Islamic State Cyber Attacks

Uploaded on 2016-10-11 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

 

A very real and dangerous national security cyber threat that results from the combination of terrorism and hacking.

A US federal district court in the Eastern District of Virginia has sentenced Ardit Ferizi, a citizen of Kosovo and resident of Malaysia, to 20 years in prison for providing material support to Islamic State and accessing a protected computer without authorization and obtaining information in order to provide material support to IS.

"This case represents the first time we have seen the very real and dangerous national security cyber threat that results from the combination of terrorism and hacking,” said Assistant Attorney General John Carlin. “This was a wake-up call not only to those of us in law enforcement, but also to those in private industry.”

According to the government’s sentencing memo and press release, the 20-year-old hacker, who was previously arrested several times for cyber-crimes in Kosovo, is the first person to be effectively prosecuted in the US for a combination of terrorism and hacking. 

The government alleges that the defendant indefinitely put the lives of 1,300 US military members and government employees at risk when he passed their personal identifying information to ISIL as part of the terrorist group’s plan to “crowdsource” terrorism.

From April 2015, Ferizi began supporting ISIL by administering a website that hosted ISIL videos and Dabiq, ISIL’s English language magazine. The complaint and supporting affidavit allege that Ferizi then graduated to providing ISIL with the personally identifiable information (PII) of individuals in “kuffar” countries that were attacking the United States. 

Several months later, he took a leap forward when he hacked into the server of an Illinois-based company that sold goods to customers in the United States and abroad. Many of those customers were U.S. military and other government personnel, easily identified by their “.gov” or “.mil” email addresses in the system.

According to the statement of facts accompanying the plea agreement, Ferizi subsequently sent the 27 pages of PII to the now-deceased Junaid Hussain, who released the information via Twitter on August 11th under the name “Islamic State Hacking Division.” ISIL encouraged its supporters to attack the named individuals and warned that "we are extracting confidential data and passing on your personal information to the soldier of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!" The "kill list" included residents of the Eastern District of Virginia.

Aside from being one of the first cyberterrorism cases in the country, this case is interesting in that it highlights the extensive cooperation between the government and industry in the aftermath of the hack. 

Less than two days after the list was published, the victim company contacted the FBI to report a threatening message it had received, Ferizi, unidentified at the time, had sent a threatening email after the company deleted the malware he had placed on the server in order to gain access to their systems. The company quickly provided the FBI with consent to review all information related to their website, which eventually led to the identification of the defendant, via a Malaysia-based IP address.

Presenting a contrast to the cumbersome extradition process in the Irfan Demirtas case, Ferizi had his initial appearance in the US within six months. In September, Malaysian authorities detained Ferizi as he was attempting to leave the country. Like Demirtas, who was charged in the US after he was already under the control of a foreign service, Ferizi was charged via a sealed complaint on October 6th. On October 12th, Malaysian authorities provisionally arrested him at the request of the United States; the case was unsealed three days later, and, on January 22, 2016, Ferizi was extradited to the United States.

In a separate case arising out of the Northern District of Illinois, Hasan R. Edmonds and Jonas M. Edmonds were sentenced to 30 and 21 years, respectively, for conspiring to provide material support to ISIL, according to the Justice Department’s press release.

The two cousins were arrested in March 2015, after planning to carry out an armed attack at the US Army National Guard base in Joliet, Illinois, about 45 minutes southwest of Chicago. Like Bailor Jalloh and Michael Teausant, Hasan Edmonds was a member of the Army National Guard. According to the complaint, Hasan also planned to travel to the Middle East to fight for ISIL.

According to court documents, on Aug. 11, 2015, in the name of the Islamic State Hacking Division (ISHD), Hussain posted a tweet that contained a document with the PII of the approximately 1,300 US military and other government personnel that Ferizi had taken from the victim company and provided to Hussain. 

The document stated, in part, that “we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!” Ferizi admitted that he provided the PII to ISIL with the understanding that ISIL would use the PII to “hit them hard.”


LawfareBlog:           Justice.gov:

 

 

« IoT 2.0: The Internet of Things-to-Things
Strategies For A Culture of Cyber-Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Protective Intelligence

Protective Intelligence

Protective Intelligence brings together a group of information security specialists with a passion for delivering high-quality solutions.

Andrisoft

Andrisoft

Andrisoft develops WANGUARD, an anti-DDoS Software solution that monitors IP traffic using packet-based and flow-based Sensors, and protects networks

Advenica

Advenica

Advenica develops, manufactures and sells innovative cybersecurity solutions for encryption and secure information exchange.

Vade Secure

Vade Secure

Vade Secure provides protection against the most sophisticated email scams such as phishing and spear phishing, malware and ransomware.

Telspace Systems

Telspace Systems

Telspace Systems provides penetration testing, vulnerability assessment and training services.

Kingsley Napley

Kingsley Napley

Cyber crime is an area of growing legal complexity. Our team of cyber crime lawyers have vast experience of the law in this area.

Egnyte

Egnyte

Egnyte delivers secure content collaboration, compliant data protection and simple infrastructure modernization; all through a single SaaS solution.

Cervello

Cervello

Cervello is a leading provider of comprehensive and proven solutions to protect railways against cyber attacks.

WiSecure Technologies

WiSecure Technologies

WiSecure Technologies aims to develop cryptographic products meeting requirements in the new economic era.

Billington CyberSecurity

Billington CyberSecurity

Billington CyberSecurity is a leading, independent education company with an exclusive focus on cybersecurity.

World Cyber Security Summit

World Cyber Security Summit

World Cyber Security Summit, by Trescon, is a thought-leadership driven platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER)

US Marine Corps Forces Cyberspace Command (MARFORCYBER) conducts full spectrum military cyberspace operations in order to enable freedom of action in cyberspace and deny the same to the adversary.

Sourcepass

Sourcepass

Sourcepass is an IT consulting company that focuses on providing expert IT services, cloud computing solutions, cybersecurity services, website, and application development.

Arsen Cybersecurity

Arsen Cybersecurity

Arsen is a French cybersecurity startup, dedicated to enhancing human behaviors in cybersecurity.

FastPassCorp

FastPassCorp

In the world of IT, identity theft is a growing concern. FastPass offers an innovative solution as a cloud or on-premises offering.

Barquin Solutions

Barquin Solutions

Barquin Solutions is a full-service information technology consulting firm focused on supporting U.S. federal government agencies and their partners.