Can Hackers and Western Security Services Win the Online War Against ISIS?

A Bahraini protester wearing a Guy Fawkes mask used by the Anonymous movement takes part in a demonstration against the government in the village of Karranah, west of Manama, on March 1, 2013. In response to the attacks in Paris on November 13, Anonymous has launched its #OpParis anti-ISIS campaign, targeting ISIS supporters on Twitter and claiming to have uncovered additional threats of attacks. Mohammed al-Shaikh/AFP/Getty

One day after the attacks in Paris on November 13—in which young men affiliated with the Islamic State militant group (ISIS) killed a total of 130 people at six locations across the French capital—a video began making the rounds online. With its dramatic theme music and slick graphics, it looked more like an action film than an Internet release. "We are Anonymous," the letters on the screen read. "We are uniting humanity. Expect us."

Soon after the video emerged, members of the hacking collective Anonymous began reporting the Twitter accounts of people they believed to be supporters of ISIS to the site's administrators in the hope that the accounts would then be deleted. Anonymous claims to have already helped take down more than 20,000 ISIS-friendly Twitter profiles since the Paris attacks. The hacktivists—activists who use computers to achieve their political goals—often include the same hashtag in their tweets: #OpParis, a rallying cry against the militants.

The war against ISIS takes many forms. Both Russia and a U.S.-led coalition are conducting airstrikes against the group, hoping to destroy its command centers, supply stores and training camps. The U.S. is also arming moderate rebels to help defeat the group. And in the virtual world, keyboard warriors—some on government payrolls, others working on their own time—are trying to degrade and destroy the group's online propaganda efforts, shut down its supporters' social media accounts and expose extremist plots. Hackers and government officials—old adversaries, for the most part—have found themselves fighting a common enemy.

In response to Anonymous's pledge to attack ISIS online, the Islamic militants issued supporters a guide on how to avoid being hacked. "Anonymous hackers threatened in [a] new video release that they will carry out a major hack operation on the Islamic State," the statement read. "Idiots," the author added.

Anonymous may be outing pro-ISIS social media accounts, but critics are questioning the effectiveness of operations such as #OpParis. What impact does deleting social media profiles have, they ask, when people with guns are shooting civilians in the streets?

In a paper titled "The ISIS Twitter Census"—published by the Brookings Center for Middle East Policy, a Washington-based research unit—authors J.M. Berger, a nonresident fellow at Brookings, and Jonathon Morgan, a data scientist, found that from September through December 2014 ISIS supporters used at least 46,000 Twitter accounts—more than twice the number Anonymous claims to have helped unplug. A hacker called DigitaShadow, formerly of Anonymous, tells Newsweek the attempts by Anonymous to delete ISIS-linked social media accounts and websites are not particularly effective when the group can still carry out attacks in real life.

DigitaShadow, who declined to give his real name for security reasons, describes himself as the executive director of Ghost Security Group. Speaking by phone, DigitaShadow says he is an American who previously worked in computer security. Ghost Security Group, he says, was founded on January 10 and now comprises 14 members who are focused on foiling ISIS attacks, as well as exposing the Twitter accounts of ISIS allies and fanboys. Ghost Security Group claims to have uncovered plans for assaults in New York, Tunisia and Saudi Arabia. The Tunisia and New York attacks were planned for July of this year, the former to hit a crowded market, the latter, Times Square, DigitaShadow says. The aborted Saudi Arabia attacks, which eventually led to hundreds of arrests, were aimed at various mosques, he adds.

It is impossible to verify many of the claims hacktivists—including Ghost Security Group—make. The Saudi arrests did happen, for example; less certain is whether Ghost Security Group had anything to do with the sweep. The FBI did not respond to Newsweek's requests for comment on whether it has used the group's information, but Michael Smith, co-founder of Kronos Advisory, a U.S.-based global security consulting company, says he has passed on information that the group has given him to law enforcement officials. Ghost Security Group contacted Smith, who has served as an adviser to members of the U.S. Congress, after reading about him in newspapers. Smith and DigitaShadow say the hacktivists' attempts to submit information to the FBI tips line have failed—possibly because of the sheer volume of messages the agency receives. Smith, who had direct contact with law enforcement officials, showed Newsweek correspondence from one in which the official thanks Smith for passing on information that helped lead to the arrests of would-be attackers in Tunisia. Smith says he received that intel from Ghost Security Group.

Candles, flowers and messages—one bearing the #JeSuisParis Twitter hashtag—are placed at the Place de la Rèpublique in Paris on November 15. Twitter, and social media in general, is becoming an important arena in which to discourage extremism, a goal of U.S. intelligence agencies as well as a new priority for "hacktivist" groups like Anonymous who vowed retaliation for the Paris attacks and eliminated thousands of ISIS-affiliated Twitter accounts. Christopher Olssøn/Contrasto/Redux

Experts in computer security say the online war against jihadis may ultimately be most valuable in countering radicalization efforts by ISIS and other groups. The need for this became clear after the Paris attacks. French security officials believe that not all of the suspected gunmen traveled to Syria. The men might have been radicalized online, like so many before them. One of them was himself active in spreading online propaganda. The apparent organizer of the attacks, Abdelhamid Abaaoud, was a known ISIS recruiter who featured in the group's online Dabiq magazine and in various propaganda videos. Preventing the recruitment efforts of men like Abaaoud by shutting down online communication channels is vital in the fight against ISIS, says Calum Jeffray, a research fellow at the Royal United Services Institute (RUSI), a London-based defense and security think tank.

It is not just online vigilantes like Anonymous and Ghost Security Group that are battling ISIS. In a bid to stop more people from joining the nearly 30,000 foreign fighters estimated to have gone to Iraq and Syria since 2011, government intelligence officials in the West are trying to counter the group's online presence. On November 17, the U.K.'s finance minister, George Osborne, announced that he would double investment in online security to $2.9 billion in the hope of preventing online attacks against the U.K.

The U.S. government has also joined the online fight against ISIS. In December 2013, the State Department initiated a social media campaign on Twitter called "Think Again Turn Away." This was broadened with Facebook account in August 2014. The campaign attempts to counter radicalization with a steady stream of information and videos that claim to reveal the truth behind ISIS's idealized depictions of its own rule.

Despite these efforts, governments and hacktivists have not yet managed to stop ISIS from using the Internet as a key tool of modern jihad. Some supporters have moved on from Twitter, switching to sophisticated forms of encrypted communication to help them evade intelligence agencies. (Encryption is a form of computer coding that makes communications inaccessible to anyone who hasn't been granted access.)

Like other militant and criminal organizations, ISIS favors messaging apps like WhatsApp, Viber and Telegram—whose founder, Pavel Durov, also created the Russian social networking site VK—because they use sophisticated, end-to-end encryption, says Jeffray. That form of encryption creates an automatic protective shield around all messages sent via those apps. This prevents the app's creators, owners and developers from decrypting the messages and handing them to investigators, even if courts order them to do so.

Other ISIS members have gone underground into the Internet's dark Web—a murky world of often illegal sites that can be accessed only using specialist software, such as Tor, which enables anonymous communication by bouncing a user's communication around a volunteer-run network of relays so the message can't be traced back to its source.

Some ISIS militants are going on the offensive online. In August, a group called the Islamic State Hacking Division leaked the alleged details of 1,400 U.S. military and government employees online, calling on ISIS supporters to physically attack them. On November 18, the Twitter account for Anonymous's #OpParis announced that its servers were under attack, possibly from the group.

Though the complicated war against ISIS shows little sign of abating, there may be some cause for optimism in the online battle against the militants. In their paper, Berger and Morgan found that between September and December 2014 there was a decrease in the group's Twitter activity due to the site's administrators suspending at least 1,000 accounts belonging to ISIS supporters. Given Anonymous's claims that it has helped suspend even more, this decline may continue, lessening the amount of ISIS propaganda luring supporters. And on November 18, Telegram announced on its website that it had blocked 78 pro-ISIS channels—public communication streams that broadcast to dozens of followers—since the Paris attacks. In the information war—if not the war of bombs, bullets and beheadings—the West might at least be making some meager progress.