In the wake of the Paris attack, Anonymous declared war on ISIS – #OpParis. Cue sinister Guy Fawkes mask promising the digital destruction of the Islamic State.


Within 24 hours of ISIS calling them idiots, 5,500 ISIS-related Twitter accounts went down.

Anonymous’s war on ISIS isn’t new. Some part of the collective has been hammering away at ISIS since  Look up #OpISIS, born in the wake of Charlie Hebdo: by April 2015, that op claimed 233 websites attacked, 85 websites taken down and some 25,000 Twitter accounts shut down.

Then there’s #OpIceISIS from 2014.

Even this is not the start: the origins of this story stretch back to 2010, when The Jester (@the3j35t3r) went on the warpath. The Jester, for the record, is  reported combat veteran and a hacker so prolific they wrote a paper on him. The paper’s linked below.*

But at the end of the day, is all of this going to do much good?

RT.com has an interview with Alex Poucher, self-professed “spokesperson” for Anonymous, says Anon has people on the ground close to ISIS – and tools better than any government has.

I’m skeptical of Poucher’s claim.

Firstly, because Alex “A-Squared” Poucher – born March 26th, 1985, known for defacing NASA and private industry websites in 1999, now moonlighting as an MC and a DJ – is the guy the FreeAnons outed in March.  People like Poucher aren’t in the center – they aren’t even on the edge. Nobody who really actually does this shit wants their real-life identities known the way Poucher does.

Secondly, because of the nature of Anonymous. Many people believe Anon is a group. In fact, the UK’s Independent, for example, specifically calls them that.

That’s not quite  true – Anonymous is a collective. Within this collective are the real groups – many just script kiddies or keyboard warriors hanging out together, and always a few with real power. One of these groups, or perhaps even a single person, comes up with an idea: attack ISIS, Paris, the Playstation Network – whatever. The idea spreads like wildfire.

Pretty soon there’s a bunch of people DDOSing websites, reporting Twitter pages and headhunting people’s details online. And contrary to popular belief, the vast majority of ‘tools’ used for this are not that complicated to use or hard to find. High Orbit Ion Cannon. Low Orbit Ion Cannon. If you’re the Jester, you have XerXeS or Saladin. Apache Killer. Google. A Skype resolver for grabbing someone’s IP through Skype.Whois lookups. The Twitter report button. 4Chan and Reddit to convince people to join in. Pastebin to dump details. Twitter to broadcast.

TOR (or the VPN of your choice) to stay hidden.

anonymous5

That’s Anonymous.

Unfortunately, while this works really well for defacing government websites, it’s not going to have that much of an effect on ISIS. The Islamic State is a boots-on-the-ground operation. Unlike the Syrian Electronic Army, they don’t seem to have a strong centralized – or even organized – digital presence. There’s doesn’t seem to be much to be hacked here. As the Jester says, “All they’ll do is dump a random list of names from a previous hack and claim it’s ISIS members, and they’ll report ‘ISIS’ accounts to Twitter. Pretty standard BS.”

You can’t hack an AK-47.

The real work is not being done by the collective, but by splinter groups. In this case, it seems to be GhostSec.  They’re smaller, but more organized and capable of more complex stuff than the hivemind. They’re hitting and getting hit back.

Maybe instead of Twitter accounts (that’s a many-headed hydra) Anonymous can go after major associated – not just user accounts, but perhaps even propaganda groups and nations. A government website can be hacked. Portals can be shut down. Those DDOS attacks can disrupt digital services (edit: like ISIS’ 24/7 helpdesk). If the flow of ISIS propaganda from major sources can be brought to a halt, well, that’s a hell of a lot more than most governments can do at the moment. Battling the endless numbers of Twitter accounts doesn’t really do much, but this might.

What about headhunting people? I’d point out that there’s a vast difference between the fictionalized terrorist databases you see on Mission Impossible and real-life script kiddies. Publicly posting an ISIS leader’s name is probably just going to earn him a ‘Jihadist of the Month’ award from whoever runs the show.

Militant Islamist fighter waving a flag, cheers as he takes part in a military parade along the streets of Syria's northern Raqqa province
Promotions! Fame! Fortune!

In real life Anonymous is largely a collective of unknown people from around the world, participating in a hack the same way people participate in sharing those email chain letters. The very thing makes it strong also makes it a lot more likely to identify random or innocent people, dump all of their details into a doc and declare them terrorists. Headhunting is more likely to make life miserable for a whole lot of perfectly normal people.

The real terrorists among us are too-well hidden, and the ones on the front lines? They just don’t care. Putin’s dropping bombs on them. They have bigger problems.

 


 

* “The Jester Dynamic: Lessons in Asymettric Unmanaged Warfare” (https://www.sans.org/reading-room/whitepapers/attacking/jester-dynamic-lesson-asymmetric-unmanaged-cyber-warfare-33889)

Update (11/21/2015): ISIS’ OPSEC manual (http://www.wired.com/2015/11/isis-opsec-encryption-manuals-reveal-terrorist-group-security-protocols/)

COMMENTS?