Security Experts:

Connect with us

Hi, what are you looking for?



Analysts Reveal Arsenal of Cyber Tools Used by Islamic Terrorists

Jihadist groups use a variety of digital tools and online services that allow them to maintain a strong online presence, while also helping them remain undetected by adversaries, a recent report from Flashpoint reveals.

Jihadist groups use a variety of digital tools and online services that allow them to maintain a strong online presence, while also helping them remain undetected by adversaries, a recent report from Flashpoint reveals.

In a new report (PDF) called Tech for Jihad: Dissecting Jihadists’ Digital Toolbox, the intelligence firm reveals the findings of an analysis of the tools employed by various jihadist groups, including the Islamic State (also known as IS, ISIS, ISIL, and Daesh).

According to the report, the online activity of these groups remains relatively unknown to the general public, although their use of social media has attracted significant attention over the past months.

Overall, Flashpoint provided analysis of 36 specific tools and services used by radical Islamic terrorist groups.

According to Flashpoint, which recently raised $10 million to expand its business, Jihadists use complex ways to maintain robust yet secretive online presences, given that confidentiality and privacy are paramount to their survival. However, the report also points out that mainstream communication applications do not offer the sophistication these groups require for their security needs, meaning that jihadists are constantly forced to seek alternative ways to communicate.

Some of the tools and tactics used by these groups in their operations include secure browsers, Virtual Private Networks (VPNs) and proxy services, protected email services, mobile security applications, and encrypted messaging services. On top of that, they employ mobile propaganda applications designed to help supporters disseminate and view propaganda with greater ease, speed, and accessibility.

Highly secure browsers such as Tor Browser and Opera allow jihadists to operate online clandestinely without divulging their IP addresses and risking third-party surveillance, while the use of VPNs such as CyberGhostVPN and F-Secure Freedome, along with proxy services, help them further obfuscate their identities during online activities.

The use of protected email services prevent intelligence agencies to monitor actors, and jihadists are leveraging these services too, because they offer security features such as end-to-end encryption and temporary, anonymous account capabilities. The protected email services preferred by jihadists include Hush-Mail, ProtonMail, Tutanota, GhostMail, and YOPmail.

These groups also use specialized mobile applications to enhance security on smartphones, including Locker, FAKE GPS, D-Vasive Pro, AMC Security, ESET Mobile Security, and many more, Flashpoint reports. Some of these apps are also meant to ensure increased device performance and longer battery life.

Over the years, terrorist groups have expanded their online presence through the use of social mediaand jihadists have increasingly turned to encrypted messenging tools to communicate. The Telegram app appears to be their top choice currently, despite a broad range of similar apps and services also available. Threema, WhatsApp, and Asrar al-Dardashah are also among the jihadists preferred apps.

 “In order to both gain popularity among potential supporters and instill fear in their adversaries, jihadists need consistent channels through which they can release propaganda, and technology is crucial for this,” said Laith Alkhouri, a co-author of the report and the Director of Middle East/North Africa Research and a co-founder at Flashpoint. “Jihadists’ reliance on technology for survival is a proven, powerfully motivating force, pushing the community to constantly learn, adapt, and advance through various technological tools.”

In April, Flashpoint released a report which concluded that the cyber capabilities of the Islamic State and its supporters are still relatively weak and appear to be underfunded and poorly organized.

Last summer, the FBI warned U.S. lawmakers of the challenges in monitoring encrypted online communications among Islamic State terrorists, while calling for new laws requiring technology firms to provide backdoors to decrypt messages among jihadists.

In April, U.S. Defense Secretary Ashton Carter said the U.S. Cyber Command (CYBERCOM) was working to destroy the Islamic State group’s Internet connections and leave the jihadists in a state of “virtual isolation.” 

Related: ISIS Cyber Capabilities Weak, Poorly Organized: Report

Related: US Military Conducts Cyber Attacks on IS

*Ionut Arghire contributed to this report

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet


Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham's Ax persona


Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.


The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...


Cybersecurity firm Group-IB is raising the alarm on a newly identified advanced persistent threat (APT) actor targeting government and military organizations in Asia and...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...