of recruitment through the internet in Iraq and in other countries, such as the case of the German citizen of Moroccan origin Redouane EH, who German prosecutors say was recruiting suicide bombers through internet chat rooms [4]. Jihadi leaders, like Abu Musab al-Zarqawi before his last appearance in a televised message, regularly sent promotional and justification messages through the internet such as the ones sent after the Amman hotel bombings in November 2005. The promotional campaign through two electronic jihadi magazines—Sawt al-Jihad and al-Battar Training Camp—in Saudi Arabia is another example of internet employment by Salafi-Jihadis [5]. Therefore, the jihadi groups are capable of adapting to security constraints and pressures by using contemporary means and flexible tactics.

Notes

1. https://www.gsm4arab.net/vb/archive/index.php/t-42312.html.

2. https://www.almaqdese.net/r?i=963&a=p&PHPSESSID=50a931aff534b807a0a5348f4a5635bd

3. https://www.tawhed.ws/r?i=3165&PHPSESSID=7633aa0416e42befd58f43b63d8164c3

4. CNN, August 24, 2006.

5. Middle East Report, September 21, 2004.