How internet hacker alliance “Anonymous” challenged ISIS’ social media recruiting methods

In June 2013, Internet “hacktivist” group, Anonymous, leaked sensitive documents to the press about NSA’s PRISM Program.¹ Cyber security is becoming an increasing concern with the rise of ideologically motivated hacker groups. In January 2015, Anonymous declared war on the Islamic terror group, ISIS.² ISIS has posed a unique threat with its cyber methods. Unlike other terrorist organizations, it relies on social media and other Internet mediums to recruit and spread its message of terror. Anonymous has been able to cripple much of ISIS’ online presence through various attacks. In this emerging cyber conflict, the United States should continue to protect against potential cyber attacks from all parties; however, it should prioritize ISIS as the more immediate threat and allow Anonymous’ disruptions of ISIS online activities to continue.

The Growth of Anonymous

Anonymous began in 2003 as a loosely organized group of hackers operating under complete anonymity. Since then, Anonymous has conducted a variety of criminal Internet activities, including the creation of opposition websites during the 2009 Iranian elections, DDoS (Distributed Denial of Service) attacks against the governments of Australia and Germany, and the leak of several thousand classified US government documents after the arrest of Private Bradley Manning.³

According to the Department of Homeland Security, Anonymous does not have a centralized command structure. Instead, it relies on a      multitude of hackers of all skill levels recruited through social media and other online means. The group  employs a variety of methods, most commonly DDoS attacks and exploitation of application weaknesses. Anonymous’ ideology is driven by a number of disparate motives. The group’s long list of targets includes US businesses, the US government, the Iranian and North Korean regimes, Islamic terror groups, and child pornography rings.³

Anonymous’ War Against ISIS

ISIS relies on Internet methods for a large portion of its recruitment and dissemination of terror. A House hearing on ISIS in February 2015   noted:

ISIS has used the ‘‘virtual caliphate’’ on the Internet to recruit foreign fighters at an ‘‘unprecedented rate.’’ Twenty thousand foreign fighters from 90 countries now make up the ranks of ISIS and, according to intelligence estimates, this includes 3,400 from the West and more than 150 Americans on the ground fighting for ISIS today.⁴

This new form of terror has allowed ISIS to reach a larger international audience. Social media also enables ISIS to coordinate with lone actors internationally. Online assistance contributed to the October 2014 shooting of Canadian Corporal Nathan Cirillo by a lone Islamic terrorist.⁶ While the Intelligence Community does obtain helpful information from ISIS Twitter accounts, the benefits of disruption likely outweigh the value of lost information.

Anonymous has always targeted free speech censors, human rights abusers, and religious fundamentalists. In many ways, ISIS is its ideal target. In January 2015, Anonymous posted a video online officially declaring a “cyber war” against the terrorist group. The announcement came in response to the massacre at the French newspaper, Charlie Hebdo. Anonymous claims to be working with GhostSec and Ctrlsec, two similar hacktivist groups. In February 2015, the hacker alliance claimed credit for shutting down around 800 Twitter accounts, 12 Facebook pages, and over 50 email addresses associated with the Islamic State. A month later, Anonymous posted 9,200 Twitter account names operated by ISIS members in an attempt to persuade Twitter to remove them.¹ The hackers also claim to have removed over 1,000 sites and initiated DDoS attacks against even more. ISIS used those sites both to disseminate propaganda and to communicate with its own members.⁶ Additionally, Anonymous uploaded a list of more than 2,000  supposed ISIS email addresses to Pastebin.⁷

In September 2014, the Brookings Institute found that the removal of ISIS accounts does in fact hinder the terrorists’ efforts. Disruptions of ISIS Twitter accounts broke up “more than 10 percent of ISIS supporters’ online activity,” forcing the terrorists to rebuild their networks.⁵ With Anonymous’ and Twitter’s actions since the September report, these efforts are undoubtedly more effective now. According to Brookings, the primary ISIS hashtag “went from routinely registering in 40,000 tweets per day or more in around the time suspensions began in September 2014, to less than 5,000 on a typical day in February.”⁵

Anonymous has also threatened to use DDoS attacks against countries suspected of supporting ISIS – Qatar, Saudi Arabia, and Turkey. It has yet to deliver.⁸ Such attacks could potentially further destabilize the region, especially considering how Anonymous’ assisted the Arab Spring and its contributed to the overthrow of the Tunisian regime in 2011.⁹ Given the current  chaos across the Middle East, additional instability would worsen the present situation.

Assessing Threats to the United States

The long list of ISIS crimes and human rights abuses need not be recounted here. Defeating ISIS is a top national priority.⁴ Fortunately, ISIS remains inept in the cyber realm. Although there was speculation that the hacker group Cyber Caliphate was affiliated with ISIS, recent State Department findings discovered it was a group of Russian hackers posing as Islamic fundamentalists.¹⁰

Anonymous poses a smaller and less extreme threat to the United States. The hacktivist group uses harassment, disruption, intrusion, and theft to accomplish its objectives. Unlike ISIS, Anonymous does not kill or physically harm its targets. Additionally, the Islamic State will oppose the United States regardless of what the US does. Anonymous is not ideologically opposed to the existence of the United States. Rather, the hacker group only responds to specific   policies like federal Internet regulation. Yet Anonymous’ methods, like DDoS attacks, are illegal under the Computer Fraud and Abuse Act.¹¹ The hacktivist group is responsible for a litany of attacks in the United States, including 2011  hacks of PayPal, Visa, MasterCard, Fox Broadcasting Company, and PBS, as well as a 2011 intrusion in the Stratfor Intelligence Group’s computer system, and numerous hacks of US Attorney’s Offices.¹² The last major Anonymous hack of a US government entity was an August 2014 hack of the Ferguson police station.¹³

In an ideal world, the United States would be able to defeat ISIS and prosecute all violations of cyber law. Unfortunately, resources are limited. ISIS presents a more immediate threat to national security and global order. The United States should be prepared to defend itself against DDoS attacks and other Anonymous tactics. However, hacktivist efforts have assisted the fight against ISIS. Resources should be focused on destroying the Islamic State’s online capabilities. Conversely, stopping Anonymous would prove challenging, due to its lack of organizational structure and destructive retaliation against prosecutors.¹⁴ The United States should only confront the Anonymous threat if doing so will not hinder the struggle against ISIS.

The last major battle in this war was in July. Since then, news networks have reported no additional major developments. Anonymous’ efforts have so far had a net positive impact on the fight against ISIS. As international events unfold, however, the United States should continue to respond and adapt with all due vigilance, guarding its citizens at home and furthering its interests abroad.  ■

1. Howell, Kellan. “Anonymous Hackers List 9,200 ISIS Twitter Accounts, Enlist Other Hackers in Cyberwar.” Washington Times. March 17, 2015. Accessed September 5, 2015. http://www.washingtontimes.com/news/2015/mar/17/anonymous-hackers-list-9200-isis-twitter-accounts.
2. Koebler, Jason. “’Anonymous’ Leaks Documents Allegedly Associated with PRISM Surveillance Program.” US News. June 7, 2013. Accessed September 5, 2015. http://www.usnews.com/news/articles/2013/06/07/anonymous-leaks-documents-allegedly-associated-with-prism-surveillance-program.
3. Department of Homeland Security. “’Anonymous’ and Associated Hacker Groups Continue to Be Successful Using Rudimentary Exploits to Attack Public and Private Organizations.” National Cybersecurity and Integration Center Bulletin. July 19, 2011. Accessed September 5, 2015. https://info.publicintelligence.net/NCCIC-Anonymous.pdf.
4. US Congress. House. Committee on Committee on Foreign Affairs. The Growing Strategic Threat of ISIS. 114th Cong., 1st sess., 2015. H. Rep. 17.
5. Berger, J.M., and Jonathon Morgan. “The ISIS Twitter Census.” The Brookings Project on US Relations with the Islamic World no. 20 (March 2015): 57-58.
6. Drury, Flora. “Hacktivist Group Anonymous Claims It Has ‘exposed and Destroyed’ More Than 1,000 Isis-Related Sites, Accounts and Emails Since Declaring War On Jihadists After Charlie Hebdo Massacre.” Daily Mail News. February 10, 2015. Accessed September 5, 2015. http://www.dailymail.co.uk/news/article-2947691/Anonymous-war-ISIS-Claims-exposed-destroyed-1-000-accounts.html.
7. PRIMARY SOURCE: Pastebin. “#OpISIS- Database Hacked by Anonymous Red Cult Team.” February 21, 2015. Accessed September 5, 2015. http://pastebin.com/rbq8s4GM.
8. Schachtel, Jordan. “Hacktivist Group ‘Anonymous’ Plans Cyber Warfare Against Countries That Support ISIS.” Breitbart News. July 1, 2014. Accessed September 5, 2015. http://www.breitbart.com/national-security/2014/07/01/anonymous-hacktivist-group-plans-cyber-warfare-against-countries-that-support-isis/.
9. Cadwalladr, Carole. “Anonymous: Behind the Masks of the Cyber Insurgents.” The Guardian. September 8, 2012. Accessed September 5, 2015. http://www.theguardian.com/technology/2012/sep/08/anonymous-behind-masks-cyber-insurgents.
10. United States Department of State. “Who Is Cyber Caliphate? Re-Examining the Online ISIL Threat.” Overseas Security Advisory Council. Accessed September 5, 2015. https://www.osac.gov/pages/ContentReportDetails.aspx?cid=17850.
11. Cornell University Law School. “18 US Code § 1030 – Fraud and Related Activity in Connection with Computers.” Accessed September 5, 2015. https://www.law.cornell.edu/uscode/text/18/1030.
12. Federal Bureau of Investigation. “Six Hackers in the United States and Abroad Charged for Crimes Affecting Over One Million Victims.” March 6, 2012. Accessed September 5, 2015. https://www.fbi.gov/newyork/press-releases/2012/six-hackers-in-the-united-states-and-abroad-charged-for-crimes-affecting-over-one-million-victims.
13. Thomson, Iain. “Know What Ferguson City Needs Right Now? It’s Not Anonymous Doxing Random People.” The Register. August 15, 2014. Accessed September 5, 2015. http://www.theregister.co.uk/2014/08/15/anonmous_calls_off_ferguson_police_doxing_after_fingering_wrong_man/.
14. Norton, Quinn. “How Anonymous Picks Targets, Launches Attacks, and Takes Powerful Organizations Down.” Wired News. July 7, 2012. Accessed September 5, 2015. http://www.wired.com/2012/07/ff_anonymous/3/.