Anti-ISIS hackers: ‘Somebody has got to oppose them’
Mikro, one of the hackers, who has represented the group in its dealings with the media, told RT how Ghost Security intercepted social media communications between Islamist plotters.
"In Tunisia, they were, as always, talking on Twitter [about] what they’re about to do. And when you catch those conversations ... [you start] to get the pieces of the puzzle together. They started to talk about an old Jewish town in Tunisia right after the first beach attack,” said Mikro, referring to the shooting of 38 people in a Sousse hotel complex in June this year.
"We looked further into that and then we noticed that we were actually onto something. We looked a little closer, waited a couple of hours and alerted the authorities. A couple of days later they told us what has been done on our information and confirmed that we did prevent a terrorist attack at that point.”
Mikro said he was forced to be more circumspect about a subsequent plan to carry out an attack on a New York target, saying the group needed to maintain secrecy, but did say that there were "reasons to take the threat seriously” and claimed that reporting the plot to the authorities apparently "scared off” the radicals. The hacktivist group has used a private contractor as an intermediary with its dealings with the US government.
The hacker reports that the group, which has links to the broader Anonymous movement, has attained unique insight into the online workings of Islamic State and its growing web of affiliates. "In the beginning we failed a lot, but now it has become easier, as we now know who they are, we know their methods, we know everything about Islamic State online.”
While foiling terrorist plots represents the cutting edge of Ghost Security’s work, the group’s bread-and-butter is shutting down accounts Islamic State uses to broadcast its atrocities and recruit new followers. As a result of their tip-offs some 59,000 Twitter accounts, 1,300 YouTube propaganda videos, and 130 standalone sites have been disabled.
The hackers’ representative says that rather than endlessly hunting down mirror accounts, the group’s aim is to block Islamic State content before it goes viral. While it has said that the number of ISIS accounts on Twitter has gone down by up to a quarter, eventually, the group hopes to create a virtual blanket filter that will stop the radical Islamists from reaching mainstream platforms altogether.
According to DigitaShadow, another member of the group who spoke to The Blaze last week, there are currently twelve core members of Ghost Security, as well as hundreds working as part-timers and informants. But the team is looking at crowdsourcing techniques to take its work to the next level.
"You don’t need a gun to fight. It’s easy, you can sign on to Twitter, follow ControlSec or GhostSec [Twitter handles used by the group] and find terrorist accounts and report them. That’s actually something everyone can do. And we really depend on the public... to help us out, you don’t need any IT background," Mikro said in the recorded interview. The Islamic State Hacking Division has previously dismissed the work of Ghost Security.
"Anonymous, GhostSec, CtrlSec who are apparently ‘hackers’ against IS, till date they have hacked nothing, they are all talk. The only thing they can do is report Twitter accounts and stage distributed denial-of-service attacks on websites for five mins,” a self-proclaimed senior Islamic State online operative told The Blaze in August.
While Ghost Security is not doing much of what one would call "hacking” per se to disrupt terrorist communications, the group’s contact with the US government, Michael S. Smith, said that the information they provide allows law enforcers to "take a more pro-active stance” against IS’ online activities.
"Information that they gather, which they believe could be instrumental in identifying plots, cell structures, recruitment activities and other activities, propaganda distribution and so on, is provided to federal law enforcement, intelligence and military officials from the United States and where necessary distributed to officials abroad so that it can support their counter-terrorism activities,” said Smith, the principal of national security company Kronos Advisory.