Anonymous’ Cyberwar With ISIS And It’s Unintended Consequences.

In the aftermath of the Paris Terrorist Attacks, there is a new target on ISIS: A Declaration of Cyber War. The hacker activist group, Anonymous is using social media to retaliate against ISIS for their reign of terror in the city of light.

In a new YouTube video Anonymous vowed to take out ISIL: “We are tracking down members of the terrorist group responsible for these attacks we will not give up we will not forgive and we’ll do all that is necessary to end their actions.”

Efforts to take down the organization's Web sites and expose its supporters could interfere with carefully planned law enforcement operations. Anonymous’s cyber war with ISIS may have unintended security consequences.

As French police scoured Paris and surrounding areas in search of those responsible for Friday 13th terrorist attacks on the French capital, a group of cyber activists took aim at the Islamic State’s online presence. The computer-hacker federation known as Anonymous claims to have disabled at least 5,500 pro-ISIS Twitter accounts and exposed thousands of the terror group’s supporters who use the social media site.

Anonymous announced its current campaign on November 14, the day after ISIS (the Islamic State in Iraq and Syria) claimed responsibility for murdering at least 129 people and injuring more than 300 in various locations throughout Paris. The hacktivist group released a video that begins with dramatic music and what, appears, to be images of the Paris attacks. Halfway into the video a person wearing Anonymous’s symbolic Guy Fawkes mask announces that the group is tracking down ISIS members and supporters and then proclaims, “We’ll not give up. We will not forgive. And we’ll do all that is necessary to end their actions.”

Law enforcement and cyber counterterrorism experts generally welcome the digital havoc that groups like Anonymous can wreak on terrorist organizations’ online communication and recruiting efforts. That is, as long as these uncoordinated cyber antiterrorism campaigns do not end up scuttling months of undercover investigative police work. 

Anonymous could be the digital equivalent of a renegade cop going to great lengths to catch a bad guy at the expense of ruining a painstakingly organized federal investigation to take down a larger crime ring.

The hacktivist collective does this by exposing its adversaries’ Twitter accounts (and reporting them to the company) or paralyzing opposition Web sites by flooding them with online traffic. The group’s secretive nature gives it a lot of latitude for operating outside the law. 

“This means they can create collateral damage on the Internet without having to answer for it,” says Scott Borg, director and chief economist for The US Cyber Consequences Unit, an independent, nonprofit cybersecurity research institute.

Groups operating outside official law enforcement and intelligence channels can make legitimate communications and business difficult to carry out, or even interfere with the intelligence community's efforts, Borg says. If Anonymous shuts down a terrorist Web site or online forum that government agents have already infiltrated, this could hinder valuable counterterrorism surveillance and data collection. This is especially important because gathering useful information on Islamic State forums is typically difficult. 

The terror group often uses Web-hosting companies unwilling to cooperate with Western governments and regularly switches hosting companies to avoid being shut down. The US has a lot of ways of going after these organizations and can target new communications channels when old ones are blocked, but ISIS’s way of operating in stealth online makes this difficult, Borg adds.

The key to successfully disrupting terrorist organizations online is to shut down their recruiting and propaganda efforts while tapping into the valuable intelligence their forums can provide, according to the executive director of Ghost Security Group, who goes by the name “DigitaShadow” in order to not reveal his true identity. 

His organization formed as a nonprofit counterterrorism network delivering intelligence to US government agencies earlier this year, a few days after terrorists attacked the Parisian paper Charlie Hebdo. They have gained some notoriety in recent months for their role in helping disrupt ISIS’s funding efforts as well as planned attacks in New York City and Tunisia.

Ghost Security Group’s 15 members in the US, Europe and the Middle East have taken down 149 terrorism-related propaganda sites so far, DigitaShadow says. “We leave Islamist-related forum or communication platforms intact for intelligence reasons, waiting for participants to make a mistake,” he adds. “We shut down any propaganda sites that push out videos or graphic or gory pictures because they don’t have any intelligence value.”

DigitaShadow’s organization had acted as part of Anonymous for a few months after forming but is no longer affiliated with them. “They’ve attacked quite a few forums that had high-value Islamic State militants transmitting propaganda, trying to recruit young people and in some cases addressing weapons-manufacturing and ground movements,” he says. “It’s caused quite a disruption for intelligence.”

Borg contends, however, that Anonymous and the hacker community in general do more good than harm. Given the brutality of ISIS’s attacks, and its successful Internet recruitment efforts, the hacker collective’s latest rally against the terrorist organization is an acceptable risk. 

Anonymous launched a similar campaign against ISIS following its attack on Charlie Hebdo, claiming to disrupt tens of thousands of Twitter accounts connected to the terrorist organization.

Anonymous also claims to be spamming ISIS hashtags with “rickrolls,” messages that appear to be relevant but instead include a link to the music video for the 1987 Rick Astley hit song “Never Gonna Give You Up.” 
The cyber scuffle has not been entirely one-sided though. Anonymous tweeted recently that it had to take down its own site for reporting on Islamic State activity due to a high level of spam, although it is unclear whether the terror group was responsible. 
Ein News:http://http://bit.ly/1RmbtVX
Scientific American: http://bit.ly/1NFKlvj

« Bitwalking: Digital Currency Pays People to Walk
N. Korea Employs Grads for Cyber Warfare »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Booz Allen Hamilton

Booz Allen Hamilton

Booz Allen Hamilton is a management & tech consulting firm. Technology services include cloud computing, cyber security, systems development and integration.

National Cyber Security Centre (NCSC) - Norway

National Cyber Security Centre (NCSC) - Norway

NCSC is part of the Norwegian Security Authority, and is Norway's national cyber security hub and the national CERT.

Cryptomathic

Cryptomathic

Cryptomathic is an expert on commercial crypto - we develop, deliver and support the most secure and efficient off-the-shelf and customised solutions.

KE-CIRT/CC

KE-CIRT/CC

KE-CIRT/CC is the national Computer Incident Response Team for Kenya.

Efecte

Efecte

Efecte is a Nordic SaaS company specialized in IT Service Management, Self-Service, Identity Management and Access Governance solutions.

BitRaser

BitRaser

BitRaser serves your needs for a managed & certified data erasure solution that can support internal & external corporate audit requirements with traceable reporting.

Regulus Cyber

Regulus Cyber

Regulus enables drones, robots and autonomous vehicles to operate safely, without malicious or accidental interference to the operation of their mission.

SecureNinja

SecureNinja

SecureNinja provides professional training, certifications & professional services related to all facets of Information Technology and Cyber Security.

CyberSat Summit

CyberSat Summit

CyberSat is dedicated to fostering the necessary discussions to flesh out and develop solutions to cyber threats in the satellite industry.

Infosequre

Infosequre

Infosequre builds up your security awareness culture and turns your employees into the first line of defense against cyber risks.

Soffid

Soffid

Soffid provides full Single-Sign-On experience and full Identity and Access Management features by policy-based centralised orchestration of user identities.

Quantum Security Solutions (QSec)

Quantum Security Solutions (QSec)

QSec is an innovative information security consultancy based in Ghana. We can provide your organisation with information security products and services that assure against information risk.

CISO Global

CISO Global

CISO Global (formerly Cerberus Sentinel) are on a mission to demystify and accelerate our clients’ journey to cyber resilience, empowering organizations to securely grow, operate, and innovate.

Canopius Group

Canopius Group

Canopius is a global specialty lines insurance and reinsurance company and one of the top 10 insurers in the Lloyd’s insurance market.

Quod Orbis

Quod Orbis

Quod Orbis are a fast-growing, innovative company providing market-leading expertise in cyber security and Continuous Controls Monitoring (CCM).

Excite Cyber

Excite Cyber

Excite Technology Services (formerly Cipherpoint) is focused on improving the security posture of our customers.