Ever since last summer when Edward Snowden began releasing a trove of NSA mass surveillance documents, the “Snowden’s a traitor!” crowd has been claiming his disclosures constitute a blow to national security. “Now the terrorists know our secrets!” they claim in exasperation, though how exactly terrorists have changed their behavior remains unclear. Meanwhile, new NSA director Mike Rogers claims that terrorists are aware of and adapting to the Snowden documents, but did not go into much further detail and assured Americans that the NSA is still able to surveil crucial targets.
But a new report released today by big data firm Recorded Future lists more specific terrorists behavior changes in the wake of Snowden’s revelations. In a follow up to a report a few months ago, the study claims, “Al-Qaeda (AQ) encryption product releases have continued since our May 8, 2014 post on the subject, strengthening earlier hypothesis about Snowden leaks influencing AQ crypto product innovation.”
That earlier report, which drummed up a fair share of attention from the press, reflected a number of encryption innovations by al-Qaeda following the Snowden leaks, but some observers remarked that it could have been the result of normal innovation and incremental improvements. Following this latest study, however, Recorded Future is more convinced than ever of a direct link between the Snowden leaks and al-Qaeda “product” innovation. In probing the technical aspects of the new releases, it found that these new crypto tools represent a huge shift in security practices.
For example, one piece of encryption software developed by the al-Qaeda-associated Global Islamic Media Front (GIMF) was released three months after the Snowden revelations, shows the group moving away from NIST standard algorithms, many of which have been suspected of being infected with backdoors by the NSA, to something called the Twofish algorithm. Twofish, developed by security guru Bruce Schneier and others, is also used by the American secure communications firm Silent Circle, which in May announced it had raised $30 million. As further evidence that the Snowden revelations are directly linked to Al-Qaeda, Recorded Future cites a statement on the download page for GIMF’s new software: “Take your precautions, especially in the midst of the rapidly developing news about the cooperation of global companies with the international intelligence agencies, in the detection of data exchanged over smartphones.”
Schneier, for his part, still isn’t convinced that the changes we see in how al-Qaeda encrypts communication aren’t part of the normal course of innovation. He tells NPR, “Certainly they have made changes, but is that because of the normal costs of software development or because they thought rightly or wrongly that they were being targeted?” In any case, Schneier adds that all electronic communications can be cracked one way or another, which supports Rogers’ thesis that the NSA has it all under control, nothing to see here.
So in other words, did the Snowden revelations change terrorist behavior? New evidence points to yes. But has it put the country at risk, making Snowden a big fat traitor worthy of execution? Not quite.
[illustration by Brad Jonas]