Threat Management, Threat Intelligence, Threat Management

Agencies explore communication used in Paris attacks

Following the terror attacks in Paris that left 129 dead and about 350 others injured, intelligence agencies are exploring the communication methods that may have been used in planning the coordinated attacks.

Speaking on Monday at the Global Security Forum, an event hosted by the Center for Strategic and International Studies, CIA Director John Brennan said there has been a “significant increase in the operational security” of terrorist networks. He said terrorist groups “have gone to school on what it is that they need to do in order to keep their activities concealed from the authorities.”

Brennan used the forum to ask if the governments have focused on privacy concerns at the expense of security. He suggested that the U.S. and Europe look at whether there have been “inadvertent or intentional gaps” that affected intelligence agencies' ability to protect their countries.

Comments from Jan Jambon, Belgium's federal home affairs minister, last week raised questions over the specific devices that might have been used by the ISIS network to communicate prior to and during the attack on Friday.

“The most difficult communication between these terrorists is via PlayStation 4,” Jambon said at a Politico event last Tuesday.  “It's very, very difficult for our services — not only Belgian services but international services — to decrypt the communication that is done via PlayStation 4.”

In speaking with SCMagazine.com, Peter Ewane, a security researcher at AlienVault, said terror groups are “trying to use nontraditional communication platforms.” He suggested it is very easy to regularly set up new accounts and usernames on multiplayer gaming platforms like Xbox and PlayStation 4 to avoid detection.

Security researcher Graham Cluley wrote on his blog that the groups “might have used OTR (off-the-record) instant messaging on their PC, smartphone apps for secure encrypted phone calls, good old GPG-encrypted emails, or any manner of other ways to communicate without fear that law enforcement would be able to easily snoop on their plans.”

Jambon noted that extremist groups have been successful at attracting new recruits through social media. He told Politico parents of ISIS recruits claim their kids stopped going to mosque. “The mosques were too moderate and they find their ‘truth' on the internet,” he added.

Hacker group Anonymous launched a campaign against ISIS in January, and has successfully hacked into thousands of Twitter accounts that it says were used to spread pro-ISIS propaganda. After the attacks in Paris on Friday, Anonymous declared war against ISIS, warning the terror group, “We will launch our biggest cyber attack against you.”

Shortly after the attack, ISIS moved its bulletin board, used for recruiting and propaganda, to the Darknet. Scot A Terban, the security researcher who discovered the bulletin board, wrote on his blog on Sunday that ISIS operatives used Telegram, a semi-private messaging app based in Russia, to claim responsibility for the Paris attacks. Terban wrote that ISIS has several Telegram accounts “popping up on jihadi Twitter” and Facebook.

In October, Telegram CEO Pavel Durov announced on Twitter that Iran blocked the app after refusing the governments' request to help spy on its citizens. Durov lost ownership of his previous startup, VK, after refusing to turn over information about Ukrainian protesters to Russia.

At the Global Security Forum, Brennan said he hopes the attack will be “a wake-up call,” particularly in Europe where he believes there has been a “misrepresentation” of what intelligence agencies are doing “by groups who are designed to undercut those capabilities.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.