NPR logo

Big Data Firm Says It Can Link Snowden Data To Changed Terrorist Behavior

  • Download
  • <iframe src="" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript
Big Data Firm Says It Can Link Snowden Data To Changed Terrorist Behavior


Big Data Firm Says It Can Link Snowden Data To Changed Terrorist Behavior

  • Download
  • <iframe src="" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript


For months now, U.S. officials have said that leaks from former NSA contractor Edward Snowden changed the way terrorists communicate. But they've stopped short of providing details. Now, a technology company in Cambridge, Massachusetts says it's found tangible evidence that terrorist groups are using sophisticated encryption programs.

NPR's Dina Temple-Raston reports.

DINA TEMPLE-RASTON, BYLINE: The CEO of big data company Recorded Future is a man named Christopher Ahlberg. He had heard the Obama administration say that terrorists had changed the way they behave because of the Snowden leaks. He wanted to see if it was really true.

CHRISTOPHER AHLBERG: So we dove into that, sort of, diving into forums and product platform releases and the like.

TEMPLE-RASTON: The company trolled the Internet for al-Qaida mentions of Snowden. It downloaded versions of al-Qaida's encryption software and it discovered signs that al-Qaida had changed, specifically, it upgraded its encryption systems. For years, al-Qaida had used an encryption program written by its own coders. They called it Mujahideen Secrets. And most al-Qaida affiliates used it to scramble their communications. Since its introduction in 2007 there had been some minor updates. Then, in late 2013 after the Snowden leaks, the program got a major overhaul. Three different groups with links to al-Qaida introduced three new encryption products. It was like jumping from Windows 2.0 to Windows XP. Ahlberg says, that wasn't a coincidence.

AHLBERG: Three major product releases coming from three different organizations on the al-Qaida and associated organizations, fairly quickly after the Snowden disclosures.

TEMPLE-RASTON: Ahlberg believed this amounted to good circumstantial evidence that Snowden had had an impact. But he wanted to see how much so he called in a cyber expert.

MARIO VUKSAN: My name is Mario Vuksan and I'm the CEO and the founder of Reversing Labs.

TEMPLE-RASTON: Reversing Labs is a cyber analysis company. And Vuksan took the new al-Qaida encryption program apart to see what it was made of. As a general matter, he says, encryption is fairly straightforward.

VUKSAN: So multiple mathematical algorithms have been developed to scramble this content into a random set of letters and numbers so that only the target receiver would be able to read it.

TEMPLE-RASTON: In other words, someone might type a message in Arabic, then the encryption program turns it into random numbers and letters. The recipient on the other side can unscramble the message with a key.

Vuksan said the new version of Mujahideen Secrets is much better. The old program was built on code that al-Qaida created for itself. The new version incorporates more sophisticated open source code, which means it's probably harder to break.

VUKSAN: This is not the work of somebody who has learned the programming yesterday and is now trying to do their first, you know, hello world application. I cannot imagine that this is being developed in some cave in Afghanistan.

TEMPLE-RASTON: Ahlberg says, wherever it was developed, the complexity and timing of the software upgrade is important.

AHLBERG: This is as close to proof you can get to these guys have changed and improved their communications infrastructure post the Snowden leaks.

TEMPLE-RASTON: Others are less sure that you can draw a straight line from Snowden's documents to the changes in al-Qaida's encryption program. Bruce Schneier is a technologist and a fellow at the Berkman Center at Harvard.

BRUCE SCHNEIER: It's hard to tell. Certainly they've made changes. Is that because of the normal cost of software development or because they thought, rightly or wrongly, that they were being targeted?

TEMPLE-RASTON: Whatever the reason, Schneier says al-Qaida's new encryption program won't necessarily keep communication secret.

SCHNEIER: It is relatively easy to find vulnerabilities in software. I mean, this is why cyber criminals do so well stealing our credit cards. And it's also going to be why intelligence agencies are going to be able to break whatever software these al-Qaida operatives are using.

TEMPLE-RASTON: The NSA declined to comment.

Dina Temple-Raston. NPR News, New York.

Copyright © 2014 NPR. All rights reserved. Visit our website terms of use and permissions pages at for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.