Terrorists are developing and distributing encryption tools that protect privacy of their communications, as well as other homegrown apps that include a news-feed compiler and DDoS attack software, according to a Trend Micro report.
The tools have been made to give less tech-savvy members of terror groups the ability to use known technologies without having to trust or invest in commercial products that can perform the same functions, the report says.
Some of the tools are still being updated, indicating an active development community among the terrorists.
The availability of the encryption applications adds fuel to the argument that if governments require commercial encryption manufacturers to provide the means to decrypt communications and data made secret by their products, criminals and terrorists will write their own.
Here are the tools as identified by Trend Micro:
Mojahedeen Secrets: This encryption package has been around since 2007 and is used to secure email using RSA public/private key encryption. It also can delete emails and files without leaving a trace that can be recovered.
Tashfeer al-Jawwal: This encryption app was made for mobile devices and has been in circulation since 2013. Author: Global Islamic Media Front.
Asrar al-Dardashah: This is an encryption plugin to secure the Pidgin instant messaging platform.
Amn al-Mujahed: Another messaging encryption app, this can be applied to email, SMS and instant messaging. It’s been around since 2013 and is still being updated by its developers.
Alemarah: This is a new app for Android that distributes news about terror-related activities that can include Web sites and calendars as well as news feeds.
Amaq v 1.1: Another Android app, this is widely used to spread information among terrorists. There is a newer version, Amaq 2.1, that adds a feature that makes it easy to change the URL where it is hosted to keep it available if the current site is taken down.
Terrorists continue to develop other apps. For example, during Trend Micro’s study of terrorist tools, researchers ran across a rudimentary DDoS app that employs SYN floods. “While this application is not particularly advanced, it shows that there is active exploration into disruptive technology,” the Trend Micro report says.
Sign up for Computerworld eNewsletters.