Terrorists need to communicate, too. And how they do it might surprise you.
Security firm Trend Micro recently analyzed thousands of alleged terrorist accounts to see how they communicate online. The company found that Google’s (GOOG) Gmail was the most popular email application among terrorists it analyzed, accounting for 34% of all accounts. Next up was the encrypted Mail2Tor with 21%, followed by other secure services, like Sigaint at 19% market share. Interestingly, Yahoo (YHOO) Mail also found its way into the list, with 12% of the more than 2,300 accounts Trend Micro analyzed relying on that platform for email services.
When it comes to instant messaging, however, alleged terrorists tend to go a bit more underground, Trend Micro says. The security company says that 34% of the accounts it analyzed were running on Telegram, an encrypted communications protocol that hides a person’s identity. Other similarly silent apps, including Signal and Wickr, were also popular. However, Facebook’s (FB) WhatsApp tied for second-most-popular chatting service among alleged terrorists, nabbing 15% market share.
The findings come at a time when debate over how to target and intercept terrorist plots as they communicate online has hit a fever pitch.
Get Data Sheet, Fortune’s technology newsletter
Most recently, Apple (AAPL) waged a battle with the FBI over whether it should be forced to help the agency unlock the iPhone 5c used by Syed Farook. While the case was eventually dropped after the FBI obtained a tool to unlock the handset itself, it prompted a firestorm in Silicon Valley. Apple, along with other industry titans, promised secure digital communication and privacy. Facebook’s WhatsApp went so far as to ensure end-to-end encryption across all of its apps.
Law enforcement agencies, meanwhile, have railed against such protests. While they’ve acknowledged that they support digital privacy, FBI Director James Comey, among others, has long said that preventing law enforcement officials from having access to terrorist communication can put people in danger.
Those concerns come in the wake of increasingly sophisticated efforts on the part of the Islamic State and others to use technology to communicate. While Trend Micro’s data suggests that much of that communication occurs on encrypted channels away from the prying eyes of governments, they’ve also used social media and used readily accessible forums to spread propaganda.
“One of the clearest differences between cybercriminals and terrorists is their desire to spread propaganda,” Trend Micro said in its security report. “While cybercriminals’ main goals are to commit cybercrime and stay hidden while they do it, terrorists aim to have their content go viral.”
The company added that “terrorists and their supporters use Twitter and Facebook not only to spread propaganda but also to communicate with each other and potential converts.”
That issue has prompted Presidential candidates, including Republican Donald Trump and Democrat Hillary Clinton, to call on Silicon Valley to work with the U.S. government to combat terrorism.
For more about ISIS, watch:
“Technology’s often called the great disrupter, and it has been in work and communications, so much else,” Clinton said in a speech in December. “But we need to put the great disrupters to work in disrupting ISIS and stopping them from having this open platform for communicating with their dedicated fighters and their wannabes, like the people in San Bernardino.”
Technology companies have actually been quite active at disrupting ISIS communications. Indeed, Trend Micro pointed to Twitter (TWTR), saying that it’s “cracking down on accounts that open support and spread terrorist propaganda by banning those accounts outright.”
A Twitter spokesperson echoed that sentiment to Fortune, saying that Twitter has suspended many terrorist-related accounts.
“We condemn the use of Twitter to promote terrorism and the Twitter Rules make it clear that this type of behavior, or any violent threat, is not permitted on our service,” the spokesperson said. “As the nature of the terrorist threat has changed, so has our ongoing work in this area. Since the middle of 2015 alone, we’ve suspended over 125,000 accounts for threatening or promoting terrorist acts, primarily related to ISIS.”
Google and Facebook, which have also cracked down on militant-related accounts, did not immediately respond to a request for comment.
But terrorist groups aren’t just stopping with social media. Trend Micro said that as their efforts have been dashed online, they’ve built their own “customized” tools to communicate. Those tools include an encrypted email application called Mojahedeen Secrets, a mobile app called Tashfeer al-Jawwal, and even an Android-based news app for “terrorist-related actions,” called Alemarah, according to Trend Micro.
For its part, Trend Micro believes that the sophisticated strategies used by terrorist groups online creates a “significant challenge for federal and international law enforcement.” However, the U.S. government might have already found a way in.
Last week, The New York Times reported that the U.S. Cyber Command, which is run by the NSA, has been hacking ISIS for quite some time. Those efforts have been focused on rerouting cash payments to militants and even issuing fake commands to direct militants to areas where drones are waiting.
“We are dropping cyberbombs,” Robert Work, Deputy Secretary of Defense, was quoted as saying. “We have never done that before.”