President-elect Donald Trump meets with tech executives. Left to right: Larry Page, CEO of Google parent Alphabet, Inc.; Sheryl Sandberg, Chief Operating Officer of Facebook; Mike Pence, Vice President-elect; Trump; Peter Thiel, chairman of Palantir; Tim Cook, CEO of Apple. The New York Times, December 14, 2016.
President-elect Trump should already be planning for the day after ISIS's expected loss of control of Iraq's second largest city, Mosul, and the fall of its de facto capital in Raqqa, Syria – the day when its fighters and supporters will fan out across the world and return to their home countries. The organization will then turn to the Internet and social media for its survival.
Over the past few months there have been a series of ISIS-inspired attacks, attempted attacks, and planned attacks throughout the world, including in the U.S. and Europe, and most had an element of social media at their center. Just today, it was reported that Esteban Santiago, who is charged with killing five people at the Fort Lauderdale airport, had communicated with ISIS members and sympathizers on jihadi chat rooms right before carrying out his attack.[1] Another notable example was the arrest of five people in France late last year disrupted what investigators called an "imminent" wide-scale multi-target attack in the country – one that was being planned by ISIS in Syria, which was conveying its instructions to its fighters in France via encrypted messaging apps popular among terrorists. The five suspects had also downloaded the Periscope app, possibly to live-stream the attacks from their smartphones.
The incoming Trump administration will have to deal with jihadis' increased use of encrypted apps, Snapchat, and whatever social media emerge next. Many of his cabinet picks were asked about encryption during their confirmation hearings. If it does not move swiftly, the progress made over the past year on this issue may be lost; jihadis have shown great persistence in continually identifying and exploiting the weaknesses of these platforms, as well as constantly moving to new technologies and staying two steps ahead of Western security agencies.
Today's generation of Internet-savvy millennial jihadis has infested U.S.-based social media platforms, relying on apps purchased from Google and Apple stores. They use them not only to disseminate their messages but also to recruit skilled individuals to hack websites, spread viruses, and carry out other cybercrimes.
Abu Hamza Al-Muhajir, Minister of War in Al-Qaeda in Iraq – the organization that would morph into ISIS – explained to the group's followers, shortly before his death in 2010, that cyber jihad would be a vital part of its future: "I urge [you] to [show] interest in the matter of hacking, and to encourage anyone possessing this talent... so [that] we destroy the enemy's [web]sites and infiltrate its military, security and political strongholds...We believe that electronic warfare is [one of] the important and effective wars of the future."[2]
Right now, every single jihadi organization has an online presence, and every one of them is likewise investing tremendous resources in its cyber activity. These cyber-jihadis, led by ISIS, are swelling in number in the U.S., the West, and worldwide, and they are becoming more sophisticated by the day. Currently, they thrive on encrypted platforms such as Telegram, which was used in terror attacks in France and Germany this year. Over the past week, ISIS groups on Telegram launched a campaign to recruit followers to translate its videos into 12 languages, among them English, French, Spanish, German, Italian, Russian and Dutch.[3] Also this week, the ISIS-affiliated Ashhad media foundation initiated recruitment efforts on Telegram aimed at ISIS supporters with expertise in digital media, stating: "Important announcement to all supporters of the Islamic State ... Do you want to use your proficiency in one of the following areas to help the Islamic State? Writer – religious scholar. Analyst – commentator on breaking news topics. Designer [of apps] for phones. [Digital] designer for computers. Commentator for [video clip] production matters. Vocalist for nasheeds, audio engineer. [Video] editor for phones or segment editor. Editor [of video clips] for computer. Writer for articles. Proofreader for flyers. Software expert. Launcher of social media accounts."[4]
The ISIS weekly Al-Naba' has also published a series of articles on cyber jihad. The first article in the series stated: "By understanding the nature of this electronic warfare... [and] its tools and methods, we, Allah willing, are able to increase the resistance to the enemy's plans in this field... [and] move from defense to offense." The MEMRI Jihad and Terrorism Threat Monitor (JTTM) Project team has, over months of monitoring jihadi online activity, seen information about: a secret Telegram group hacking into American Airlines computers;[5] ISIS cyber groups creating their own apps; ISIS guidelines for using different encryption methods;[6] and guidelines by ISIS media groups for using encryption email services, including instructions for evading monitoring by intelligence agencies.[7] Al-Qaeda is also deeply involved in cyber jihad. Last week, its English-language magazine Al-Risalah published an article on how to use TOR.[8]
ISIS hacking groups continue to wreak havoc online. In late December 2016, United Cyber Caliphate (UCC), the leading pro-ISIS hacking group, threatened to hack Western websites and computer systems to obtain and publish information on individuals to be added to "kill lists." Urging Muslim hackers to use the skills given them by Allah to defend Islam and oppressed Muslims worldwide by targeting the enemy's websites and cyber-systems, the group went on to warn: "All your imagined firewalls and security systems only prompt us to gain more knowledge and only provide us and our warriors with [scope for] training. Our cyber-attacks will only increase, and names and addresses [of targets for assassination] will soon be posted. You will see what our lone wolves will do to these targets."[9]
During the election campaign, President-elect Trump was quoted multiple times explaining how he would deal with terrorist groups online: "When you look at what ISIS is doing with the Internet, they're beating us at our own game." In an exchange with CNN's Wolf Blitzer in the December 15, 2015 Republican presidential candidate debate, Trump said: "ISIS is recruiting through the Internet. ISIS is using the Internet better than we are using the Internet, and it was our idea... [I want] to get our brilliant people from Silicon Valley and other places and figure out a way that ISIS cannot do what they're doing." He promised that as president he would work aggressively "to disrupt and disable their propaganda and recruiting." A year later, on December 14, 2016, he was meeting with top tech executives, telling them, "I'm here to help."[10]
As Trump's national security team prepares to take over, one of its priorities must be defeating cyber jihad; Trump has already identified some key strategies for doing this. In his first 100 days, he should do what he has called for doing – that is, quickly bring Silicon Valley experts together with researchers who have also spent years working on the terrorist cyber threat issue into a Bletchley Park-type setting. Cyber scholars such as John Arquilla, professor at the Naval Post Graduate School, have for years been calling for such a move.
While there is no silver-bullet solution to stopping cyber jihad, commitment to do so by governments worldwide, and their cooperative work with the tech community and experts in the field, will make a big difference. Cyber jihad will always shift from one platform to another, and tracking it takes tremendous vigilance. Successes come when a company commits to fighting it – and we have seen this with Facebook, YouTube, Microsoft, and, now, Twitter. While jihadis still use these platforms, they do so much less freely than even a year ago.
At this time, Telegram is the jihadis' platform of choice, and they are thriving there. But we must not forget that they are continually testing other emerging platforms. The creation of an industry standard to deal with terrorist content on these platforms would be an important next step in this battle.
The U.S. government has generally been two steps behind the terrorists, and Trump's incoming national security team must be forward-thinking on this issue. Many in government are still focusing solely on Twitter, and I have met with too many people who work daily on fighting cyber jihad who have never even seen a Telegram account.
While President-elect Trump has no practical experience dealing with cyber jihad, Vice President-elect Mike Pence does. In 2007, as a Congressman, he was part of what may have been the very first action on Capitol Hill against terrorists online, when he cohosted, with Rep. Gary Ackerman (D-NY), a bipartisan briefing by MEMRI on the subject of jihadi use of the Internet and how to counter it. Following the briefing, many of the sites spotlighted in the briefing were immediately shut down – and this is a valuable lesson for us where we are today.
*Steven Stalinsky is the Executive Director of The Middle East Media Research Institute (MEMRI).
[2] See MEMRI CJL report From Al-Qaeda To The Islamic State (ISIS), Jihadi Groups Engage In Cyber Jihad: Beginning With 1980S Promotion Of Use Of 'Electronic Technologies' Up To Today's Embrace Of Social Media To Attract A New Jihadi Generation, December 2014.
[3] See MEMRI JTTM report Pro-ISIS Telegram Group Recruiting Translators For ISIS Video Productions In 12 Different Languages, January 9, 2017.
[4] See MEMRI report ISIS Supporters' 'Ashad' Media Foundation Launches Recruitment Campaign: Calling All Digital Media Experts, January 3, 2017.
[5] See MEMRI JTTM report Member Of Secret Telegram Group Says He Hacked Into American Airlines, Sabre 'Airlines,' December 15, 2016.
[6] See MEMRI JTTM report Jihadi Manual Promotes Usage Of TrueCrypt, CCleaner To Safely Store, Wipe Computer Files, December 22, 2016.
[7] See MEMRI JTTM report Pro-ISIS Telegram Channel Gives ISIS Supporters Guidelines For Using Encrypted Email Services To Avoid Discovery By Intelligence Agencies, December 23, 2016.
[8] See MEMRI JTTM report Issue 4 Of Al-Qaeda Affiliated 'Al-Risalah' Magazine Provides Recommendations On Safe Use of TOR, January 11, 2017.
[9] See MEMRI JTTM report Pro-ISIS Hacker Group Threatens Increased Cyber Attacks On West, Americans, December 26, 2016.
[10] The New York Times, December 14, 2016.