Encrypted messaging services play a vital role in facilitating communication for terror groups like Islamic State (Isis). It is widely acknowledged that IS (Daesh) uses encrypted messaging apps for various purposes, including recruitment and spreading propaganda. However, the extremist group's online activities indicate that it is not overly particular about which messaging app it chooses.
IS recruitment strategies have revealed that its top recruiters like Neil Prakash (aka Abu Khalid al-Cambodi), Farah Mohamed Shirdon (aka Abu Usamah as-Somali) and Mohamed Abdullahi Hassan (aka Mujahid Miski) use various encrypted messaging apps. WhatsApp, Telegram, ChatSecure, SureSpot, Kik and Wickr are among those commonly used and promoted, Site co-founder Rita Katz wrote in a report for Motherboard.
Too many apps, too little consensus
Despite IS recruiters and members using encrypted apps as their primary source of communication, the extremist group is yet to develop a uniformity when it comes to deciding which encrypted messaging apps to use. Ironically, IS members have continued to use certain apps despite being cautioned about privacy concerns from tech-savvy IS supporters.
Warnings against 'weak' encrypted apps
A few IS supporters have taken it upon themselves to warn the rest about what they consider to be weak or poor encrypted apps. For instance, in January, a self-styled security expert and jihadi-supporter going by the name Al-Khabir al-Taqni on Twitter ranked 33 messaging apps ranging from unsafe to safe. WhatsApp was one of the lowest ranked among 15 others, all of which he warned against using.
A pro-IS Telegram channel called Muslim Safety Tips also posted an advisory against using WhatsApp, which read: "Now WhatsApp have updated to encrypted chats end to end....we cannot trust WhatsApp since WhatsApp is the most easiest application for hacking and also one of the social messaging app purchased by the Israeli Facebook program!"
WhatsApp is not the only one to have been singled out. Similar concerns have been raised about other apps like Surespot and Kik, both of which were reportedly used by British jihadi and hacker Junaid Hussain aka Abu Hussain al-Britani.
However, following Hussain's death in a US drone strike, an OPSEC (operational security) focused IS supporter going by the name Abu Suleymann voiced concerns about Surespot's securtity. "Brothers and sisters...It was Surespot that got Abu Hussain killed. Take heed and adopt. This is my last warning. May Allah protect us," read a warning posted by Suleymann.
Convenience over safety
IS's disorganisation in its use of messaging apps may come across as a clever ploy to evade detection from law enforcement agencies. However, according to Katz, the decision of which service to use is likely made based on convenience rather than security. Yet another factor to consider is the availability of the apps. Using an app as a primary communication platform requires that all members use the same app regardless of location and availability. This poses a complication, as more often than not, the popularity and availability of an app differs from one country to another.
"This any-app-will-do tendency by IS and its minions adds further complication to fighting terror in the age of smartphones, not to mention a bit of a wrench into already-empty arguments for regulating encrypted messaging platforms," Katz wrote.