The Secret ISIS Cyber Guide Was Actually Just An Arabic Guide For Activists

Cyberkov, a private cybersecurity firm based in Kuwait, said it was shocked to find a guide it created to help activists in the Arab world cited as a secret ISIS guide to cybersecurity.

SAN FRANCISCO — A Kuwaiti cybersecurity company was startled this week when a guide it wrote to help journalists and activists stay safe online was cited as a "secret ISIS manual" to online security.

Cyberkov, a private company based in Kuwait, told BuzzFeed News that it originally published the guide in July 2014, and that it is still available on their site under the headline "Operational security for Journalists, Activists, and Human Rights Workers in the Gaza Strip." Yet last week, news organizations including the Telegraph, Yahoo News, and Wired published the guide with headlines touting the secret online protocols used by ISIS. "ISIS' OPSEC Manual Reveals How It Handles Cybersecurity," Wired's original headline read. The Islamist group, it appears, had stolen the text and was circulating it among online activists, known as the cyber caliphate.

"Our guide is based on publicly available tools, instructions and best practices," wrote Cyberkov CEO Abdullah AlAli to BuzzFeed News in an email. "The guidelines in our manual are sourced from the EFF [Electronic Frontier Foundation] and other sources of privacy organizations." He said his organization had no idea its guide had been repurposed by ISIS. He was surprised to see it cited in articles, many of which have been updated since they were originally posted to note the document's origin, and was "even more shocked to see the Combating Terrorism Center at West Point simply Google-Translated it and claimed it as ISIS’s."

A link to a JustPasteIt page with a modified version of the guide was widely circulated by Twitter accounts linked to ISIS in the last few months. It includes tips such as making sure to disable GPS and avoiding Instagram and Facebook due to their poor track records on privacy. Many of the apps recommended — such as Signal, CryptoCat, and RedPhone — are those which privacy advocates and civil liberty groups in the U.S. also include on their list of secure communication programs.

Since ISIS took credit for the Nov. 13 attack on Paris that left 130 people dead and over 350 wounded, Western officials have struggled to explain the intelligence failure that led to a complex attack being carried out on a major European city. American and European officials have blamed encrypted communication networks, which they said ISIS used to plan and organize the attack while circumventing law enforcement officials.

In the weeks since the attack, however, it appears unclear that ISIS used any encrypted programs to communicate, including those promoted in their so-called secret guide. The New York Times reports that at least one of the men behind the Paris attacks used Facebook to communicate with ISIS operatives in Syria, and a cell phone found near the location of one of the attacks showed phone calls and SMS messages sent between the attackers on open channels.