In the wake of the Paris attack, intelligence officials and sympathizers upset by the Edward Snowden leaks and the spread of encrypted communications have tried to blame Snowden for the terrorists’ ability to keep their plans secret from law enforcement.
Yet news emerging from Paris — as well as evidence from a Belgian ISIS raid in January — suggests that the ISIS terror networks involved were communicating in the clear, and that the data on their smartphones was not encrypted.
European media outlets are reporting that the location of a raid conducted on a suspected safe house Wednesday morning was extracted from a cellphone, apparently belonging to one of the attackers, found in the trash outside the Bataclan concert hall massacre. Le Monde reported that investigators were able to access the data on the phone, including a detailed map of the concert hall and an SMS messaging saying “we’re off; we’re starting.” Police were also able to trace the phone’s movements.
The Telegraph reported that “eyewitness accounts and surveillance of mobile telephone traffic” suggested that Abdelhamid Abaaoud, the suspected strategist of both the Paris attack and one that was foiled in Belgium, was staying at the safe house.
Details about the major ISIS terror plot averted 10 months ago in Belgium also indicate that while Abaaoud previously attempted to avoid government surveillance, he did not use encryption.
A prescient bulletin sent out in May by the Department of Homeland Security assessed “that the plot disrupted by Belgian authorities in January 2015 is the first instance in which a large group of terrorists possibly operating under ISIL direction has been discovered and may indicate the group has developed the capability to launch more complex operations in the West.”
Abaaoud’s planned operation in Belgium was blown when authorities, who had been closely surveilling his three accomplices, stormed their safe house in the city of Verviers after determining that they were planning a major attack — very much like the one that took place in Paris on Friday. A pitched firefight between Belgian commandos and the ISIS veterans firing Kalashnikov rifles and lobbing grenades ended with two suspects dead and a third captured.
Belgian investigators concluded that Abaaoud directed the foiled operation there by cellphone from Greece — and that despite his attempts to avoid surveillance, his communications were in fact intercepted. Just a few days after the raid, Belgian news website RTL Info ran a whole article titled “What the Terrorist Suspects under Surveillance Were Saying.” It described surveillance over several months, through wiretaps and listening devices placed in the suspects’ car and their apartment.
Screen grab of Abdelhamid Abaaoud wearing a GoPro camera.
Photo: RTBF video
Some of the telephone conversations that were intercepted used code or obscure Morroccan dialects. Ironically, the suspects were overheard discussing the need to frequently swap out their cellphones.
Abaaoud has a brilliant history of avoiding capture — in fact, in an interview with ISIS’ Dabiq magazine he bragged that his “name and picture were all over the news yet I was able to stay in their homeland, plan operations against them, and leave safely when doing so became necessary.”
But when it comes to defeating electronic surveillance, there’s good reason to question his tradecraft. After all, he wore a video camera on his head (what is that, a GoPro 3?) And he lost a cellphone in Syria that was full of unencrypted pictures and videos.
A journalist, Etienne Huver, obtained the phone from sources in a Syrian refugee camp last year. His report for RTBF Belgian television, about the contents of the phone of the most wanted man in Europe included footage of Abaaoud clowning around, posing with a rifle, and driving a car dragging the corpses of Free Syrian Army fighters.
WiReD published what looks like a Google Translate of the ISIS OPSEC guide here:
http://www.wired.com/wp-content/uploads/2015/11/ISIS-OPSEC-Guide.pdf
I think it would be interesting to have an article that goes through, lists, and explains all the encryption applications they review in it, together with the signs of government attack on each one.
For example, they reference ProtonMail, which was hit by a DDOS attack by a “state actor”, and TrueCrypt, which was discontinued with an only-decrypt version, and the Aviator browser, for which all development and support was discontinued without explanation (including the download link for the Windows binaries, apparently). I don’t know many of these apps but I imagine you can tell quite a story.
Pretending they don’t use encryption is a pointless game. We have a battlefield and we pretend it’s a flower garden? Our mission, as believers in freedom of expression, is to defend the use of encryption KNOWING that yes, it won’t be used only by angels.
It’s interesting. The attackers were actually not encryption experts or operationally savvy. They openly bragged about their plans. They communicated over Facebook and text messages. They were known to authorities. Another report claimed that ISIS publishes its plans on Twitter.
Either way, it seems that neither the Snowden revelations nor encryption had any impact on anything relating to Paris. It was a failure of the security services that are supposed to uncover such plots.
Great article. In the first CNN news special on the Paris attacks, some Asst. FBI director was on yammering about how encryption puts all of us more at risk. She made this point repeatedly (and in other news reports). Of course now we learn thanks to The Intercept that this was nonsense.
One must now analyze police state propaganda by careful means: what isn’t said is more important that what is. Had encryption communications been an actual hindrance to surveillance/capture, this would be trumpeted loud and long, repeatedly. We would here breathless reports of the details of the poor frustrated spies. But we do not, do we?
Complaints about civil liberties “protecting” bad guys are rarely accompanied by actual evidence where that is true. Instead, generic fear of attack (after major attacks) is used to gin up support by the police state to further erode protections.
Terrorists aren’t usually stupid (those who are will be used as suicide bombers). But as this article proves, they get lazy and careless and their fluid movements don’t necessarily put a high value on keeping every communication secret. It’s called asymmetric warfare for a reason.
So…
I guess the upshoot of this is that the powers that be will move to ban unencrypted communications? After all, terrorists use it to plan attacks with impunity?
/s
The attempt, noble though it is, to assure everyone that terrorists don’t use encrypted communication any more than they used to or not at all is a little bit misguided. This isn’t the point at all. Let us instead agree that yes, in some cases, the recent popularity of encryption may indeed get in the way of the discovery of some terrorists some time, but we the people want encryption because we can’t trust you the state with our private data, and had you the state been less authoritarian in spying on us the people, and less deceitful in your lying to us about it, we the people may have allowed you the liberty to collect our data that you now apparently crave, as you see it slipping away from you. Though the increased difficulty in detecting terrorism may be a reality, it is the price both you and us are paying for you being such a totalitarian nightmare in our midst posing as our friend.
Otherwise, I think ‘The Intercept’ is doing a good job, but you have to make it sound a lot less like special pleading, as that in the end is bound to backfire.
Today’s high-tech surveillance is not intended to prevent crime. Its aim is control.
It is because the state is too intrusive, that it is losing the power to be more intrusive. It is a loss for them, and also a loss for us to the extent that it may indeed hamper the discovery of some terrorists. But it is an unfortunate truth that the freedom of the many will have to accept the bloody death of the few when the state has overstepped the mark and can no longer be trusted.
The plain fact is that the power of state is more feared than the power of the terrorist, and if it is not then it ought to be. This was never about not wanting the state to use all means at its disposal to prevent tragedy and loss of life, after all they are our servants. But when they started fancying themselves as our masters rather than our servants the situation had changed, and encryption is the power of the people reasserting itself after its trust has been abused. It really is as simple as that.
Who needs encryption when you can conduct your main terrorist business in person and then not use any flagged words when communicating over open electronic media? Texting ‘we’re off; we’re starting’ only means something after the fact.
All mass surveillance appears to be for after-the-fact joining of dots, they want to invade your privacy after you have done something. But the point is that that ‘something’ is not only a terrorist act, but also possibly standing on a picket line or protesting a war or writing an anti-government article. They want to know who you are THEN. Who knows how the parameters of a ‘person of interest’ may change as more and more oppressive government appears on the horizon.
There might be more support for mass surveillance if it was only being used to track murderers’ prior movements, but the fact is that we have no idea how the data is being used and it is this suspicion will lead more and more ‘ordinary people’ to encrypt, and this is the fear that government agencies are expressing, hence their constant taking advantage of situations to ply their agenda of a mass surveillance society.
But they are bringing it on themselves by being inherently untrustworthy. This is what they don’t appear to grasp. Because we simply can’t trust the state to have our best interests at heart. Even though we want them to catch terrorists, we don’t want them knowing anything about us beyond trivia, and even that we resent them collecting. It’s their fault if the world is now encrypting en masse. It is just an irony that grandmothers discussing knitting patterns may do so over an encrypted connection whereas terrorists may coordinate their affairs over open media with seconds to go. But whose fault is that? Arseholes like Brennan.
I keep hearing people toss around the possibility that a) the terrorists are getting smarter and b) intelligence is incompetent. Not to get all conspiracy theoristy or anything, but could there be an option c) governments need these events to gain more control (through fear) over their populations, and justify wars for the military industrial complex?
After all, France declared war on IS after this latest event in Paris even though they had already been bombing IS. With the Paris attack, they were able to make it official and probably allocate a lot more resources to the war without anyone making a fuss.
to WakeUpAmerica
Seen from my french side, your option c) need a little rewriting.
French government needs approval to increase national deficit and spend enough money for police, justice and health people.
Explanation :
The previous government cut 12.000 jobs in police and many thousands in justice in order to contain the budget because some theorists said our deficit should not be over 3% of our GNP…. This mantra became a European rule written in european treaty and a budget constraint in Euro Zone .
This government, trying to please the business caste followed the same path, cut spending and tried to respect the 3% mantra.
In January, it tried to renegotiate this deficit with no avail (in France with opposition, in Europe with Germany and ECB).
After the big kaboom of last week, the mantra of 3% deficit disappeared. There is now a large consensus that the government should spend whatever is necessary to reach a normal security level .
The money will flow to humans : policemen, firemen, hospital doctors, judges because you don’t need computers, cctv and other technologies if you don’t have people to use it…
eg: Five years ago there were eighteen judges to instruct terrorist cases. The cases have increased between there and fivefold and last week there were .. eighteen judges. This could not work. In some districts, police has no more bullets since last september and have to wait until the beginning of next budget (january)….
So your c) is IMHO « our government levy on these events to increase spending and btw national deficit with a large national and european approval » I’m not allowed to make a worldwide generalization of my assertion.
Best regards
Why wasn’t Abaaoud caught before he caused mayhem? Was that the The Five Eyes and cohorts, didn’t have an interpreter to translate his conversation, if he was being tracked, or is there so much noise from surveillance, that they couldn’t find his cellphone, or associate it with him?
He switched cell phones & SIM cards regularly, and moved around between several countries (Belgium, Greece, Turkey, Syria, France, …) and often using false ID papers. For example after the police raid in Verviers, they traced the phone he was known to use recently back to Greece, but when the Greek police arrested the then-owner of that phone, it was somebody who bought it second hand (Abaaoud fled to Turkey and then Syria).
@Dan
When talking about communication there is two elements to consider : the human and the device itself.
After Charlie’s events and last week killings, we know (I’m living in France) these terrorists were quite a lot dumb, and under the influence of drugs at the time of killings. They were under stress and some of them failed miserably (Saint Denis stadium).
With these low-skilled people, it’s more efficient to use once or twice plenty of unencrypted smartphones with prepaid cards (police found Sim cards in their hideouts and around the killing places) than taking the risk of using many times an encrypted phone (is someone collecting metadata ?). And if you want to use many encrypted phones, you have to bring them with you all along the operation, operation which lasts more than a week in the final deadly phase.
So these (low-skilled) people have to deal with logistical problems (weapons, munitions, unstable explosives, cars, fake ids….) and managing encrypted system would add another burden to their chores.
We must not forget these terrorists have to execute strictly all the actions of their scheduled program (eg dropping fake passports to arouse hate against muslim or refugees) to reach the goals of their leaders. So the encryption is not on their agenda.
We have to get away from the paranoia of past times when every villain was a super james bond fully equipped with high tech gadget.
The sad reality is that terrorists are ordinary people who use basic (yet deadly) tools to attain their goal. These people need to keep a low -profile and behave like any ordinary citizen to stay hidden among us. That means using low-tech and simple everyday communication system.
Dan you can rewrite some parts if needed as my english has improved these last years
ooopppsss last line is … has not improved …
From the Bay Area, which is to say, Silicon Valley, this:
http://www.sfchronicle.com/72hour-sale-event/article/Paris-attacks-spark-another-fight-against-6639566.php
Via the http://www.eff.org website, in case the SF Chron raises its pay wall.
Well, of course.
Just more proof of the Intelligence community’s incompetence . The US & UK governments wants to throw more money at the system of mass surveillance, a system that has been proven not to work many times over, rather then a system of targeted surveillance . Just add more money & hay to the pile in search of the needles and that will solve the problem. That is not intelligence that is STUPIDITY !
Just more ineffective & costly empire building on the part of the ” Intelligence ” community ! !
So, before, if you use encryption you’re likely doing something wrong; but, they didn’t use it… So now maybe if you write letters and read stuff on paper, rather than electronically the authority will assume your up to no good.
I see how this going and I think Ray Bradbury predicted: folks who decide not to use their electronic devices will be criminals because they can’t be watched. Was it the story the Pedestrian?
@ Dan
Not sure if you caught it but Rachel Maddow covered this ground a couple of days ago re: Abaaoud (although not quite as in depth as you).
But she tied off her piece with the right question(s)–not sure which scares her more a) that these types of ‘homegrown’ small weapons attacks (basically unstoppable anyway) are being planned by a violent buffoons like Abaaoud and appear to be becoming more frequent and coordinated, or b) that the international ‘intelligence agencies’ appear to know quite intimately who these individuals like Abaaoud are but seem entirely incapable or ineffective at sidelining or otherwise legally arresting them prior to them carrying out their plans.
For me it’s the latter. Which begs the question–why and to what end? My theory is that it’s a tactical error that necessarily flows from a strategic error in “anti-terrorism policy”. The US strategy in particular believes you can kill off an idea/ideology by cutting off enough of the “top heads” of the movement or ideology. But that’s wrong minded thinking in my opinion. You only kill off an idea/ideology by undermining or changing the conditions on the ground that make the idea/ideology attractive to certain people.
So a recurring tactical mistake necessarily follows which is that when the ‘intelligence agencies’ latch on to some low hanging (or more likely decentralized) fruit like Abaaoud they let him “remain on the field” in the hopes he leads them to the “higher ups” in ISIS or Al Qaeda (or any similar of affiliated entities) wherever they may be from Syria or Iraq to North Africa. And they probably convince themselves that they can step in before the low hanging fruit does something bad. The obvious problem with that tactic is that it is clearly going to blow up in their faces on occasion as it did in Paris.
One of the few other conclusions that can be drawn given their knowledge of the existence and identity of people like Abaaoud is that the ‘intelligence agencies’ are wholly inept at “risk assessment” and/or intrinsically incapable of intervening in a timely manner to disrupt these types of individuals in their planning phases.
I mean if you can investigate and grab up and prosecute a Somali-US citizen for “material support,” like the San Diego cab-driver who was given a stiff sentence for giving $8,500.00 to some nominal Somali charities, then please explain to me how you can’t interdict in a timely way someone like Abaaoud and his accomplices?
Like I said, not sure which of the intelligence agencies failings is most disturbing? The strategy and tactics, or their seeming ineptness in intervening to disrupt known individuals plotting relatively decentralized and the relatively small-scale type of attacks that occurred in Paris.
Ryan Gallagher’s piece that just went up is a great companion to this one. Between the two it helps illustrate precisely the dynamic(s) I was trying to get at above.
Not sure what the answer is, or how the intelligence agencies and law enforcement ultimately get it together to impede these sorts of attacks before they happen without totally undermining everyone’s civil rights and liberties. But at least this type of journalism forces people to ask the right questions of their leaders and government.
Again, The Intercept and its journalists and staff are doing really excellent work in this area since the Paris attacks. Keep it up.
I’m on your side about encryption, but to me this argument seems counterproductive. If the terrorists were using unencrypted channels, that could be used to argue that past policies effectively intimidating companies out of offering us privacy were actually beneficial!
To me what matters is that they can and will do whatever doesn’t get them caught, and if something changes, they’ll adapt. If the NSA starts checking its own databases better and some get rounded up, others who were more careful will set the new precedents. We’re up against natural selection here – they don’t need to know or understand what the government’s capabilities are. No matter how many are blown up, the very bombs that killed them will breed a new generation that is resistant.
That actually isn’t an incidental feature – the whole idea of the Old Testament covenant, back to Abraham, was making his descendants “as numerous as the dust of the earth”. From attacks on gays to the rape of little girls, ISIS is a continuation of recorded tactics meant to win selective advantage. We should expect a religion that has been based on natural selection since long before it was founded will frequently be able to use the same for advantage.