Connect with us

Intelligence

THE FSB and SIGINT: Absolute Power at Home and Abroad

Published

on

The Russian Federal Security Service (FSB) should easily be considered one of the most influential and powerful intelligence organizations in the world today. Its primary functions and roles include: law enforcement, counterintelligence, domestic surveillance, and internal intelligence functions at the national level.

These roles mirror many of the functions assigned to the Federal Bureau of Investigation in the US (FBI). However, while many of these functions would put the FSB squarely in the realm of law enforcement instead of security or intelligence, the FSB also has mission responsibilities that organizations such as the FBI do not. The most significant being the mission of signals exploitation (SIGINT). This article focuses on the SIGINT capability of the FSB and its threat to US political, economic, and diplomatic policies as well as the threat in the new environment of cyber espionage.

Initially an internally focused organization, the FSB threat profile changed in 2003 when, under Presidential Edict No. 314, the missions and authorities of the Federal Agency for Government Communications and Information (FAPSI) were transferred to the FSB. This meant the FSB would now have both the resources and authorities for SIGINT collection against its adversaries and information assurance for all Russian government information systems. This transition established the FSB as a much larger player in the intelligence exploitation community and a larger threat to US interests. Most Western intelligence services separate the responsibilities and missions of SIGINT to a single intelligence organization, like the National Security Agency (NSA) in the US, which has only that authority. Other intelligence services handle matters such as counterintelligence and military-related intelligence. This is not the case with the FSB, which after Presidential Edict No. 314 controls elements of all major aspects and disciplines of intelligence, essentially giving it both unfettered access to collected intelligence as well as the ability to potentially restrict other Russian organizations from accessing the collected data. What exists is a single intelligence service with the capabilities to conduct human intelligence, counter-intelligence, law enforcement, border security, counter-surveillance, and signals collections. This represents a significant amount of authority and global reach that cannot be compared to any one intelligence service within the US or most other modern developed states. With the transition of SIGINT responsibilities, increased authority on border security, and cryptographic responsibilities to the FSB, the comparison of it to the US Intelligence Community also transitioned. Its domestic protection roles still most closely align with the FBI, but its SIGINT responsibilities mirror that of the National Security Agency (NSA), while the border security functions are more akin to the US Customs and Border Patrol (CBP) or even Immigration and Customs Enforcement (ICE).

On top of all of this, the FSB has become increasingly connected to all issues cyber as well. The world continues to become more interconnected. The internet has become an integral part of our daily lives and, for some, even a necessity. It supports everything from e-commerce to sensitive governmental correspondence. So when a country’s intelligence service inserts itself into business transactions, there becomes an increased risk that sensitive data could be syphoned off and used to support both commercial and national intelligence interests at home and abroad. Even though the Russian IT registration requirement is only for private companies operating within Russia, this means little in the interconnected world of the internet where data crosses many geographical boundaries between transmitter and receiver. The internet is a medium susceptible to signals collection just like any other and when countries or intelligence services have access to all internet-based traffic that falls within their borders, then that threat is not only very real but actually amplified.

One example of this threat is the Russian SORM program. SORM, or System for Ensuring Investigated Activity, is a mechanism that permits the FSB to monitor all phone and internet traffic coming in and out of the Russian Federation. While arguments are that this program is a law enforcement and internal security tool, the FSB still remains an intelligence service with a mission set that goes beyond internal security and law enforcement. It is worth noting that until a Russian Supreme Court ruling was handed down in late 2000, the FSB was under no obligation to inform Internet Service Providers (ISPs) that agents were accessing the system. The work undertaken by the FSB to support signals exploitation is not just limited to Russian companies, therefore, but extends to international entities with a presence in the Russian Federation.

On 11 April 2011, for example, a government source told the Interfax news agency that the FSB was not proposing a ban on Gmail, Skype or Hotmail in Russia. The FSB expert speaking at this meeting only expressed concerns that a number of those servers provide services outside of the national legal framework. The inferred concern was that because these companies utilize encryption for securing the communications of users, and none of them are directly based in Russia, the FSB requirement under SORM may not be implemented properly. It is interesting that the FSB would take the time for an interview to highlight its effort to find a solution to make the functioning of these services on Russian territory ‘comply’ with national laws. This statement, while perhaps innocuous on the surface, speaks to the potential level of penetration the FSB can gain into all aspects of communications, both traditional and emerging.

On 8 June 2011 Microsoft Russia made a statement with respect to the FSB and the on-line communications service Skype. In a statement carried by the Russian Federal Security Service-owned but supposedly editorially-independent Russian news agency Ekho Moskvy, Microsoft denied claims it had provided the FSB with encryption algorithms for the internet service. It did, however, admit that the source code for the program was provided. With its charter to protect and monitor cryptographic systems for the Russian government, the FSB has access to those individuals who both create and decipher cryptographic algorithms as part of the newly transferred FAPSI functions. With these vast resources, it is not a giant leap of logic to think the FSB will be sorely tempted to conduct eavesdropping on any entity it wishes, without the support of said company, as long as a suitable connection to ‘national security’ is found.  

These two examples are a sample of how cyber seems to be a new focus of FSB SIGINT collection efforts. And while, for now, they focus solely on what has occurred within Russian territory, it is important to note the FSB has recognized links in over 80 countries and formal offices in at least 18 of them. This level of global reach and interaction means its SIGINT mission can be transferred anywhere the FSB maintains a presence. As these capabilities are deployed, they provide the FSB with a larger SIGINT capability than most intelligence agencies around the world. The FSB of course formally declares that it honors all international treaties and pursues only legitimate inquiries that hold potential harm to the sovereign interests and national security of the Russian Federation. The problem, of course, is just how fungible those sovereign interests might be over time and how relevant the old adage about absolute power corrupting absolutely might become.

Continue Reading
Comments

Intelligence

How 4chan Radicalizes Youth and Grooms Them Towards Terrorism

Published

on

The image board was started in 2003 to discuss anime and various other topics but festered into a safe space for hateful rhetoric soon after. In the aftermath of yet another racially motivated mass shooting by a frequent user, its dangers have finally reached the mainstream.

4chan is an extremely unique website. It has been running since 2003, and over the course of almost 20 years, has influenced many internet memes and phenomena. However, in the wake of the European Migrant Crisis in 2015 and the 2016 Presidential Election, it became associated with white supremacy, especially on its /pol/ board. This hateful rhetoric festered, worsening in 2020 during the COVID pandemic and George Floyd protests. 4chan was sprung into the spotlight once again on May 14th, 2022, when a white supremacists livestreamed his massacre of a supermarket.

This attack, fresh in American’s minds, led many to question why 4chan is still allowed to exist. This comes after 4chan’s rhetoric inspired a 2015 mass shooting in Oregon and its users aided in the organization in the Unite The Right Rally and the January 6th Riots. Clearly 4chan is a hotbed for far-right terrorism. But why is this image board the way it is? The answer lies in its lax moderation of content.

Upon looking at 4chan, you will find it is mostly made up of pornography. However, if you go on the site’s /pol/ board, it does not take long to find the kind of rhetoric that radicalized the Buffalo shooter. One particular post I found featured a racist joke at the expense of Black people. Another was praising fighters in the Ukrainian Azov battalion while joking about killing trans people. Yet another post complained about an “influx of tourists” due to the Buffalo shooter, who they insulted with an anti-gay slur. These memes and jokes seem to appeal to a younger, perhaps teenaged audience. It is clear that they are still trying to recruit youth into their ranks even after the tragedy in Buffalo.

The content is, to say the least, vile. The fact that this stuff is permitted and encouraged by not just the userbase (which numbers in the millions) but also many moderators tells us that there is something fundamentally wrong with 4chan. In fact, copies of the livestreamed Buffalo massacre were spread widely on 4chan to the amusement of its userbase.

Many of the users on 4chan are social rejects who feel as if they have nothing to lose. They feel unaccepted and alienated from society, so they turn to 4chan. Many harmful ideologies, such as White supremacy and incel ideologies, seem extremely validating for these dejected youth.  Young, socially alienated men, who make up the majority of 4chan’s userbase, are also among the most vulnerable demographics for radicalization.

What can we do to prevent further radicalization of youth and deradicalize those already affected by harmful rhetoric? First of all, we need to either heavily regulate 4chan or have it shut down. There is no space on the internet for this kind of hatred or incitement to commit horrific acts like what happened in Buffalo. For those already radicalized, we need to perform a campaign of deradicalization among those affected by this rhetoric. But how can this be done?

4chan prides itself on anonymity, so it is difficult to figure out who uses it. Thus, education on radicalization and identification of propaganda is vital. This education should focus on adolescents mostly due to their predisposition towards radicalization when exposed to hateful rhetoric. While White supremacy must be emphasized, other forms of radicalization should be mentioned as well such as Jihadism and other forms of ethnic supremacy. Finally, tolerance must be fostered among all people, not just those at risk of becoming groomed into terrorism.

The age of 4chan has spawned many humorous memes, but it has since become a hotbed for hatred and terrorism. Since memes are able to convey dangerous ideas, websites like Reddit and Facebook need to be heavily regulated to prevent the dissemination of dangerous misinformation. It is unlikely that 4chan will ever moderate itself, as lack of strict moderation is its defining feature. Thus, it has overstayed its welcome and no longer has a place in today’s information-driven society.

Continue Reading

Intelligence

New ISIS Strategy and the Resurgence of Islamic State Khorasan

Published

on

ISKP Uzbek Jihadist

Unlike Abu Ibrahim al-Hashimi al-Qurayshi, the second late leader of ISIS, who was derided as a “secluded paper caliph” and “an unknown nobody” for his relative anonymity and non-publicity, the new caliph of the Islamic State, Abu al-Hassan al-Hashimi al-Quraishi, has apparently launched a new strategy to strengthen linkages to regional wilayahs (provinces) and boost the group’s global presence.

Indeed, during his short time leading the group (31 October 2019 – 3 February 2022), Abu Ibrahim al-Qurayshi never publicly addressed his followers, which negatively affected the coordination of the activities of Islamic State-Central (ISC) and its regional branch of the Islamic State Khurasan Province (ISKP). Although his killing during a US counterterrorism raid in northwest Syria in early February was a major blow to the global jihadi organization, the change in leadership nevertheless provided it with new opportunities to update its command-and-control, recruitment and propaganda campaign.

Predictably, Abu al-Hassan al-Hashimi al-Quraishi, the new ISIS overall leader, sees his historical role not only in ensuring the Caliphate’s continuity and avoiding its potential fragmentation but also in establishing a more direct and consistent command line between its core in Iraq and Sham and its Central and South Asian affiliates.

ISIS collage dedicated to rocket attack on Uzbek Termez

The new strategy of the Islamic Caliphate not only gave a new impetus to its Khorasan offshoot waging a holy jihad in post-American Afghanistan against the Taliban but also opened a new front line against the post-Soviet Central Asian regimes. Indeed, the analysis of ISKP activities revealed that the proclamation of Abu al-Hassan al-Quraishi as the new Caliph and the launch of a new campaign “Revenge Incursion for the Two Sheikhs” increased the combat capability of IS Uzbek and Tajik fighters, as well as strengthened the coordination of local language and IS-Central propaganda machines.

Notoriously, on April 17, ISIS launched the new campaign “Revenge Incursion for the Two Sheikhs” to avenge the deaths of the former ISIS leader, Abu Ibrahim al-Qurayshi, and his official spokesperson, Abu Hamza al-Qurashi, who were killed in a US raid in February in the northwest Syrian town of Atmeh. In his recent audio address, Islamic State’s new spokesman Abu-Omar al-Muhajir called on the Caliphate warriors to avenge the deaths of the former ISIS leaders by “painfully striking” the enemies of “al-mujahideen” and saying that if they kill, they should “kill by many.” This call was made to the group’s followers worldwide and asked them to remain patient, but also be ready when the “war” begins. Al-Muhajir called to expand the campaign “Revenge Incursion for the Two Sheikhs” to the territory of US, Europe and Central Asia, urging Muslims living there to follow the lead of past “lone wolves” who conducted operations that “filled with horror.” He asked them to repeat “lone wolf” operations by stabbing, attacking, and ramming, and drawing inspiration from recent attacks in Israel.

ISKP Threat to Central Asia

Among the first to support the Islamic State’s new ‘global offensive’ campaign were ISKP Uzbek and Tajik jihadists challenging the new Taliban government and dreaming of overthrowing the ‘Taghut (idolaters) regimes’ in Central Asia. Thus, inspired by the new Caliph’s new strategy, for the first time in the history of the Islamic State, they managed to conduct a transnational jihadi operation from Afghanistan to the territory of Uzbekistan and Tajikistan.

Initially, on April 18, 2022, the ISKP fired ten rocket salvos into the territory of Uzbekistan, which was successfully exploited by the Uzbek-speaking regional jihadi media and IS-Central’s propaganda resources as evidence of the opening of a “second front” in the Central Asian direction. Expert assessments clearly observed the good coordination between the IS-Central’s media and ISKP’s local jihadi mouthpieces, both in terms of Islamic ideological content and hierarchical sequences.

ISKP Uzbek nasheed performer Asadulloh Urganchiy

The Islamic State-Central’s Amaq News Agency reported that “Mujahedeen of the Caliphate have fired 10 Katyusha rockets at a murtad (apostasy) Uzbekistan’s military base in the border town of Termez.” The ISIS central media wing also released a photo and video of the projectiles to back its claims. Another IS-Central’s weekly al-Naba newsletter also widely covered the topic of rocket attacks by detailing how the projectiles were fired from Afghan territory on the Central Asian nation.

Following IS-Central official news agencies reports, IS-Khurasan Willayah’s local media outlets, such as Al-Azaim Foundation and Khurasan Radio, the Uzbek-language Xuroson Ovozi (Voice of Khurasan), Tavhid Habar (Tawhid News), Tajik-language Telegram channels Mujahideen of the Caliphate and The Army of the Victorious Nation published a series of audio, video and text messages in Uzbek and Tajik detailing the goals, causes, and consequences of the rocket attack. In particular, Al-Azaim Foundation glorified the rocket attack as “the heroism of the brave lions of Allah Almighty punishing the corrupt army of the murtad Uzbek government.”

The ISKP media outlets were extremely outraged by the Uzbek government’s denial of the rocket attack, claiming that nothing had landed on their territory. In response, pro-ISKP Uzbek, Tajik and Russian Language Telegram channels re-posted IS-Central’s statement, photos, videos of the attacker and a map marked with the possible rocket impact location in Termez.

Central Asian Salafi-Jihadi experts’ attention was drawn to a 24-minute audio address of Khuroson Mujahid, the leader of ISKP Uzbek group, whose speech style and ideological views strongly resembled the late ISIS chief strategist Abu Mohammed al-Adnani. His speech revealed that the ideological vision of ISKP Central Asian jihadists, staunch followers of Takfiri Salafism, is in line with the Islamic State’s global agenda. He considers democracy to be the religion of “murtad states” of Central Asia, the Taliban government and Pakistan. He believes that due to committing shirk (idolatry), deviating Allah and doubting Tawheed (God’s Oneness), the leaders of taghut countries should be killed.

Considering Khuroson’s oratorical skills, Takfiri persuasion and ideological savvy, it is quite possible that the ISKP recruitment and incitement campaign will intensify in Central Asia in the near future. Obviously, the engagement between IS-Central and ISKP in the military, media and ideological directions reached a new level in the more permissive operating environment of post-American Afghanistan.

On May 7, the ISKP carried out a second rocket attack, this time into Tajikistan. According to the Central Media Office (Diwan al-I’lam al-Markazi) of ISIS, “Caliphate’s fighters fired seven rockets from the Khawaja Ghar district of Afghanistan’s Takhar Province towards the Tajik military base near the city of Kulob.” The rocket attacks on the territories of Uzbekistan and Tajikistan for three weeks nevertheless mark a clear escalation by ISKP Central Asian foreign fighters from just hostile anti-five post-Soviet “murtad governments” rhetoric to direct militant action.

Notably, the methods of media coverage of both attacks and the engagement between IS-Central and ISKP’s local media resources were clearly similar. The algorithm of their actions was in line with the new ISIS strategy. Thus, IS-Central posted a brief information about the rocket attacks with video and photos, then the Tajik, Uzbek and Pashto-language local media resources of ISKP glorified the “warriors of Allah”. The Uzbek-language pro-Islamic State Telegram channels Islomiy Maruza Davat Guruh, Khuroson Ovozi, Tawheed news, the Tajik-language Telegram channel of Ulamoi Rabboni (إنَّ اللّٰهَ مَعَنَا) actively propagated ISKR rocket attacks, undermining the image and credibility of the military potential of Tajikistan and the Taliban.

These Central Asian pro-IS media resources, supported by IS-Central propaganda bodies and comprised of a constellation of official branch outlets, regional pro-ISKP groups, and grassroots supporters have become a prominent voice aggressively impugning the Taliban’s reputation in the global jihadi world. Such method makes it possible to preserve the hierarchical structure and maintain a uniform media strategy of the global jihadi group. This reflects that after the fall of the Caliphate and a series of dramatic losses of its leaders, ISIS has learned a bitter lesson and is now moving from centralizing power to strengthening its wilayahs.

Apparently, the ISKP seeks to broaden its appeal in Central Asia both through increasing cross-border attacks against Afghanistan’s neighbors and ramping up the production, translation, and dissemination of propaganda directed at Uzbek, Tajik, and Kyrgyz communities in the region. These rocket attacks and ISKP’s propaganda campaigns targeting Central Asians for recruitment are any indicators, the group has become a serious jihadi power challenging not only the Taliban government, but also the post-Soviet authoritarian regimes. Through its Uzbek, Tajik and Pashto-language Telegram channels, the ISKP is conducted an unprecedented activity to recruit Central Asian jihadi groups affiliated with al Qaeda and the Taliban, as well as new radical Islamists from the Fergana Valley.

Future of ISKP Central Asian Jihadists

Obviously, the ISKP is exploiting the US military withdrawal from the region and the Afghan Taliban’s deviation from the hardline jihadi concept by successfully portraying their government as a Pashtun ethno-nationalist organization rather than a bona fide Islamic movement.

In conclusion, it is to be expected that the ISKP will actively capitalize external operations to undermine the legitimacy of the Taliban government, which assured the US and Central Asian neighbors not to allow Afghan soil to be used to attack Afghanistan’s neighbors. Strengthening cross-border rocket attacks has already raised the morale of ISKP fighters and consolidated its support base.

Thus, the new Islamic State’s strategy to strengthen its offshoots in its provinces is quite capable to reestablish its positioning in the broader global jihadi movement, which we see in the example of IS-Khorasan Province.

Continue Reading

Intelligence

How Memes Can Spread Dangerous Ideas

Published

on

Internet memes are an excellent way to send powerful messages to millions of people. But what happens when they are used for malicious purposes?

Memes have been a means of transmitting messages for centuries, proliferating immensely in recent decades due to their mass proliferation through the internet and their ability to broadcast messages to a massive audience. They have quite a bit of cultural significance and can be based on almost anything, provided they achieve viral status. However, memes have been subject to abuse by malicious groups and actors.

From the Blue Whale Challenge, an internet challenge that resulted in multiple suicides worldwide, to terrorist organizations like ISIS, which use internet memes to recruit young people, memes can be used for malicious purposes. Even toxic subcultures like MGTOW serve as a pipeline towards the incel movement. Indeed, such male supremacist organizations are not strangers to using memes and viral media to propagate their ideas and recruit young men and boys to their cause. In fact, one influencer, who goes by Sandman MGTOW, often posts such misogynistic memes and videos on his Twitter and YouTube channel.

These kinds of memes are easily identifiable by their bias towards a specific issue and their often-political message. One great example of a meme that has been subject to abuse by malicious actors is Pepe the frog. Based on a character by Matt Furie, this meme was abused by the alt right, being depicted as controversial figures such as Adolf Hitler and Donald Trump. The meme was so badly abused by these far-right actors that it was listed as a hate symbol by the ADL.

Memes have also influenced major world events like the 2016 election in the United States and the Arab Spring revolutions in the early 2010’s, which garnered immense media attention through the use of internet memes and viral media. This shows that memes can have the power to influence elections (albeit slightly) and topple oppressive regimes. Being a powerful tool for spreading information, there is also the use of memes for spreading misinformation.

The COVID-19 pandemic mediated a sizeable but modest anti-vaccine movement in countries like the United States, Canada, and Germany. These anti-vaxx groups used social media like Facebook and Reddit to spread memes full of misinformation and pseudo-science It can also be argued that memes were effective tools in spreading misinformation around the elections of 2016 and 2020 in the United States. Memes, while powerful, can be used by malicious actors such as far-right groups and anti-vaxx groups to peddle false information. This has contributed to the US having a COVID death toll of over one million, higher than most other countries worldwide.

The world has progressed quite a bit in the information age. People are able to communicate ideas with millions of people worldwide in seconds. The proliferation if information has never been more efficient in history. That is why the threats that arise from the mass proliferation of memes and viral media are so dire. As was seen during the 2016 and 2020 US elections, COVID, and Arab Spring, memes can be spread to convey messages that can change nations, affect millions (perhaps even billions) of people, and topple dictators. It has become possible for people to change the course of history with a single tweet or a single meme on Reddit or Instagram going viral.

What can we do to stem the massive proliferation of memes that serve to recruit people into dangerous organizations and fill their minds with misinformation? The answer lies in how we confront our biases and how we detect misinformation. People need to be informed about how they can detect bias and propaganda, in addition to using independent fact-checking services. By identifying propaganda from malicious actors and misinformation from online groups, we can stop the spread of dangerous memes before they proliferate.

Continue Reading

Publications

Latest

Trending