Modern field guide to security and privacy

Opinion: The case for launching a digital invasion against ISIS

The cybersecurity threat from Islamic State and the group's supporters requires a global, coordinated effort to decimate their entire digital and online apparatus.

A billboard belonging to the Islamic State fighters was photographed after forces loyal to Syria's President Bashar al-Assad recaptured Palmyra city in Syria earlier this year.

While Defense Department officials said that the US began dropping "cyberbombs" on Islamic State last month, the online threat posed by the terrorists deserves an even more profound response: a global, coordinated assault on their entire digital apparatus. 

The US and its allies have been reluctant to talk publicly about offensive operations in cyberspace, but now is the time to put the West's collective technical superiority to work in an all-out cyberwar against the Islamic State.

That effort shouldn't just be limited to targeting the outfit's central command. It should include identifying and exposing the transnational network of pro-IS hacking groups, their leaders, their alliances, and how they are working in concert with Islamic State leadership. 

This kind of effort would have to include hacking their computers and smartphones, implanting viruses and malware to pull out intelligence data on the organization, disrupting their ability to communicate with one another, and for those who are outside of Iraq and Syria, unmasking their profiles and publicizing their identities.

That may seem like an outsized response to the emerging threat. But if the US and its allies don't act now, the Islamic State could quickly beef up its hacking chops and become impossible to uproot from the open Internet.

It's well known that the terrorists and their allies use social media to distribute propaganda, recruit fighters, and plan attacks, but recent evidence indicates they are also upping their game to carry out disruptive activities against the computer systems and networks of national governments, security agencies, and businesses. 

Adm. Michael Rogers, director of the National Security Agency and the head of US Cyber Command, recently warned Congress about the jihadist group’s intentions to conduct cyberattacks against the country. He said that in 2014 militants affiliated with IS had already attempted to do damage through hacking attacks, publishing the personal details of 100 American military servicemen and calling for their assassination.

Whether this is was a data breach or a data dump of carefully compiled open-source information, new evidence supports the validity of Admiral Rogers' claims. Hundreds of Islamic State supporters use the Telegram messenger app to share hacking instructions and guidelines. It appears to be working.

In March, the Caliphate Cyber Army, the terrorists' supposed main hacking unit, publicized the home addresses of police officers in Minnesota and New Jersey. A month later, the group's supporters made public the personal information of 43 US government employees linked to the State Department and other agencies and a couple of days after they published the names and addresses of 3,600 New Yorkers. In all these cases, they call for supporters to carry out "lone wolf" attacks against those they have put on their "kill lists."

The US, however, is not the only target. In April 2015, Islamic State supporters took over the French public service television network TV5Monde. In the fall of last year, malicious hackers associated with IS intercepted e-mails from senior British ministers.       

Although there has not been a successful cyberattack linked to physical damage or death, the threat is fast evolving. 

"They want to keep moving towards greater destructive attacks or cyberenabled attacks that cause loss of life," Sean Newell, deputy chief for Cyber, Counterintelligence, and Export Control Section at the US Justice Department, said at an event hosted by the Atlantic Council, a Washington think tank.

In response to the growing menace, Defense Secretary Ashton Carter confirmed the US military is engaging in cyberwarfare against the group to interrupt their command and control abilities, their abilities to plan attacks, their finances, and their propaganda machine. The offensive actions include the deployment of a tactical aircraft that can jam any radar and communication devices from Islamic State held territory. 

Other governments have joined the effort. The British Government announced last November an investment of nearly 2 billion pounds to create the country’s first “cyberforce” to combat online threats from states and terrorist groups. Similarly, earlier this year the French government declared its plan to hire 500 cybersecurity experts to help in the fight against terrorism.

But the fact is that democracies in the West are playing catch up while Islamic State has enjoyed the freedom to advance its cybercapacities. The international community should not wait until those capabilities are fully developed. It's time to escalate the digital offensive now. 

Kyle Matthews is the founder of the Digital Mass Atrocity Prevention Lab at Concordia University. Chantalle Gonzalez is a communications and research officer at the lab.

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to