Decentralised Terrorism: The Next Big Step for the so-called Islamic State (IS)?

By Loránd Bodó

Understanding terrorists’ use of the Internet is of paramount importance, especially in the context of today’s digital efforts to counter violent extremism. In particular, IS and its unprecedented, successful, multilingual and multimedia online campaigns have led to a surge of academic interest across the globe since 2014. Tech and social media companies have since started removing accounts and content associated with terrorist organisations and other (violent) extremist entities — amongst other measures.

Leaving the debate around the actual efficacy of this hard approach aside, which I briefly discussed in a previous blog post, all these efforts and tactics could soon become obsolete, particularly when IS starts successfully utilising the decentralised web and so-called decentralised applications (DApps) to evade account and content take-downs. The danger is real, and the decentralised web seems to be the next logical step for IS online.

Current technical and legal efforts

Global efforts to remove IS-related online material have largely succeeded on Facebook and Twitter, while in the case of YouTube there is no clear verdict yet. According to the Counter Extremism Project, YouTube is still failing to remove IS content, whereas Rita Katz claims YouTube has become less attractive as IS is shifting away from YouTube. But all in all, as Kalev Leetaru concludes, social media and tech companies have appropriate tools at their disposal; however, “the question is when will Silicon Valley finally decide to bring its immense capabilities to bear on its terrorism problem.” (Leetaru, 2018).

In addition, legislators are tightening the laws around removing and viewing terrorist content online. At the European level, the EU’s chief executive proposed a new law by which online platforms, such as Facebook, Google or Twitter could face hefty fines if they fail to remove violent extremist content within an hour. At the national level, the UK is currently scrutinising a new clause to the Counter-Terrorism and Border Security Bill, which would make, viewing terrorist material online in the UK — even on a single occasion — punishable by imprisonment for up to 15 years.

The vast majority of global responses to terrorist online material has been reactive and slow. When looking at all these technical and legislative efforts, a common theme emerges. Actions by IS members and supporters were met with delayed reactions by governments, tech and social media companies, which resulted in a positive (reinforcing) feedback-loop — actions by one side led to reinforced counter-actions by the other. This has resulted in an iterative and seemingly never-ending, cyclical process.

Twitter serves as an excellent example. Around the end of 2014, Berger and Morgan found that up to 90,000 IS members and supporters were highly active on the platform for radicalising and recruiting purposes, just to name a few. The fact that Twitter was exploited by IS led to a surge in account and content removals in 2015, which is still in place today. Members and supporters, however, adapted by simply creating multiple accounts and slightly changing their account handles, making it easier to be re-discovered by past ‘followers’. This process continued and eventually resulted in a ‘migration’ to a more secure platform, Telegram, in 2015. Telegram is still being used by IS and its supporters despite the site’s take-down efforts. According to Mina al-Lami, this is in part because they have not found an alternative yet.

The decentralised web and so-called DApps, however, could change this cat and mouse game forever. What the decentralised web is and how it could be utilised by terrorist organisations and other (violent) extremist entities will be explained.

The decentralised web

The world wide web, since its development by Tim Berners-Lee in 1989, has steadily evolved into an ecosystem of relatively few, but super-large corporate-controlled nodes or servers that have become the central point of authority in the network[1] (Fig. 1 — A). A centralised server-client system is currently the most widespread model for software applications and services online. Users of centralised systems are directly dependent on the central node to receive and send information. Examples include Facebook, Twitter, or Amazon. In addition, many of these online services we use daily are also distributed (Fig. 1 — C), which means that computation is spread across multiple nodes in the network to enhance performance, amongst other things. Put simply, Google does not only have one large server, but multiple ones spread across the globe.

One of the main problems with this centralised (and distributed) ecosystem is that service providers control and own the data — personal data that is given up by billions of people when using free services, such as Twitter, Google, Facebook, etc. Because of this, web developers worldwide have been working on re-decentralising the world wide web by advocating the decentralised web. According to Berners-Lee, “we’ve reached a critical tipping point, and that powerful change for the better is possible — and necessary”.

The decentralised web appears very similar to the web we know but the difference lies in the ‘middle man’ — we will no longer rely on large intermediaries or services to communicate with each other. Most importantly, the decentralised web reverses the current data-ownership model, in which users will take back full control over their data (Fig. 1 — B). Decentralised models include peer-to-peer (P2P) and various other distributed systems.

Figure 1 (Centralized, decentralized and distributed network models by Paul Baran (1964)

Why is this important? The current web ecosystem allows governments to get hands on sensitive, non-public information about a user[2] or even impose state-wide censorship, such as in China. On the DWeb, however, this would no longer be possible (or extremely difficult) because data is not stored on large corporate-controlled servers, but is in fact, stored everywhere. Besides, if one of the nodes in the network gets taken down, it will not affect the network because there is no central point of authority telling other nodes what to do. Furthermore, to communicate with others in the network, we would no longer need a platform to do so.

On the one hand, from a data protection point of view, this transformation seems positive as it would significantly strengthen privacy by giving users back control over personal data. On the other hand, from IS’ point of view, the decentralised web could offer a safe haven for storing and distributing jihadi material online because the DWeb would protect their data just as everybody else’s.

To be clear, the DWeb is not an ‘online utopia’ — it is already here and is being used. ZeroNet, for example, is an open-source project, which enables anyone to easily build a decentralised website using Bitcoin cryptography and the BitTorrent network. On its main website, ZeroNet highlights the main benefits of a decentralised website — censorship resistant, no hosting costs and always accessible; things that are attractive to terror organisations and other (violent) extremist entities online, especially in light of current take-down efforts by tech, social media companies and law enforcement (Fig. 2).

Figure 2: ZeroNet website

The DWeb and IS

A case from early 2017 demonstrates that IS members have already experimented with the decentralised web. Samata Utallah created and ran a library for terrorists from his bedroom in Cardiff, which was frequently accessed by many supporters worldwide. His library contained how-to-guides and other dangerous material. He also admitted to experimenting with ZeroNet to develop a version of his blog on the decentralised web but was arrested before he could implement his plans.

This was not the only case of IS experimenting with the DWeb and DApps. According to MEMRI Cyber & Jihad Lab, IS and its supporters began experimenting with a new messaging platform, called Riot, in 2017. Mina al-Lami and her team at BBC Monitoring have also recently monitored continued efforts of using Riot. What makes it so attractive is that it is built on top of Matrix, an open network for secure and decentralised communication. In terms of security, this means that Riot users are protected through end-to-end encryption and most importantly, only devices involved in the conversation can read, send and receive information. Even the servers, which can be freely chosen by IS, will not have any access to what is said or sent. Apart from these security-enhancing features, Riot offers handy collaboration and sharing tools, and could become the next enhanced version of Telegram.

Figure 3: — Why Riot?

This is timely, given the fact that Telegram recently announced it might disclose users’ IP addresses and phone numbers if they received a court order. With all the benefits of using decentralised applications, platform migration seems more and more imminent. When and how this will happen and above all, how well it will be implemented is another question. But the decentralised web seems to be the next logical step not only for IS, but also for other (violent) extremists online trying to evade authorities and take-downs. Current efforts around pressurising tech and social media companies to take greater responsibility and action, as well as tightening EU and national laws will not be sufficient. The debate needs to be broadened to include questions about emerging technology, such as the decentralised web, its uses and appropriate responses to it.


[1] Barabas, C., Narula, N. & Zuckerman, E. (2017). Defending Internet Freedom through Decentralization: Back to the Future? The Center for Civic Media & The Digital Currency Initiative MIT Media Lab.

[2] Usually if a valid legal request is provided.

Lorand Bodo is a Senior Researcher at Ridgeway Information. You can follow him on: @LorandBodo

Leave a Reply