Hacking ISIS: How to Destroy the Cyber Jihad
Americans should pay close attention to Malcolm Nance. A former naval counterterrorism officer, Nance understands both human and cyber intelligence; and he applies both to explain with great clarity the threats from two major adversaries—ISIS and Russia.
Nance has already provided invaluable lessons about ISIS in his 2016 Defeating ISIS. And he has given fascinating background about Russia’s 2016 election hacking and possible recruitment of American espionage resources in The Plot to Hack America (2016).
Hacking ISIS: How to Destroy the Cyber Jihad is Nance’s latest book, co-authored with cyber-terrorism expert Chris Sampson. The foreword, by ex-FBI agent Ali Soufan, lays out the book’s purpose and intended audience. The authors “have produced a brilliant resource to educate cyber security specialists, politicians, and the general public about the future risks of how ISIS’s ideology may spread further in the cyber world.” Soufan concludes that “this book will help our cyber warriors and decision-makers defeat them once and for all.”
Partly because of this purpose and varied audience (and likely by the choice of the authors) this book makes readers work and it makes them think. The authors do not serve answers on a platter.
Parts of the book, those aimed at the “general public” audience, read smoothly—an enthralling tale of espionage. Other parts, mainly the inner chapters, often read more as technical guides or spy-training manuals, providing long lists of ISIS apps and websites, communication methods, leaders, tactics, and more. These chapters often provide more unfiltered detail than the general reader may be able to absorb. In fact, it might be a good idea for the reader to identify a place in the book where skimming would be the best strategy—until the final three chapters, which tie many things together in a compelling narrative.
The first chapter is instructive as well as telling a gripping tale. It describes a May 2015 raid by U.S. Special Ops Delta troopers on a remote Syrian ISIS outpost, the hidden base of ISIS treasurer, Abu Sayyaf. The raiding troopers collected multiple terabytes of data revealing ISIS financial networks as well as personal information of every person under ISIS control—cell phone numbers, Twitter names, Facebook accounts, and other social media connections. This “treasure trove of spy gold” allowed U.S. cyber experts to home in on precise locations of ISIS members.
The captured intelligence allowed U.S. forces to begin Operation Vaporize, a massive assassination campaign targeting ISIS leaders and murderers. A reader might need a strong stomach to follow the resulting attacks, as well as suspension of belief that terrorists might deserve due process before being assassinated. For example:
“Senior ISIS military commander . . . Omar al Shishani (a.k.a. “Omar the Chechen”) was literally “vaporized”—blown into human pink mist by the 2,000-pound JDAM bombs or Hellfire missiles. ISIS senior military commander in Northern Syria, Abd al-Rahman Mustafa al-Qaduli (a.k.a. “Hajji Imam”)—vaporized.”
In fact, the authors suggest that the 2015 raid and data capture may have been the beginning of the end for the physical manifestation of ISIS, which they have no doubt will be destroyed, and the beginnings of a new ISIS as a covert online “Ghost Caliphate.”
The second chapter, keeping the pace of a thriller, reveals intriguing ways of “hacking ISIS.” The authors explain how ISIS cyber warriors (usually not extremely skilled or sophisticated) can be located on the Internet and then either shut down, pushed into smaller and observable portions of the Internet, or be allowed to continue operating under the watchful eyes of Western intelligence.
In explaining how to locate these ISIS sites, the authors describe the three parts of the Internet (with an excellent diagram) that most readers likely do not know about—the Surface Web, used by billions of people; the Deep Web, requiring logins and passwords; and finally, the Dark Web, entered or monitored only with specialized software. The authors explain how ISIS uses all three levels and how U.S. intelligence locates, manipulates, and takes them down at each level.
Chapter 3 continues the tale as it lays out the development of cyber warfare by al Qaeda and its spawn ISIS through the spread of terror (with gruesome videos such as beheadings), recruitment of new members (interestingly, often by way of pornography sites), and the spurring of lone wolf attacks committed by those not able to come to the caliphate.
Moving for a moment to the dust jacket on the hardcover edition, of the five review blurbs there, four use variations of the word detail, and such detail is exactly what the next several chapters lay out, at times, arguably, with precision more useful to cyber spies than to the general reader. Numerous details, in fact, seem raw and unfiltered, with the reader left to figure out their ultimate significance. At certain points, an overview with brief examples and a reference to an appendix might have been more helpful.
Topics in these “detail” chapters include different levels of the ISIS cyber hierarchy as well as the multitude of websites, apps, and other software tools used by ISIS, such as Telegram, What’s App, Signal, Wikr, True Crypt, and Tor. Other topics include the different Jihadi cyber groups, individual hackers, and the numerous media production groups and their products (ranging from glossy magazines to horrifying videos).
One should not downplay such detailed information, though, as it would certainly be essential to the “cyber security specialist” portion of the book’s audience.
After numerous chapters of exhaustive detail, the authors return to their overall theme of hacking ISIS in Chapters 12 to 14, titled The Anti-ISIS Cyber Army, Tracking ISIS in Cyberspace, and The Ghost Caliphate.
Beginning with the question “Who is standing up to ISIS online?” the authors describe efforts of governments, private companies, hacker groups, and individuals to engage ISIS in cyber battle. While they describe many effective strategies and operations, the authors avoid creating a false sense of security.
For example, they admit that the terrorists “sometimes stay a step ahead.” U.S. Congressional efforts, they insist, are limited by constant gridlock. One anti-ISIS act passed in May 2015 is already “outdated.” Many government anti-ISIS programs have met with little success and may likely have failed to reach their target audiences.
Regarding large social media companies, the authors complain that such companies, like Twitter and Facebook, often resist government intervention, justifying such behavior with their own “aggressive takedowns” of ISIS sites and materials.
The most successful anti-ISIS efforts, it seems, result from human intelligence such as tips from concerned citizens and operations such as the May 2015 Delta trooper raid in Syria, which helped U.S. forces locate and “vaporize” key ISIS members.
Descriptions of the war on ISIS waged by the hacking group “Anonymous” are interesting and entertaining, but the authors remind readers that critics find these attacks a combination of mischievous, undiscerning, unserious, and simply causes of greater resolve for ISIS. The authors intriguingly contrast Anonymous with a seemingly more focused and effective vigilante hacker known as the “Jester.”
There is much more in the outlining of the West’s cyber battles against ISIS, but in describing the many online weapons and strategies—such as counterhacking and spearphishing, following digital “thumbprints,” and searching the cyber tools and sites most current for ISIS—the authors continue to remind readers how vulnerable we remain and how much more work must be done.
The physical caliphate will fall; of that, Nance and Sampson express absolutely no doubt. But ISIS will devolve into a “Ghost Caliphate” of covert “Cyber Corsairs” who, while not yet an advanced cyber threat, will only become more skilled and dangerous over time, perhaps even learning the methods of the Russians and Chinese to commit acts like taking down the power grid or Internet of an adversary—actions that would be devastating.
As these final chapters end on an abrupt and less-then-hopeful note, the reader might ask: “So what do we do now?” “Where do we go from here?” That’s where the book makes readers think back and work hard as they try to understand which methods have been most successful in which situations and hope that anti-ISIS forces can perfect and marshal these methods against an imposing and terrifying foe.