The next day after the terrorist attack to Paris perpetrated by the Islamic State (ISIS), the hacker association Anonymous published a video declaring the war to ISIS, and they in turn responded to these calling them ‘Idiots’; however, the hacker group Ghost Security Group and his partners are also fighting against ISIS before Anonymous’ announcement.
The ISIS “Cyber Army” attempted to make a joke: “What they gonna hack…all they can do is hacking twitter accounts, emails, etc…”
But really what are the real thread to ISIS this hacker activities? first we need to know the participants in this cyberwarfare.
The Islamic State of Iraq and the Levant (ISIL), also known as the Islamic State of Iraq and Syria (ISIS) or simply Islamic State (IS), is a Wahhabi/Salafi jihadist extremist militant group, self-proclaimed to be a caliphate and Islamic state.
Anonymous is an associated international network of activist and hacktivist entities. The group describes itself as “an internet gathering” with “a very loose and decentralized command structure that operates on ideas rather than directives“.
Ghost Security Group (@GhostSecGroup) is a self-described counter terrorism network that combats extremism on the “digital front lines” utilizing the internet and social media as a weapon. It is considered an offshoot of the Anonymous hacking collective. The group gained momentum after the Charlie Hebdo shooting and terrorist attacks in Paris in January and November 2015. The group uses social media hashtags like #GhostSec or #OpISIS to promote its activities.
Controlling Section (@CtrlSec) are specialized in data collection, linguistics, social media account infiltration, surveillance and threat analysis. They joined GhostSecGroup in counterterrorism operations combating extremism on social media, detecting threats and reporting information on a global scale through continuous monitoring and reconnaissance.
Kabita Des Narvalos (@KatNarv) is a French intelligence group created as a response to the Charlie Hebdo attacks in Paris, France. Their original objective was to highlight terrorism through parody however the group has since evolved and has access to information channels and provides to GhostSecGroup deep analysis regarding current trends in the ongoing fight against terrorism.
Peshmerga Cyber Terrorism Unit (@IPCTU) are a group of soldiers affiliated and serving with the Peshmerga military in Iraq. They are capable of relaying real time information from the actual conflict zones and neutralizing hostile assets and infantry while providing GhostSecGroup with data on enemy communications and troop movements.
Terror Monitor (@Terror_Monitor) is a nonprofit research organization focusing on terrorism affairs and they strength lies within its worldwide network of volunteer contributors to encourage discussion on terrorism among different backgrounds and disciplines such as activists, advocates, analysts, bloggers, computer specialists, experts, financiers, historians, human rights defenders, intellectuals, intelligence, IT technicians, journalists, military, police, professors, researchers and social workers among others to achieve a common goal with GhostSecGroup.
ISIS is known for using Twitter, Facebook and other social media as a means of spreading propaganda and communicating with potential new members, and the hacker groups focused in this to try to slowdown the ISIS capacity to enlist new followers.
Anonymous made its first strike by releasing a list of 20,000 Twitter accounts believed to be related to ISIS in an effort to have them suspended.
Ghost Security Group has taken down 149 Islamic State propaganda sites, 110,000 social media accounts, and over 6,000 propaganda videos since it formed.
In its response, the ISIS “Cyber Army” gave to its followers some advice: “Do not make your email same as your username on twitter this mistake cost many ansar (users sympathetic to ISIS) their accounts and the kuffar (non-Muslims) published their IP, so be careful.”
Ghost Security Group claims to have created automated software that identifies ISIS social media accounts and has also infiltrated private ISIS communications, taken over ISIS social media accounts and pulled IP information to help identify and locate ISIS members.
However, their campaign to take down social-media accounts related to ISIS is unlikely to disrupt any of its day-to-day workings, but in case that really Ghost Security Group infiltrated the ISIS’s communications can be an important point and an issue in the ISIS’s possibilities to organize future attacks, but also remember that some time the old-fashioned emissary to carry a message can be equal of effective; just remember that in the November Paris’ attack the terrorist used unencrypted SMS using regular cellular phones to coordinate all the operation.
Hacking emails account can’t be taken so easy because, in the case of encrypted emails that can’t be read, using the metadata can be establish relations between ISIS members and also discover new ones.
One advantage of this hacker groups is they known very well the ‘deep web‘ in order to find hidden ISIS activities. Also this groups organization is ‘organic’ and unstructured (not mean unorganized) and this not provide an easy target to ISIS counter-maneuvers to avoid be detected.
The most disadvantage for this hacker groups (and more for Anonymous than GhostSecGroup) is they are open and can be infiltrated by ISIS so easy and this can be a threat for their members’ lives as was recognized by GhostSecGroup, and also ISIS infiltrates can provide fake information in order to disguise they real activities.
GhostSecGroup provide a web-site (reportonlineterrorism.com) where anyone who want to help can report possible terrorist activities & threats at the internet.
We can’t forget that the authorities are also fighting ISIS at the cyber-space shutting down sites and collecting intelligence information against ISIS and hacking is illegal in all the countries at the world but in this case it fall in a grey area where “the enemy of my enemy is my friend” and the only way to have an effective cyber-war against ISIS is establish a collaboration between the hacker groups and the official authorities who are the only that have the resources and the authority to convert any intelligence information obtained by this groups in real world actions.
Julian Bolivar-Galeno is an Information and Communications Technologies (ICT) Architect whose expertise is in telecommunications, security and embedded systems. He works in BolivarTech focused on decision making, leadership, management and execution of projects oriented to develop strong security algorithms, artificial intelligence (AI) research and its applicability to smart solutions at mobile and embedded technologies, always producing resilient and innovative applications.