Anonymous’ Cyberwar With ISIS And It’s Unintended Consequences.

In the aftermath of the Paris Terrorist Attacks, there is a new target on ISIS: A Declaration of Cyber War. The hacker activist group, Anonymous is using social media to retaliate against ISIS for their reign of terror in the city of light.

In a new YouTube video Anonymous vowed to take out ISIL: “We are tracking down members of the terrorist group responsible for these attacks we will not give up we will not forgive and we’ll do all that is necessary to end their actions.”

Efforts to take down the organization's Web sites and expose its supporters could interfere with carefully planned law enforcement operations. Anonymous’s cyber war with ISIS may have unintended security consequences.

As French police scoured Paris and surrounding areas in search of those responsible for Friday 13th terrorist attacks on the French capital, a group of cyber activists took aim at the Islamic State’s online presence. The computer-hacker federation known as Anonymous claims to have disabled at least 5,500 pro-ISIS Twitter accounts and exposed thousands of the terror group’s supporters who use the social media site.

Anonymous announced its current campaign on November 14, the day after ISIS (the Islamic State in Iraq and Syria) claimed responsibility for murdering at least 129 people and injuring more than 300 in various locations throughout Paris. The hacktivist group released a video that begins with dramatic music and what, appears, to be images of the Paris attacks. Halfway into the video a person wearing Anonymous’s symbolic Guy Fawkes mask announces that the group is tracking down ISIS members and supporters and then proclaims, “We’ll not give up. We will not forgive. And we’ll do all that is necessary to end their actions.”

Law enforcement and cyber counterterrorism experts generally welcome the digital havoc that groups like Anonymous can wreak on terrorist organizations’ online communication and recruiting efforts. That is, as long as these uncoordinated cyber antiterrorism campaigns do not end up scuttling months of undercover investigative police work. 

Anonymous could be the digital equivalent of a renegade cop going to great lengths to catch a bad guy at the expense of ruining a painstakingly organized federal investigation to take down a larger crime ring.

The hacktivist collective does this by exposing its adversaries’ Twitter accounts (and reporting them to the company) or paralyzing opposition Web sites by flooding them with online traffic. The group’s secretive nature gives it a lot of latitude for operating outside the law. 

“This means they can create collateral damage on the Internet without having to answer for it,” says Scott Borg, director and chief economist for The US Cyber Consequences Unit, an independent, nonprofit cybersecurity research institute.

Groups operating outside official law enforcement and intelligence channels can make legitimate communications and business difficult to carry out, or even interfere with the intelligence community's efforts, Borg says. If Anonymous shuts down a terrorist Web site or online forum that government agents have already infiltrated, this could hinder valuable counterterrorism surveillance and data collection. This is especially important because gathering useful information on Islamic State forums is typically difficult. 

The terror group often uses Web-hosting companies unwilling to cooperate with Western governments and regularly switches hosting companies to avoid being shut down. The US has a lot of ways of going after these organizations and can target new communications channels when old ones are blocked, but ISIS’s way of operating in stealth online makes this difficult, Borg adds.

The key to successfully disrupting terrorist organizations online is to shut down their recruiting and propaganda efforts while tapping into the valuable intelligence their forums can provide, according to the executive director of Ghost Security Group, who goes by the name “DigitaShadow” in order to not reveal his true identity. 

His organization formed as a nonprofit counterterrorism network delivering intelligence to US government agencies earlier this year, a few days after terrorists attacked the Parisian paper Charlie Hebdo. They have gained some notoriety in recent months for their role in helping disrupt ISIS’s funding efforts as well as planned attacks in New York City and Tunisia.

Ghost Security Group’s 15 members in the US, Europe and the Middle East have taken down 149 terrorism-related propaganda sites so far, DigitaShadow says. “We leave Islamist-related forum or communication platforms intact for intelligence reasons, waiting for participants to make a mistake,” he adds. “We shut down any propaganda sites that push out videos or graphic or gory pictures because they don’t have any intelligence value.”

DigitaShadow’s organization had acted as part of Anonymous for a few months after forming but is no longer affiliated with them. “They’ve attacked quite a few forums that had high-value Islamic State militants transmitting propaganda, trying to recruit young people and in some cases addressing weapons-manufacturing and ground movements,” he says. “It’s caused quite a disruption for intelligence.”

Borg contends, however, that Anonymous and the hacker community in general do more good than harm. Given the brutality of ISIS’s attacks, and its successful Internet recruitment efforts, the hacker collective’s latest rally against the terrorist organization is an acceptable risk. 

Anonymous launched a similar campaign against ISIS following its attack on Charlie Hebdo, claiming to disrupt tens of thousands of Twitter accounts connected to the terrorist organization.

Anonymous also claims to be spamming ISIS hashtags with “rickrolls,” messages that appear to be relevant but instead include a link to the music video for the 1987 Rick Astley hit song “Never Gonna Give You Up.” 
The cyber scuffle has not been entirely one-sided though. Anonymous tweeted recently that it had to take down its own site for reporting on Islamic State activity due to a high level of spam, although it is unclear whether the terror group was responsible. 
Ein News:http://http://bit.ly/1RmbtVX
Scientific American: http://bit.ly/1NFKlvj

« Bitwalking: Digital Currency Pays People to Walk
N. Korea Employs Grads for Cyber Warfare »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Cloudbric

Cloudbric

Cloudbric is a cloud-based web security service, offering award-winning WAF, DDoS protection, and SSL, all in a full-service package.

Australian Signals Directorate (ASD)

Australian Signals Directorate (ASD)

The Australian Signals Directorate is an intelligence agency in the Australian Government Department of Defence.

Cryptosense

Cryptosense

Cryptosense provides the first application security software dedicated to the detection and remediation of crypto vulnerabilities.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

KeepSolid

KeepSolid

KeepSolid is a Virtual Private Network services provider offering secure encrypted access to the internet.

sayTEC

sayTEC

sayTEC's mission is to develop and deliver next-generation products and services in encrypted data and voice transmission.

Malleum

Malleum

MALLEUM are specialists in penetration testing and security assessments. We think like hackers – and act like them – to disclose discreet dangers to your organization.

Tier1Asset (T1A)

Tier1Asset (T1A)

T1A is Europe’s leading IT refurbisher. We offer certified data erasure using blancco on site and at our facilities, providing environmentally sound disposal of your used equipment.

Vilnius Tech Park

Vilnius Tech Park

The region‘s most complex and integrated ICT hub, Vilnius Tech Park aims to attract and unite innovative talent from big data, cyber security, smart solutions, fintech and digital design.

X Technologies

X Technologies

X Technologies provide world-class engineering, information technology, information security, program management and repair services to Federal, State and commercial customers.

ESC - Enterprise Security Center

ESC - Enterprise Security Center

ESC is a system house specializing exclusively in IT security - Security Implementation & Optimization, Operations, Managed Security Services.

Path Forward IT

Path Forward IT

Path Forward IT has been troubleshooting, architecting, migrating, protecting, and securing IT environments for businesses across the USA since 2002.

SecurelyShare Software

SecurelyShare Software

SecurelyShare Software is a security software company, specializing in data security, data privacy and data governance.

Kaesim Cybersecurity

Kaesim Cybersecurity

Kaesim are a global team of cybersecurity experts protecting businesses since 2015. We stop bad people damaging your business, your data and your reputation.

Digital Encode

Digital Encode

Digital Encode is a leading consulting and integration firm that specializes in the design, management, and security of business-critical networks, telecommunications, and IT infrastructures.

E-CQURITY (ECQ)

E-CQURITY (ECQ)

ECQ is a network security company offering offensive security services and solutions focused on active offensive and defensive positioning.