Big Data Firm Says It Can Link Snowden Data To Changed Terrorist Behavior

24550944_BG1

For nearly a year, U.S. government officials have said revelations from former NSA contract worker Edward Snowden harmed national security and allowed terrorists to develop their own countermeasures. Those officials haven’t publicly given specific examples — but a tech firm based in Cambridge, Mass., says it has tangible evidence of the changes.

According to a new report to be released Friday by Big Data firm , a direct connection can be drawn: Just months after the Snowden documents were released, al-Qaida dramatically changed the way its operatives interacted online.

“We saw at least coming out with different organizations with al-Qaida and associated organizations fairly quickly after the Snowden disclosures,” said Recorded Future’s CEO and co-founder, Christopher Ahlberg. “But we wanted to go deeper and see how big those changes were.”

By “product releases,” Ahlberg means new software. And for the first time, Recorded Future says, it can now codify just how big a change it was.

The company brought in a cyber expert, Mario Vuksan, the CEO of Reversing Labs, to investigate the technical aspects of the new software. Vuksan essentially reverse-engineered the 2013 encryption updates and found not only more sophisticated software, but also newly available downloads that allowed encryption on cellphones, Android products and Macs.

To put that change into context, for years, al-Qaida has used an encryption program written by its own coders called Mujahideen Secrets. It was a Windows-based program that groups like al-Qaida’s arm in Yemen and al-Shabab in Somalia used to scramble their communications. American-born radical imam Anwar al-Awlaki used it, too. Since Mujahideen Secret’s introduction in 2007, there had been some minor updates to the program, but no big upgrades.

Ahlberg thought the fact that the group changed the program months after Snowden’s revelations provided good circumstantial evidence that the former contractor had had an impact — but he wanted to see how much.

As it turns out, Recorded Future and Reversing Labs discovered that al-Qaida didn’t just tinker at the edges of its 7-year-old encryption software; it overhauled it. The new programs no longer use much of what’s known as “homebrew,” or homemade algorithms. Instead, al-Qaida has started incorporating more sophisticated open-source code to help disguise its communications.

“This is as close to proof that you can get that these have changed and improved their communications structure post the Snowden leaks,” Ahlberg said.

Others are less sure that you can draw a straight line from Snowden to the changes in al-Qaida’s encryption program. Bruce Schneier, a technologist and fellow at the Berkman Center at Harvard, said it’s hard to tell.

“Certainly they have made changes,” Schneier said, “but is that because of the normal costs of software development or because they thought rightly or wrongly that they..

Read more: http://www.npr.org/blogs/thetwo-way/2014/08/01/336958020/big-data-firm-says-it-can-link-snowden-data-to-changed-terrorist-behavior?ft=1&f=