As the recent attacks in Paris demonstrated, we’re beginning to deal with a new type of terrorist — one that isn’t hiding in the mountains but, instead, is tech savvy, using multiple forms of modern communication to plot attacks.
Frustratingly, it appears these terrorist communications are happening in plain sight yet still go undetected. For example, it’s recently come to light that the terrorists behind the Paris attacks may have used Sony PlayStation 4’s chat feature to communicate. If this is confirmed, it wouldn’t be the first time gaming systems were used by terrorists. In June 2015, a 14-year-old Australian boy used Sony’s console to reach out to ISIS and download bomb-making instructions. He was caught, pleaded guilty, and was sentenced to two years in jail. And in 2013, Former CIA Employee Edward Snowden released information indicating that the National Security Agency and CIA used games like World of Warcraft to infiltrate virtual terrorist sites.
If the intelligence community is aware of this method of terrorist communication, you may wonder how it could go undetected — especially considering most gaming communications aren’t encrypted.
The challenge with monitoring online gaming systems is the number of users. For example, Sony has more than 100 million users, creating too much chatter for agencies to make sense of. Also, terrorists are good at hiding their messages. I recently read an article suggesting terrorists could communicate in in games like Call of Duty by having a spray of bullets spell out a message. This type of communication is impossible for anyone to track.
There’s also encryption technology, like Signal, Wickr, and Telegram, readily available to terrorists and free to download online. While there’s no definitive evidence, many believe the terrorists behind the Paris attacks used this type of encryption technology and government intelligence didn’t have keys to decode it.
While one of our best defenses against terrorism is monitoring communication, there are mixed feelings on that. Months ago, I wrote a blog about several governments, including the U.S., requiring technology companies to release their encryption keys to make it easier for intelligence agencies to decode messages. While the government wants this technology to spy on terrorists, the fear has always been the government would spy on U.S. citizens. Both the technology companies and many civil liberty organizations would prefer that such access is provided through a court order, but with the recent Paris attacks, I wonder if their opinion will change.
If we can’t identify ways to track terrorist communications, what’s preventing another attack?