Al-Qaeda Rolls Their Own Encryption

As reported by Bruce Schneier back in May, one of the outcomes of the Snowden revelations is that some people are abandoning open source encryption tools for things they are brewing up on their own.  And while home-brewing may be great for beer, proper cryptography is many orders of magnitude more difficult to make than beer.  Al-Qaeda is one of the organizations reputedly creating three new “NSA-proof” encryption schemes.

Since 2007, Al-Qaeda’s use of encryption technology has been based on the Mujahideen Secrets platform which has developed to include support for mobile, instant messaging, and Macs.

Following the June 2013 Edward Snowden leaks we observe an increased pace of innovation, specifically new competing jihadist platforms and three (3) major new encryption tools from three (3) different organizations – GIMF, Al-Fajr Technical Committee, and ISIS – within a three to five-month time frame of the leaks.

The likelihood is that their messages may be even easier to decrypt than before.  Schneier’s report links back to an article on Recorded Future that discusses this in greater depth.  If you are interested in the technical aspects of this development, the article on Recorded Future is worth a read.


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.