Civilian 'hacktivists' fighting terrorists online

September 17, 2012 by Brian Bennett

Working from a beige house at the end of a dirt road, Jeff Bardin switches on a laptop, boots up a program that obscures his location, and pecks in a passkey to an Internet forum run by an Iraqi branch of al-Qaida.

Soon the screen displays battle flags and AK-47 rifles, plus palm-lined beaches to conjure up a martyr's paradise.

"I do believe we are in," says Bardin, a stout, 54-year-old computer security consultant.

Barefoot in his bedroom, Bardin pretends to be a 20-something Canadian who wants to train in a militant camp in Pakistan. With a few keystrokes, he begins uploading an Arabic-language manual for hand-to-hand combat to the site.

"You have to look and smell like them," he explains. "You have to contribute to the cause so there's trust built."

Bardin, a former Air Force linguist who is fluent in Arabic, is part of a loose network of citizen "" who secretly spy on al-Qaida and its allies. Using two dozen aliases, he has penetrated chat rooms, accounts and other sites where extremists seek recruits and discuss sowing mayhem.

Over the last seven years, Bardin has given the FBI and U.S. military hundreds of phone numbers and other data that he found by hacking jihadist websites. A federal law enforcement official confirmed that Bardin and a handful of other computer-savvy citizens have provided helpful information.

"This is a domain of warfare where an individual can make a difference," Maj. T. J. O'Connor, a signal officer with Army Special Forces, told a conference in Washington earlier this year. "Personalities are acceptable in this domain."

But other U.S. officials worry that digital vigilantes may disrupt existing intelligence operations, spook important targets online, or shut down extremist websites that are secretly being monitored by Western agencies for fruitful tips and contacts.

"Someone needs to be the quarterback to coordinate these things," said Frank Cilluffo, director of the Homeland Security Policy Institute at George Washington University. "If it's not coordinated in any way, it can cause problems for the good guys."

Cilluffo, who was special assistant for homeland security to President George W. Bush, said law enforcement and intelligence agencies are proficient at monitoring suspect websites, but are limited in their ability to disrupt them. Disabling a website hosted on U.S.-based servers is illegal.

"We need to be doing hand-to-hand combat and collection in the cyber environment," he said.

To be sure, the super-secret National Security Agency, the largest U.S. intelligence agency, dominates digital spying and cyber espionage overseas. The Pentagon has U.S. Cyber Command to run offensive cyberspace operations and defense of U.S. military networks. The Homeland Security Department is responsible for defending civilian networks.

And in May, Secretary of State Hillary Rodham Clinton disclosed that an obscure State Department office called the Center for Strategic Counterterrorism Communications had hacked a Yemen-based website and replaced pro-al-Qaida graphics with banners showing scenes of Yemeni civilians who were killed in al-Qaida attacks.

The office works "to preempt, discredit and outmaneuver extremist propaganda," Clinton told a panel at the Special Operations Forces Industry Conference in Tampa, Fla.

Hacktivists view themselves as volunteers in that undeclared war. Keyboard jockeys using pseudonyms like The Jester, Raptor, and Project Vigilant have taken down dozens of jihadist forums and websites, experts say.

"No one can be 100 percent sure who is responsible for these attacks," said Evan Kohlmann, a government consultant who monitors extremist websites. "We can only go with who is taking credit."

The Jester, for example, uses a computer program he wrote called XerXes that crashes a target website by instructing it to launch continual requests for information. And his targets are not limited to jihadists.

He has claimed responsibility for the November 2010 takedown of the WikiLeaks website, which he said put national security at risk by publishing 400,000 classified U.S. military reports from Iraq. He also claims to have disabled, in February 2011, 20 websites associated with the Westboro Baptist Church, an extremist Kansas-based group known for protesting homosexuality at military funerals.

In an instant message interview using a digital encryption program, The Jester refused to give his identity. But he said he was a combat veteran of Iraq and Afghanistan, and now works for a telecommunications company. He said he wants to disrupt terrorist networks, but doesn't want to work for the government.

"I feel I can be more effective overall this way," he wrote. "Less red tape, hoops to jump thru."

That his actions are arguably illegal doesn't trouble him.

"If a jury of my peers were to send me too (sic) jail one day, then I can do nothing about that," he wrote.

Bardin, the barefoot hacktivist, says he infiltrates sites only to collect information, not to sabotage or crash them. He teaches an online course at Utica College called Cyber Intelligence, and says he instructs his students to stay inside the law.

Bardin said he started entering al-Qaida bulletin boards in 2005. Angered by online videos of beheadings and attacks on U.S. soldiers in Iraq, he wanted to strike back.

"I had to do something," Bardin said. "I started making fake personas."

Working with two laptops and an iPad, he has invested years developing some of his online personas. To gain the trust of website administrators, and to be granted higher levels of access, he has posted extremist material that he copies from other sites, careful to remove his own digital fingerprints.

"I don't create new stuff," he said. But he says "nasty things about the West" and assumes he is sometimes tracked by U.S. intelligence.

In March 2010, one of Bardin's computer avatars was invited to Europe to help raise money for an al-Qaida-linked group. He handed over his passwords and other details to the FBI. He doesn't know what, if anything, was done with the information.

"It's a one-way street," Bardin said.

Explore further: Jihadist web forum knocked off Internet

Related Stories

Al-Qaida Web sites down ahead of 9/11 anniversary

September 12, 2009

(AP) -- A U.S.-based group monitoring militant Web sites said Friday that jihadist forums have been experiencing technical problems on the eve of Sept. 11, finally going offline a day before the 8th anniversary of the al-Qaida ...

FBI director: Cyber-threats will become top worry

March 2, 2012

(AP) -- The director of the FBI told an annual gathering of cyber-security professionals on Thursday that the agency needs the private sector to help combat what he believes is becoming the nation's No. 1 threat.

FBI chief warns of threat of terror cyberattack

March 7, 2012

FBI Director Robert Mueller warned US lawmakers Wednesday that violent extremists could try to carry out cyberattacks on the United States and the nation needed to be prepared.

Recommended for you

EPA adviser is promoting harmful ideas, scientists say

March 22, 2019

The Trump administration's reliance on industry-funded environmental specialists is again coming under fire, this time by researchers who say that Louis Anthony "Tony" Cox Jr., who leads a key Environmental Protection Agency ...

Coffee-based colloids for direct solar absorption

March 22, 2019

Solar energy is one of the most promising resources to help reduce fossil fuel consumption and mitigate greenhouse gas emissions to power a sustainable future. Devices presently in use to convert solar energy into thermal ...


Adjust slider to filter visible comments by rank

Display comments: newest first

1 / 5 (1) Sep 17, 2012
So, to clarify, the US government has no problem with people breaking laws as long as they're not associated with Anonymous and achieve the objectives of said government?
not rated yet Sep 17, 2012
That would be correct. It's war, and the rules are different.
not rated yet Sep 18, 2012
Bringing down a web site, or even DOS-ing it, as mentioned several times in the article, is questionably effective. I doubt it impedes the flow of information much, if that is the intent.
not rated yet Sep 18, 2012
Bringing down a web site, or even DOS-ing it, as mentioned several times in the article, is questionably effective. I doubt it impedes the flow of information much, if that is the intent

There could be alternative reasons for a DOS. For example, if you wanted to trace back past a series of proxies, the huge volume surge caused by a DOS might be traceable when individual network activity is not.

Here's another thought. If you were, for example, an Isreali computer warior who didn't want to have the blame point back to Isreal, wouldn't it be wise to pose as an American citizen hacker? It would make a nice un-official channel for any info you wanted to pass along to the CIA as well.

The things the NSA can do would probably surprise all of us.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.