Terrorist groups are expanding their use of the internet beyond mere messaging and disseminating operational know-how, slowly adding a cyber-hacking toolset that could one day rival that of criminal or state-sponsored hacking. To date attacks have included website defacement, doxing of personally identifiable information, and distributed denial of service (DDoS) attacks. But this could grow to more disruptive attacks, not only with the potential to spread fear, but also raise revenue across the far reaches of the globe.
- In the early 2000s, the CIA had identified two known U.S.-designated terrorist organizations – Hezbollah and Hamas – with the capability and intent of using cyber attacks against U.S. critical infrastructure. There were also reports of al Qaeda pursuing technically savvy recruits to hold U.S. networks at risk as well. With the emergence of the so-called Islamic State, a global pool of potential recruits that grew up with the internet, and readymade hacking toolsets available online, the likelihood of such groups turning to offensive cyber capabilities is growing.
- In September 2016, a Kosovo hacker linked to ISIS named Ardit Ferizi was sentenced to 20 years prison for hacking the networks of a U.S. company and stealing personally identifiable information of some 1,300 U.S. military members and government personnel. Ferizi, who pleaded guilty in June 2016, then provided the stolen information to Junaid Hussain, a British hacker and ISIS recruiter also known as Abu Hussain Al Britani, who was later killed in a U.S. drone strike after he published the stolen personal information under the name of the Islamic State Hacking Division (ISHD), now known as the United Cyber Caliphate, on Aug. 11, 2015. Hussain is also thought to be responsible for hacking into U.S. Central Command’s Twitter account.
- In the dump, Hussain proclaimed, “O Crusaders, as you continue your aggression towards the Islamic State and your bombing campaign against the Muslims, know that we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands! ‘So wait; we too are waiting.”
- The intention was to package the stolen personal data of U.S. military and government officials – such as names, addresses and other sensitive information – as a ‘kill list’ to inspire lone wolf attacks against those individuals and their families, a clear facilitator fear. In fact, a Bangladeshi living in Maryland named Nelash Mohamed Das was indicted in September 2016 for allegedly seeking to attack a military member whom appeared on the kill list published by Hussain.
Matthew Olsen, Former Director of the National Counterterrorism Center
Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.
Sign Up Log In