Monday, May 7, 2007

Mujahedine Secrets

Since January, iDefense has been analyzing an encryption program they obtained that appears to have been developed by a group that calls itself the Global Islamic Media Front (GIMF).

This analysis illustrates just how much the world of threat mitigation may be changing. The encryption program, released on Jan 1st 2007 and named "Mujahedine Secrets" by its creators, takes the form of a non-installed executable, and targets non-English speaking users.

The portability of the program - Jim Melnick, the Director of Threat Intelligence at iDefense says the program can be run from a USB key - is designed to appeal to terrorists making use of Internet cafes and kiosks.

iDefense says that the program is currently being "marketed" on hacker and pro-terrorist forums. I found a copy of one such advertisement here.

In the advertisement, the software is marketed as being "the first Islamic computer program for secure exchange [of information] on the Internet," and it provides users with "the five best encryption algorithms, and with symmetrical encryption keys (256 bit), asymmetrical encryption keys (2048 bit) and data compression [tools]".

The CounterTerrorism Blog links the GIMF with Al-Qaeda - and it certainly sounds as if GIMF has a political objective. According to the SITE Institute , the GIMF is "a jihadist mouthpiece, and visual and print media organization, usually associated with Al-Qaeda."

It kind of sounds like it - the last time this group made it onto the world stage was with the September 2006 release of a video game entitled “Night of Bush Capturing.” The game, a shooter featuring segments entitled "Bush Hunter Like a Rat" and "America's Hell" was targeted at teenagers and distributed via jihadist forums.

But building video games (based on an existing engine) and developing encryption software require somewhat different skills. Is this being developed by the same group? I would be interested to hear further feedback from Arabic speakers as to the intent contained within the advertisement. Is the software GIMF's own? Or is it a "private-label" version not just of PGP, but of some pre-existing encryption software built for non-criminal activities?

Whatever the answer, there is a silver lining in this cloud for those inclined to think positive about negatives: assuming this encryption software finds a wide release among terrorists, and becomes a standard tool among their operatives worldwide, we will at least know how to best direct our code-breakers...

No comments: