How Hacktivism Has Accidentally Made Intelligence Gathering Harder

Going through my daily sources of news the other day one article stood out to me among all others, a report by Security Affairs outlining future threats posed to the world by terrorist organizations such as the Islamic State and al-Qaeda. What stood out to me was that I found this article while browsing through an award winning cyber security blog out of Italy, something you wouldn’t normally find there.

As it turns out the article wasn’t written by Security Affairs directly, it was written by Candice Lanier, the Chief Operations Officer at Ghost Cyber Intelligence, a private intel agency specializing in counter-terrorism and Darknet operations. Lanier was inspired to write her article in light of evidence uncovered by US Federal authorities whom had hacked into the phone of “Sayfullo Saipov, the man accused of using a truck to mow down pedestrians and cyclists recently in New York City” earlier this year.

In her analysis, Lanier writes how “The massive cache of Islamic State propaganda videos found on the cellphone of Sayfullo Saipov” offers “a glimpse of the vast amount of jihadist content on the internet” and that the overall “amount of jihadist content on the internet is staggering.” She goes on to add that “The efforts of law enforcement, intelligence agents and private intel agencies around the world are not sufficient” and explains why the Federal Government and US Intelligence Community alike needs more help from everyone in the future.

Believe it or not, this is not the first time I have heard these types of statements coming from the Intelligence Community before. Late in 2015 and the beginning of 2016, directly following a terror attack by the Islamic State in Paris earlier that fall, hackers from around the world participated in arguably the single largest joint hacking operation of this millennium. Led by a group known as “Ghost Security Group” and literally encompassing millions of hackers and civilian activists from around the world, #OpISIS as the operation was known is said to have shut down 100’s of websites and taken down 100’s of thousands of ISIS related social media accounts in just a few months time.

As all of this was occurring in 2015, it was also reported that members of the US Intelligence Community and Central Intelligence Agency had began reaching out to the very hackers and organizers of #OpISIS, explaining to them that while their actions might have been honorable, they might actually be harming counter-terrorism efforts at the same time. This is because Intelligence analysts claimed to have been “monitoring” many of the same accounts, social media channels and websites that hackers had begun deleting. Analysts also claimed that is was only being done so that terror targets could be tracked and recorded, so that “intelligence” could be gathered about them. In this way it was much more valuable to them to keep terror accounts online and active, rather than deleted offline entirely.

By hacking, deleting and erasing these peoples accounts and internet connections so suddenly, intelligence analysts feared they could lose contact with untold numbers of terror targets in the future. Moreover, analysts maintained that the actions of the hackers would only serve to push terrorists further underground. Meaning that terrorist would be less likely to freely put themselves out there in the open anymore and would start going through much greater lengths to secure and protect themselves online in the future.

Tying back in with Candice Lanier’s article, this appears to be exactly what has happened. In her analysis, members of the Islamic State have now started to shift nearly all of their operations over to the DarkNet and encrypted channels, and have become far less active on the surface web where they are much more vulnerable. In fact, when I read Lanier’s report in December of 2017 I see it as confirmation of what intelligence analysts originally feared in November 2015, and that the noble actions of activists and hackers online in the past has indeed pushed terrorists deeper underground where they are much harder to find, track or trace than they once were before – making everyone’s job more difficult.

Read More – ClearNet, DarkNet & Deep Web. What are They and What’s The Difference:

Looking back at all of this, I find it amusing that Lanier’s current organization Ghost Cyber Intelligence sounds a lot like Ghost Security Group, the group which first led #OpISIS back in 2015. Something tells me that her current contract with the United States Government dealing specifically with the actions of ISIS online is not unrelated to that operation, which is also why I think people should take her words on this matter more seriously than most.

That having been said, the more things change the more things basically stay the same. Just as in the winter of 2015 US Federal Authorities are now calling on the public to become much more engaged and vigilant in the future, by reporting any suspicious online activity they see. Last month not only did the Department of Homeland Security raise the National Threat Level through their website, but they also put out a press release urging members of the general public to start reporting any suspicious people, accounts, postings or online activity directly to the agency themselves. A contact form can be found on their official website.

Categories: Hacking News

%d bloggers like this: