Hack Brief: ISIS Data Breach Identifies 22,000 Members

AS SNOWDEN TAUGHT the NSA, a single insider can obliterate the data security of even the most secretive organizations. Now ISIS may have sprung a Snowden-sized leak of its own, one that could give security agencies fighting the brutal terrorist group some highly useful intelligence.

The Leak

A defector has allegedly leaked what appears to be a USB drive’s worth of ISIS’s secret data, including the personal information of 22,000 ISIS fighters. That personal data includes the fighters’ names, phone numbers, hometown and even blood types—all information they apparently filled out on forms in the process of signing up to join the violent group. A Syrian opposition newspaper has obtained at least a portion of that information, along with the British television network Sky News and German intelligence officials. A German law enforcement official tells CNN that the information appears to be real.

Who’s Been Exposed?

A leak of 22,000 ISIS fighters’ information would represent a significant chunk of the group’s roster. Though the total number of ISIS fighters is unclear—and reports vary widely—the research firm Soufan Group says that foreign fighters makes up the majority of ISIS ranks and estimates their number at between 19,000 and 25,000, down from an estimate of 31,000 three months ago. Sky News reports that the leak does in fact contain the information of known ISIS recruits, such as the British former rapper Abdel Bary and the hacker Junaid Hussain, who was killed in a drone strike last summer.

Though the number of individuals involved is far smaller, University of Pennsylvania computer scientist Matt Blazecompared this to the disastrous hack that hit the United States Office of Personnel Management last year, in which hackers thought to be based in China accessed the detailed security clearance application forms and even the fingerprints of 5.6 million U.S. federal workers. This leak appears to have similarly hit the “human resources” department of the so-called Islamic State, and it could have equally punishing long-term consequences for its operational security.

How Useful Is the Data?

If the leaked ISIS information is as real and comprehensive as it appears to be, it could be a unexpected gift for security agencies and prosecutors trying to track ISIS’ members and prevent more recruits from joining, says Matthew Levitt, a counterterrorism analyst with the Washington Institute for Near East Policy. The leaked questionnaires include a list of all countries visited by the ISIS applicants, which could help map out the routes of foreign fighters seeking to join the movement. And both prosecutors and law enforcement agencies will scour the data for clues as to the recruitment contacts that may be operating in the United States or Europe. “From a macro intelligence perspective, this type of information is a treasure trove for intelligence analysts,” says Levitt.

But at a more micro level, the data could connect dots in ways that won’t be clear until it’s fully analyzed. “There may be someone’s phone number that’s come up some place else that could be put together with this to create a holistic picture of things that we didn’t know were important at the time,” says Levitt.

Levitt adds that the leak could serve as a rare intelligence coup against a group that has been a difficult target for Western spying, both physical and digital. “ISIS operates largely in denied physical space, and penetrating its virtual space has been very difficult, too,” he says. “When someone provides you this kind of information, it’s very exciting.”

Source | Wired