Cybersecurity expert analyzes Anonymous' hacking attacks on ISIS

November 20, 2015 by Bjorn Carey

Following tragic terrorist attacks committed by ISIS agents in Paris last week, the online hacker group Anonymous declared in a video that it would launch a cyber-attack on ISIS.

The masked Anonymous speaker in the video warns ISIS, in French, to be prepared for a massive retaliation.

The "hacktivist" group has been tangling with ISIS since it attacked the Charlie Hebdo magazine's office in Paris last January, taking over email and social media accounts, or crashing public Islamic State websites by overwhelming them with traffic. Anonymous members are already boasting that they have taken down ISIS-related websites and several thousand messaging or social media accounts.

Herbert Lin, senior research scholar for cyber policy and security at Stanford's Center for International Security and Cooperation and a research fellow at the Hoover Institution, says that Anonymous' activities against ISIS provide a useful nuisance to the terror group, but aren't quite legal under U.S. laws.

What types of attacks will Anonymous likely launch?

They don't have the capability to do the kind of things that a nation-state could do. The NSA, for instance, has the ability to place implants into hardware. Anonymous is more likely to engage in hacking that is less sophisticated. For example, ISIS almost certainly doesn't have a that is coupled to the international banking system; they operate outside that particular channel. But they have lots of money, some of which may be stored in a personal- or business-like bank account. If so, that means that it can be hacked the same way that your bank account can be hacked, by cracking the username and password.

Similarly, Anonymous has been successful in the past at getting into ISIS members' email and messaging accounts, or taking down their Twitter feeds, which can disrupt their ability to coordinate terrorism-related activities; we can expect more in the future.

What kind of damage can Anonymous do to ISIS, and how effective will it be?

This approach clearly isn't the silver bullet that takes down ISIS, but attacking messaging abilities or bank accounts are useful harassing activities. Repairing these systems and accounts wastes ISIS's time and annoys them – the same way it does to you when your personal accounts are hacked. Having to untangle these messes can disrupt their overall operations, which is a perfectly good thing to do.

Do governments frown upon private citizens taking this type of action?

I think that the official line of the U.S. government on this is that it violates U.S. law for Anonymous to take on ISIS. It's vigilante justice in cyberspace, which is illegal under the Computer Fraud and Abuse Act. On the other hand, while the U.S. government might not be favorably disposed to it, I think it is unlikely that any prosecutor would actually indict an American for harassing ISIS in this way. And maybe the Anonymous hacker will uncover some information that is really useful to the U.S. government and be inclined to pass it along.

Explore further: Hacker collective claims to hit 5,500 IS accounts

Related Stories

Anonymous hackers declare war on IS

November 16, 2015

The Anonymous internet hacking network declared war on the Islamic State group in a Youtube video Monday, vowing vengeance for attacks in Paris that left 129 dead and hundreds injured.

Recommended for you

Computer learns to recognize sounds by watching video

December 1, 2016

In recent years, computers have gotten remarkably good at recognizing speech and images: Think of the dictation software on most cellphones, or the algorithms that automatically identify people in photos posted to Facebook.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.