Jihadi Bloopers. Online and Off.

[orion5]

An excellent blog post from The Jester (@th3j35t3r) on how jihadis use the internet. LINK

It's a bit unfortunate we may be telling them how to clean up their act, but still hilarious to see how uninformed they are about internet use and security.

[orion5]

A short analysis along the same lines....

LINK


ISIS Is Hijacking Western Twitter Accounts To Rebuild Terror Network

Email platform used by Sony hackers is a key part of the process


ISIS is coaching its Twitter army to hijack dormant Western Twitter accounts to evade the microblogging service’s cull of jihadi accounts. Twitter suspended more than 1,400 ISIS accounts since the group released the first video of Kenji Goto, the late Japanese hostage, two weeks ago. Over the past month, Twitter has also purged tens of thousands of ISIS-related accounts. ISIS supporters are circulating a new social media guide with instructions for acquiring accounts undetected.

The guide gives step-by-step instructions on how to claim a dormant Twitter account using “disposable email” platforms such as YOPmail.com or Moakt.com. Hackers involved in the recent Sony data breach used YOPmail.

Users are instructed to pick a dormant account with a Western name and use the email platform to phish for the email address originally used to set it up. Once successful, they can turn it into a new ISIS account after changing the username, password and picture.

Then the guide instructs users to pick a prominent sheikh with ISIS affiliation and a working Twitter account. The guide gives instructions on how to auto-follow their followers en masse using a script injected into the page. The theory goes that some of them will follow back, expanding the user’s circle of followers and plugging them back into the social network of ISIS supporters.

[Peregrino]

Unfortunately, ISIS (Islamist groups in general) have a much better and far more effective grasp of information warfare than we do. Couple that with the US government's refusal to identify the enemy and unwillingness to effectively engage and social media sites like Twitter will continue to be vulnerable, lucrative targets for Islamist IO exploitation.

[orion5]

P, I'm sure you're right about jihadis being more effective than us. Of course, they also use our freedom of speech and reluctance to censor against us. It took Twitter a long time to start suspending the ISIS accounts. Facebook has been much slower to act.

J.M. Berger of Brookings Institution (@intelwire on Twitter) has been fascinating to follow. He spends a lot of time analyzing how terrorist networks use social media. He testified before the House Committee on Foreign Affairs a few days ago. [LINK]

Berger's conclusions:


That said, we can do better in three areas.

First, transparency. All stakeholders need to clearly understand exactly why and how a user gets suspended on social media. Companies need to communicate this better.

Second, consistency. If suspensions do not continue at a consistent pace and with consistent criteria, the targeted network will regenerate. The suspension process is akin to weeding a garden. You don’t “defeat” weeds, you manage them, and if you stop weeding, they will grow back.

Third, scope. ISIS far from our only problem on social media. Aside from other terrorists who are already taking lessons from the Islamic State’s tactics, challenges on social media range from bullying and targeted harassment to extensive activities by foreign state-sponsored disinformation and intelligence programs.

Finally, it is important to note that no single authority exists for dealing with these issues. The concerns of corporations are different from those of governments and those of activists, and the concerns of governments and activists are wildly different around the globe.

Any approach to social media policing needs to include some consideration of our multipolar world. In our fight against terrorism, we do not wish to create precedents and authorities that would empower tyrants and repressive movements with tools to silence legitimate dissent.