Telegram and IS: A Potential Security Threat?

RSIS Commentary is a platform to provide timely and, where appropriate, policy-relevant commentary and analysis of topical issues and contemporary developments. The views of the authors are their own and do not represent the official position of the S. Rajaratnam School of International Studies, NTU. These commentaries may be reproduced electronically or in print with prior permission from RSIS and due recognition to the author(s) and RSIS. Please email: RSISPublications@ntu.edu.sg for feedback to the Editor RSIS Commentary, Yang Razali Kassim. 

---

No. 256/2015 dated 25 November 2015

Telegram and IS:
A Potential Security Threat?

By Dymples Leong

Synopsis

The removal of 164 Islamic State-related channels on Telegram highlights the savviness of the group in the usage of encrypted and secure messaging applications, and also draws to attention the difficulties of governments in balancing the right of privacy and the security capabilities of preventing attacks against countries.
Commentary

FOLLOWING THE recent attacks in Paris by Islamic State (IS), Telegram, an encrypted messaging application platform based in Berlin, blocked access to 164 IS-related channels in 12 languages made by the terrorist group and its supporters. The revelations added to concerns raised since December 2014 that the secure messaging app was used by IS as a preferred choice to disseminate its propaganda. But what makes Telegram so popular amongst supporters of IS?

Originally built by founders Pavel and Nikolai Durov as a means to restrict Russian security agencies’ access to their private communication, Telegram gained increased popularity as the fastest and most secure mass market messaging system, following the revelations by Edward Snowden of mass government surveillance by the United States.
Why the popularity?

Telegram has around 60 million users worldwide on its app. In the post-Snowden era, claims that Telegram cannot be monitored or disrupted by government surveillance or interference has caused users from mass market messaging platforms such as Whatsapp and Line to switch to Telegram. Touted as an ultra-secure and easy way to upload and share videos, text and voice messages; Telegram demonstrates the preference of IS supporters to the application with three features: Secret Chats, bots, and Channels.

Although somewhat similar to Snapchat, Telegram takes it a level higher with Secret Chats, employing end-to-end encryption of messages and enables the usage of self-destruct timers for messages, photos, videos and files sent within two parties, which will disappear from both devices. Encryption keys enhance the security of the secret chat, providing additional security in preventing potential man-in-the-middle attacks.

Bots are also used to propagate the ideology of IS. Bots can be created on in a chat or channel, enabling third party developers using simple Application Profile Interfaces (API) to create a bot, allowing it to connect with users. The bot then handles messages, with group members conversing with the bot as one would with a human. Research conducted by MEMRI’s Jihad and Terrorism Threat Monitor reveals that a handful of IS Telegram bots disseminate propaganda in different languages.

Telegram’s new feature ‘Channels’ enables the broadcast of individual messages to unlimited public audiences. These publicly available broadcasts enable IS to distribute propaganda, transfer very large file videos, advertisements calling for monetary donations, sharing of sermons, news of military victories, and more recently, broadcasting press releases with the intention to recruit and inspire followers – all in real time. It was revealed that the group used Telegram to disseminate its claims of responsibility for the Parisian attacks and the October bombing of the Russian Metrojet airplane.

Furthermore, interested parties could easily connect with the group’s members on these channels. The group has also directed its Twitter supporters to use Telegram channels, as Twitter accounts could be cross-checked and taken down. As of August 2015, Telegram’s volume of messages stood at an astounding 10 billion messages every day.

Implications of the usage of Telegram
Security analysts estimate that these Telegram channels attracted up to 16,000 followers. The savviness of the group presents an obstacle for security agencies in countering ideology, who have to deal with IS supporters who are digital natives and are up-to-date with the latest technology developments. Even as IS-related channels were shut down, supporters began creating channels immediately in new locations on Telegram. One new channel, Trendit, has garnered up to 500 followers following the removal of the channels.

Telegram takes down offensive public content by reviewing user reports. Public broadcast channels, similar to Rich Site Summary (RSS) feeds, provide the potential for greater reach than private communications. Yet unreported channels are still online and remain operational. Though IS-related channels were removed, direct channels between IS supporters in individual chats (such as Secret Chats) remain, allowing followers to forward information about new channels, with different aliases. This back-and-forth of account removal and creation will only continue as encrypted messaging apps provide room for the group’s supporters to operate away from the eyes of surveillance.

In September 2015, Durov affirmed claims that terrorists were utilising Telegram to communicate, but stressed that privacy was more important than the fear of terrorism occurring. He highlighted that terrorists would use any available secure communication channel to communicate within themselves. The Parisian attacks may have pressured Telegram to take necessary action for the removal of IS-related channels. However, Telegram was swift to stress that its founding principle of the freedom of speech remains unchanged, with Durov stating that policies towards private chats will continue to remain as status quo.

The security conundrum

Some governments have used the Paris attacks as a clarion call for the weakening of technological capabilities such as encryption, stating that encryption hampers proficient intelligence and security gathering. Encrypted messaging applications such as Telegram have resisted government and third party interference till now. John Brenan, the Director of the Central Intelligence Agency (CIA) recently highlighted the frustrations regarding national security agencies’ inability to access content from encrypted communication applications in the surveillance of terror groups such as IS.

Governments, especially in the West, are often restricted by civil liberty concerns such as the right to privacy, which is highly espoused by Telegram. Fears that a close adherence to the right of privacy could lead to a blind spot for security agencies has seen others calling for the creation of ‘back doors’ to apps such as Telegram’s. However, there is a danger of non-government actors hacking and exploiting the same back channel and accessing information. Legislation to weaken encryption efforts of technology providers will continue, with draft legislation being drawn in Britain giving security agencies access to communication records of suspected extremists.

Telegram has consistently mentioned that terrorist groups will find secure channels to communicate in. However the scrutiny and political pressure by critics and governments fearing that strong commercial encryption could hinder investigative mechanisms of security agencies will not abate. The question that governments, regulators and technology providers have to ask is to what extent should the line be drawn to find the delicate balance between the rights to privacy in communication and the right to disrupt any potential threats to national security.

Dymples Leong is a Research Analyst at the Centre of Excellence for National Security (CENS), a constituent unit of the S. Rajaratnam School of International Studies (RSIS), Nanyang Technological University (NTU), Singapore.

Click HERE to read this commentary online.