New ISIS video suggests Paris attackers encrypted their data

New ISIS video suggests Paris attackers encrypted their data
© Getty Images

The Islamic State in Iraq and Syria (ISIS) on Sunday published a video that indicates those behind the Paris massacre last year were using encryption to hide their communications.

The 18-minute video, which was distributed via various ISIS official social media channels, features statements from what is purportedly the nine ISIS members behind the Paris assault, which left 130 dead. They are shown beheading hostages sometime prior to the attacks.

ADVERTISEMENT

"The following are the final messages of the nine lions of the Caliphate, who were mobilized from their dens to bring an entire country — France — to her knees,” reads a written statement that opens the video.

The opening images also “suggest that ISIS fighters were using the data encryption software PGP for secure communications,” according to the Middle East Media Research Institute (MEMRI), which tracks ISIS’s online behavior.

How the Paris attackers communicated in the lead-up to the Nov. 13 assault has been a hot topic for lawmakers in Europe and the U.S.

Investigators have unofficially told several media outlets they believe the assailants used encrypted apps, such as Telegram, to help plan the strikes.

Numerous policy makers in both Europe and the U.S. have jumped on these details.

“If they communicate in darkness and you can’t shine a light on it, quite honestly you just can’t stop it,” House Homeland Security Committee Chairman Michael McCaul (R-Texas) said in December. “People say, 'Why didn’t you see Paris?' It was under the radar because they were using an app called Telegram and they were communicating through an encrypted application.”

The comments have sparked a heated debate over encryption standards.

Law enforcement and government officials are pressuring major tech companies such as Apple, Facebook and Google to voluntarily decrypt data for investigators.

But many tech firms and privacy advocates has rejected these overtures, arguing that fully encrypted data cannot be unlocked. Maintaining the ability to unlock the secured information introduces vulnerabilities that can be exploited by hackers, they say. Apple has argued it cannot comply with certain court orders because of how its encryption is designed.

In response, lawmakers are working on several legislative solutions to help authorities get access to hidden communications.

McCaul is set to introduce a bill with Sen. Mark WarnerMark Robert WarnerOvernight Defense: Congressional leaders receive classified briefing on Iran | Trump on war: 'I hope not' | Key Republican calls threats credible | Warren plan targets corporate influence at Pentagon Key Republican 'convinced' Iran threats are credible Hillicon Valley: Trump takes flak for not joining anti-extremism pact | Phone carriers largely end sharing of location data | Huawei pushes back on ban | Florida lawmakers demand to learn counties hacked by Russians | Feds bust 0M cybercrime group MORE (D-Va.) that would establish a national commission to figure out how police can get at encrypted data without endangering Americans’ privacy. The pair told reporters they expect the panel would produce some technological options, instead of legislative solutions.

Sens. Richard BurrRichard Mauze BurrOvernight Defense: Congressional leaders receive classified briefing on Iran | Trump on war: 'I hope not' | Key Republican calls threats credible | Warren plan targets corporate influence at Pentagon Key Republican 'convinced' Iran threats are credible Congressional leaders receive classified Iran briefing MORE (R-N.C.) and Dianne FeinsteinDianne Emiel FeinsteinSenate confirms Rosen for No. 2 spot at DOJ Senate confirms controversial 9th Circuit pick without blue slips Graham warns of 5G security threat from China MORE (D-Calif.) want to move quicker and bypass such a commission. The top two lawmakers on the Senate Intelligence Committee are working on legislation that would force companies to comply with court orders requesting encrypted data.