SAN FRANCISCO — A Kuwaiti cybersecurity company was startled this week when a guide it wrote to help journalists and activists stay safe online was cited as a "secret ISIS manual" to online security.
Cyberkov, a private company based in Kuwait, told BuzzFeed News that it originally published the guide in July 2014, and that it is still available on their site under the headline "Operational security for Journalists, Activists, and Human Rights Workers in the Gaza Strip." Yet last week, news organizations including the Telegraph, Yahoo News, and Wired published the guide with headlines touting the secret online protocols used by ISIS. "ISIS' OPSEC Manual Reveals How It Handles Cybersecurity," Wired's original headline read. The Islamist group, it appears, had stolen the text and was circulating it among online activists, known as the cyber caliphate.
"Our guide is based on publicly available tools, instructions and best practices," wrote Cyberkov CEO Abdullah AlAli to BuzzFeed News in an email. "The guidelines in our manual are sourced from the EFF [Electronic Frontier Foundation] and other sources of privacy organizations." He said his organization had no idea its guide had been repurposed by ISIS. He was surprised to see it cited in articles, many of which have been updated since they were originally posted to note the document's origin, and was "even more shocked to see the Combating Terrorism Center at West Point simply Google-Translated it and claimed it as ISIS’s."
A link to a JustPasteIt page with a modified version of the guide was widely circulated by Twitter accounts linked to ISIS in the last few months. It includes tips such as making sure to disable GPS and avoiding Instagram and Facebook due to their poor track records on privacy. Many of the apps recommended — such as Signal, CryptoCat, and RedPhone — are those which privacy advocates and civil liberty groups in the U.S. also include on their list of secure communication programs.
Since ISIS took credit for the Nov. 13 attack on Paris that left 130 people dead and over 350 wounded, Western officials have struggled to explain the intelligence failure that led to a complex attack being carried out on a major European city. American and European officials have blamed encrypted communication networks, which they said ISIS used to plan and organize the attack while circumventing law enforcement officials.
In the weeks since the attack, however, it appears unclear that ISIS used any encrypted programs to communicate, including those promoted in their so-called secret guide. The New York Times reports that at least one of the men behind the Paris attacks used Facebook to communicate with ISIS operatives in Syria, and a cell phone found near the location of one of the attacks showed phone calls and SMS messages sent between the attackers on open channels.
Sheera Frenkel is a cybersecurity correspondent for BuzzFeed News based in San Francisco. She has reported from Israel, Egypt, Jordan and across the Middle East. Her secure PGP fingerprint is 4A53 A35C 06BE 5339 E9B6 D54E 73A6 0F6A E252 A50F
Got a confidential tip? Submit it here.