24 Nov 2015

Can 'hacktivists' help fight IS?

12:27 pm on 24 November 2015

How important is the internet to Islamic State? A US counter terrorism expert Michael Smith says it is unprecedented.

no caption

Photo: 123RF

And he told Nine to Noon that a hacktivist group was now helping intelligence agencies fight that propoganda.

Ghost Security, which had previously worked under the radar, has now formed links with certain US counter terrorism officials, using Mr Smith - a security expert with Kronos Advisory - as an intermediary.

"Ghost Security Group comprises 14 people, technically referred to as hactivists, but I would prefer to refer to them as cyber-operatives," Mr Smith said.

He said the network provided 24-hour surveillance of online terrorist activities, but was not under contract to any government.

The group approached him in June this year in order to get information they had gathered to the notice of officials more quickly.

"They had received quite a bit of interest from large news organisations like the New York Times pursuant to their efforts focussed on highlighting abuses of social media platforms like Twitter by IS members and supporters.

"They were, meanwhile in the process of all that, developing some pretty rich knowledge of what the IS presence online really is."

Ghost Security was also gathering information on pending attacks and IS recruitment activities and was anxious to pass this on quickly - previous attempts to alert authorities had been lost among the clutter of information routinely passed on to security agencies.

"Some of this information they have attempted to represent to federal authorities here in the US, using things like the FBI's public tips line.

"Which is unfortunate because it's inundated with everything from UFO sightings to sightings of Al Queada's leader playing cards at Vegas casinos all day long."

Mr Smith would not say which agencies he was talking to, but that the information had been useful and acted on.

Ghost Security picked up a plot by jihadists planned for Tunisia.

"Individuals were openly communicating on Twitter about a terrorist attack plot targeting British tourists and Jews at a popular open air market place in Tunisia."

The plotters were communicating by open tweets which they quickly deleted. The chatter appeared to be from real terrorists and so the group passed the information to Mr Smith, he informed his security contacts, and the plot was foiled.

Although security agencies worldwide were actively engaged in monitoring the online activities of IS, help was always needed and groups such as Ghost Security were a useful part of the mix, he said.

"The problem that you run into is that it's prolific, so you have room for outside eyes on the targets."

Encrypted communication was an increasing problem, he said.

"Twitter's direct messaging platform alone, the encryption suite that comes with, that is really just tremendously rich.

"Islamic State is calling for action now, and that is the problem when they have the means to call up somebody or send a message to somebody and it can go undetected because of the level of encryption being used to transmit those messages back and forth."

Ghost Security was now going undercover and had moved from a more disruptive model to one of infiltration.

This involves posing as IS members using infiltration accounts - but ones known to authorities.

"The difference between Ghost and Anonymous is if the authorities see activities on accounts they are not going to investigate those account managers as they know they're friendlies."

Anonymous, known for hacking corporations such as PayPal, MasterCard, Visa, and Sony - recently announced its own war against Islamic State - including taking down IS-linked Twitter accounts and websites.

"You've got a hundred or a thousand people affiliated with Anonymous if they do that there's a pretty good chance authorities aren't going to know that those are not bone fide IS members or supporters."

He said investigating bogus IS accounts could divert resources away from "fighting the enemy".

Ghost Security, once a group which used 'brute force' to shut down terror sites and accounts, was now a trusted source of information, he said.

Taking down websites, no matter what the website promoted, was illegal if it was hosted in the US.

"IS know that an Arab government is not going to attack a website hosted in the US as it could be construed as an act of cyber warfare."

Meanwhile Islamic State's online battle for hearts and minds goes on.

"I can't say it enough, the influence operation program taking place through the internet on the part of the Islamic State is not only more frightening than anything we've ever seen from any terrorist group, it is more effective than anything we've seen from a terrorist group."

Get the RNZ app

for ad-free news and current affairs