“We felt enough wasn’t being done, so we wanted to put our skills to good use,” said the executive director of Ghost Security Group, who only goes by the online hacker name DigitaShadow after numerous ISIS death threats. “We’re completely independent. We survive off donations alone.”
Ghost Security Group has provided valuable information since June, according to Michael S. Smith II, co-founder of defense contractor Kronos Advisory and a former adviser to a Congressional terrorism task force.
Smith said he became the de facto middleman between the hackers and the feds after members of Ghost Security Group saw him quoted in a newspaper article about cyber terrorism earlier this year and reached out for help because they weren’t sure their data was getting through the FBI’s tip line.
“When they first reached out, I wasn’t sure if they were just enthusiastic people who wanted to help,” Smith told the Herald. “I was soon pleasantly surprised.”
Ghost Security Group sent him screen shots several weeks later with communications about a plot targeting British and Jewish bystanders at an open-air market in Tunisia popular with tourists. The information was used to disrupt a terror cell and prevent a July 4 terrorist attack, Smith said.
“When you look at what happened with the Tunisia data, they literally saved lives,” said Smith. “That’s what’s remarkable — that a small group of people can have that kind of impact.”
In July, Smith said he showed authorities the group’s information on planned suicide attacks in Saudi Arabia. Smith said it’s unclear how the authorities used or shared that data, but within 24 hours, Saudi forces arrested hundreds of ISIS members in a sweep.
The group has also identified dozens of ISIS recruiters and provided pivotal data showing terrorists moving from Twitter to the Telegram messaging app, according to Smith.
“It’s not that the government is incapable of doing this,” said Smith. “The use of the Internet by the Islamic State is so unprecedented in scope, so prolific that it’s frankly overwhelmed the system. There’s a need for more eyes than are available inside government at this point. I would say they are receptive to help.”
The FBI declined the Herald’s request for comment on the group.
DigitaShadow says he works 16-hour days and his group has taken down more than 100,000 Twitter accounts, nearly 150 websites and 6,000 videos connected to ISIS. They also vet tips on ghostsecuritygroup.com.
Ghost Security Group first tries to alert companies whose servers may unwittingly host terrorist websites.
“If they don’t listen to us within a week, we shut it down by force,” he said. “Anything with intelligence value, we leave intact.”
The group formed in January after the Charlie Hebdo attacks. Some members of Ghost Security Group met through Anonymous — although DigitaShadow stresses they have since broken all ties with Anonymous and operate under a set leadership structure.
He said the 14 members, who work from the U.S., Europe and the Middle East, are men and women ages 25 to 50. Some have military backgrounds.
The group also quietly alerts the feds when they go undercover in ISIS forums, Smith said — a distinction that sets it apart from Anonymous, the loosely organized underground group that also stepped up its war against the Islamic State this week.
“Anonymous may go out and do the same thing — create handles and engage with Islamic State members online — and they are going to be misidentified as terrorists,” said Smith. “And the federal authorities are going to waste time and money monitoring Anonymous when they could be spending time on others.”
©2015 the Boston Herald. Distributed by Tribune Content Agency, LLC.