Over the past week, there have been dozens of fawning stories about “Anonymous” going after ISIS on social media in an effort to “troll” them and generally disrupt alleged recruiting efforts. It's a story the media has published nonstop ever since #opISIS - the umbrella term applied to online "activists" attempts at anti-ISIS activity - launched last year.
It’s an ostensibly noble goal. ISIS’s crimes and brutality are not in doubt. They’ve engaged in sex slavery, butchered thousands, and destroy civil society wherever they reign and their social media reach, while almost certainly overstated, is relatively sizable compared to other hate and terror organizations. But, these uncritical Anonymous vs. ISIS stories are missing some key context and skepticism that’s necessary as more and more western nations escalate their war efforts against the so-called Islamic State.
Longtime Anonymous ally and activist Jeremy Hammond, who's serving 10 years in federal prison for his activities related to Anonymous hacks put it best; issuing a post from prison Thursday denouncing #opISIS in no uncertain terms. He wrote, in part:
That same post-9/11 hysteria is back and all the war-mongers are again frothing at the mouth with hate for immigrants and refugees, pushing for national Muslim registration databases, and for regime change in Syria.
But I never thought Anonymous would join in on their frenzied call for war. Apparently, GhostSec and other purportedly associated with Anonymous have been DDoSing forums, taking down Twitter accounts, and reporting IP addresses to law enforcement in collaboration with shady military contractors like Kronos Advisory. The naïve fools behind the operation are being manipulated by intelligence agents taking advantage of the emotional reaction to the Paris attacks to harness our skills to fight their hypocritical “war on terrorism.”
As someone who hacked with Anonymous and marched against the war in Iraq, I completely oppose #OpISIS and any attempts to co-opt our movement into supporting the government’s militaristic agenda....
I urge my comrades still out there in the trenches, sitting on some hot 0day, ready to loot databases and trash systems. If you want to stop war and terrorism, target who Martin Luther King Jr. called the “largest purveyor of violence in the word today” – the US government. So Anonymous, get to it – drone manufacturers, white hat infosec contractors, CIA directors, Donald Trump, and your local police department – they all have blood on their hands, they are all fair game.
Here are six more reasons why #opISIS should be regarded with skepticism by the media:
The most glaring reason why Anonymous attempts to take out ISIS Twitter accounts is that the takedown lists they're provided with are “wildly inaccurate.” According to the Daily Dot:
A spokesperson for Twitter, who asked not to be quoted by name, told the Daily Dot that the lists generated by Anonymous are not being used by the company, saying research has found them to be “wildly inaccurate.”
“Users flag content for us through our standard reporting channels, we review their reports manually, and take action if the content violates our rules,” the spokesperson said, adding: “We don't review anonymous lists posted online, but third party reviews have found them to be wildly inaccurate and full of academics and journalists.”
In other words, Twitter has its own internal controls and scattered vigilantes seeking out any account that looks vaguely ISIS-y just muddies the efforts. Twitter has a very specific Terms of Service and promoting violence and extremism is against those terms. While Twitter wouldn’t comment specifically as to whether the Anonymous effort was hurting their controls, it’s clear from their response that Anonymous isn't really helping either.
Who's ISIS and who’s “ISIS”?
Another factor that’s never taken into account is intelligence-run ISIS accounts and how Anonymous or anyone else is supposed to tell them apart. We know the FBI runs networks of “al-Qaeda” and “ISIS” accounts on social media to entrap or sting potential recruits. Much like their real-life counterparts, online sting operations are very common; according to one October 2014 report, roughly 40% of known FBI jihadist recruiting sting operations involves the creation of fake ISIS or al-Qaeda accounts on Facebook, Twitter, and/or regular websites. The case of Basit Javid Sheikh for example, involved a fake Facebook page for al-Nusra, al Qaeda’s affiliate in Syria, a fake al Nusra nurse who was supposedly in Syria (played by an FBI agent who also interacted with Sheik via Skype and promised him marriage) and a whole host of corresponding accounts to lend the ruse a degree of verisimilitude. In one case, Abdella Ahmad Tounisi, the FBI went so far as to not only create a fake jihad recruiting website but also a fake al-Qaeda training video.
The sophistication of these “persona” accounts run by the government was revealed, ironically, by an Anonymous leak in 2011 of military contractor HB Gary. They include cross social media verification, geolocation spooking, and a whole host of other measures that make them indistinguishable from real accounts. One Air Force request for proposal from 2010 demanded the contact proving the persona management software allow their servicemen to operate a “number of different online persons from the same workstation and without fear of being discovered by sophisticated adversaries.”
And this is just what we know from DOJ court documents and five-year-old leaks. This doesn’t include any online persona that may be run by the CIA, Canadian intelligence, Mossad, MI5, MI6, or the Defense Department’s own $200 million-a-year social media manipulation program. How is Anonymous supposed to know the difference between a real ISIS account and a spook trawling the bottom of the Internet for information, disruption or a sting operation?
Anonymous may say they don’t really care -- after all, who cares if some FBI get caught in the jihadi dragnet? While this makes sense for a disjointed collective of Internet activists, the media should have a higher standard and take note that much like the Anonymous dragnet gathers academics and journalists, it almost certainly includes some sizable amount of government-run fake accounts as well.
Coziness with governments.
The largest force behind the ISIS disruption attacks is Ghost Sec, a slick confederacy of hackers that acknowledges it shares information with the government and is often praised by them. The State Department's own corny anti-ISIS Twitter account is quick to point out its work disrupting alleged ISIS websites:
British Security Minister John Hayes took time out in a session with Commons home affairs committee to praise "Anonymous", telling the audience, "I am grateful for any of those who are engaged in the battle against this kind of wickedness."
According to one Reuters report on these efforts, many players in opISIS share information with the government:
But others claim to have been doing more for longer. One group that feeds information to the U.S. government says it has suppressed tens of thousands of Twitter accounts since January, and its members have posed as would-be recruits to gain information on so-called Dark Web operations supporting the Islamic State.
What does this mean? There's nothing surprising about Ghost Sec and others sharing their information with U.S. and British intelligence, but the degree to which these efforts overlap is treated as incidental, rather than an inherently fraught partnership of the national security state and unaccountable hackers.
There's little evidence ISIS cares about trolling.
While some experts claim Anonymous efforts at highlighting Twitter accounts has "flattened" ISIS' recruiting reach, the question for Friday's "anti-ISIS" episode remains: is there any evidence ISIS cares about "trolling" efforts? Does ISIS care if it is replaced with rubber duckies in pictures or is the subject of goofy macro image memes? Not really, and the counter-trolling by ISIS we know about is done in similar humor. It’s unclear if this is more of a performative gesture from both sides or an effective method of undermining ISIS' public image. As Vice’s Danny Gold said after recent calls to refer to ISIS as Daesh, a name it supposedly hates: "ISIS doesn't give a shit what you call them."
These constant attempts to recruit people to “combat ISIS” read more like pro-war spectacles to rally people around the Enemy than an organic attempt at disrupting ISIS. Not unlike the World War II-era arcade game, Poison the Rat, which allowed users to "kill" Hitler by pushing a rubber plunger and forcing him to eat "poison pills," these anti-ISIS campaign are attempts at reminding us that we are at war and we should direct our collective ire at the enemy. Like Hitler, ISIS is evil for sure, and there’s nothing wrong with wanting to see ISIS get a bit of digital poison, but it's important to note the difference between actual, targeted enemy disruption efforts and performative pro-war agitprop.
$1 trillion+ war machines shouldn't need help from freelance Internet warriors. And if they do, we should ask why.
The combined total military power of the forces working against ISIS is in excess of $1 trillion. The idea that a group of independent Internet warriors is needed to run routine psychological operations on the enemy is at best dubious and at worst embarrassing. Which is to say, if Anonymous opISIS efforts are overrun with DoD and U.S. intelligence contractors, then how organic is this effort? And if they’re not, why not? What the hell is the U.S. government doing to combat propaganda? Either scenario should lead to bigger questions, but none of these eventualities is really being explored here.
Comments made by one former US intelligence official give the impression opISIS is a defacto U.S. intelligence operation that simply launders the legally dubious activities to outside "volunteers":
Retired U.S. Gen. Mike Hayden, former head of the National Security Agency and the Central Intelligence Agency, when asked whether such agencies appreciate the activities of organizations such as Ghost Security Group, said: "Officially, no. But U.S. law and policy are so constraining, I am sure the folks currently in government take secret pleasure in it, as I do."
The U.S. law is “constraining” because denial-of-service attacks, as Reuters points out, “are illegal no matter what the target.” This is even more ethically suspect when one considers how Twitter’s internal reviews showed how careless—or indiscriminate—Anonymous Twitter takedowns are. Surely the same level of scrutiny is used when launching DoS attacks against alleged ISIS websites. But so long as it’s laundered through “anonymous” no one in power is responsible. All the while U.S. officials look the other way at these extrajudicial activities because they align with their political ends.
Hyping ISIS online recruiting efforts dovetails with government efforts to further propagandize, monitor and regulate social media.
Who do these ISIS counter-propaganda efforts really benefit? By design or accident, opISIS dovetails nicely with recent efforts by the U.S. government to regulate “extremist” ideology online and even harsher measures in the UK with what it calls its "Counter-Extremism Strategy." In March of this year, the CIA asked Congress for increased social media espionage capacity, largely because it needs to "keep up" with ISIS recruiting efforts:
The move comes at a time when the CIA has struggled to gain traction against adversaries — including the Islamic State and the Jabhat al-Nusra terrorist group — that recruit and communicate extensively online but operate in combat zones that CIA officers are generally not able to enter.
Similar efforts in Congress to compel social media and websites like YouTube to report "extremist" content in the U.S. effectively turn large Internet corporations into policing agents on behalf of the government, making them potentially liable for not reporting alleged "extremist" activity. This "duty to report" would radically alter the relationship between the state and social media providers, requiring them to report even private messages that may be "ISIS" or "terrorist" in nature.
This also extends to outright disinformation, with one UK general telling the Telegraph that the government should "spread lies" on social media to combat ISIS propaganda. In January of this year, the British Armed Forces officially launched its "Facebook warriors" program, designed to combat extremist views online in what it calls "non-lethal warfare." All of these efforts have one thing in common: the normalization of psychological operations in the social media sphere and increased monitoring of social media.
In isolation, these efforts to disrupt ISIS, no matter how hamfisted they may be, are probably effective at doing so. But in the context of other political considerations, namely in relation to the war effort in both the US and UK, they become defacto propaganda. They help amplify the specter that thousands of ISIS recruiters are lurking in the tall grass waiting to pounce on our social media using teens; they justify increased surveillance and censorship of social media; and they help sell a war with no end in sight. "Activism", regardless of its noble motives, that aligns with the right-wing institutions of military and political power isn’t activism, it’s vigilantism. And vigilantism should be met with skepticism, not uncritical celebration.