Though ISIS seems obsessed with fulfilling a medieval vision of an apocalyptic final battle, it has relied heavily upon modern information technology. The organization behind last Friday's bloody attack on civilians in Paris utilized social networking and scores of websites to recruit and indoctrinate new followers, coordinate its efforts and to publicize its chilling acts of extreme brutality.
But on that digital battlefield, ISIS faces opposition in the form of a shadowy array of hacktivists determined to disrupt the terror group's online presence.
In tweets and a YouTube video, the hacker collective Anonymous vowed retribution for the Paris attacks, saying that its members across the globe would launch a massive number of cyber-attacks against ISIS.
On Tuesday, Anonymous announced it already had taken down 5,500 Twitter accounts connected to ISIS, and used an IRC channel to distribute a "noob's guide" on how to identify ISIS social media accounts and hack its websites.
Anonymous isn't the only online foe of ISIS. Another equally mysterious organization, Ghost Security Group, AKA GhostSec, also has been waging electronic war on ISIS, including gathering information on ISIS militants that it reportedly passes along through intermediaries to law enforcement agencies. The organization's website contains a form that visitors can use to report online activity that they think may be linked to terrorism.
In an email, a Ghost Security spokesperson said the group had taken down 149 extremist websites, 110,000 social media accounts and 6,000 propaganda videos over the last 10 months, and helped law enforcement agencies to foil several terror attacks and make arrests both in the United States and other countries.
"As for extremists, we target them wherever they reside," the Ghost Security spokesperson wrote.
ISIS Taps Dark Web, Encryption Apps To Coordinate
Fighting ISIS with keyboard strokes is a daunting task, especially considering the terrorist group's vast, protean presence on social media and the Web. A study published in March by the Brookings Institution, a Washington, DC-based think tank, estimated that ISIS utilized between 46,000 and 70,000 different Twitter accounts in 2014. When accounts are suspended by Twitter for extremist activity, more quickly spring up to take their place.
"It is like trying to cut off the head of the hydra," lamented University of Michigan professor and Middle East expert Juan Cole.
But even so, J.M. Berger, one of the authors of the Brookings report, thinks that rooting out ISIS Twitter accounts is hindering the terrorist group's effort to spread its message and gain followers.
Hackers might do even more serious damage to ISIS if they could gain access to the group's documents and internal communications, or disrupt its financial transactions. Back in 2012, Anonymous reportedly hacked the Syrian regime of Bashar al-Assad and published hundreds of thousands of officials' emails, including some that documented financial transactions with other countries.
"Anonymous members have the capabilities to do so, and I am confident there is a good chance they may identify opportunities to do so if they spend enough time poking around," said Michael S. Smith II, co-founder and chief operating officer of global security consulting firm Kronos Advisory. Smith also has advised Congress on terrorism issues.
Smith said that Ghost Security had played an important role in helping to thwart ISIS websites, which are often hosted on servers in the United States, by figuring out how to defeat software used to mask the websites' locations. Those efforts exposed the host location of an ISIS website that contained information that the terror group had obtained about U.S. government employees, he said.
But Smith warned that freewheeling vigilante efforts against ISIS actually could prove counterproductive, because they could interfere with covert cyber-warfare efforts by U.S. intelligence agencies.
"There is a large-scale counterintelligence effort underway which entails mining data from social media platforms to identify plots, recruitment efforts and other activities of groups like the Islamic State," Smith wrote in an email. "Efforts concerned with disrupting IS's uses of social media platforms like Twitter that are not coordinated with government officials could basically serve to interrupt ongoing investigations."
Paris Attacks Reveal Next Stage of ISIS, Experts Say
Smith said that ISIS itself has become increasingly focused upon online security. The terrorists and supporters are more inclined to use more difficult-to-monitor communications channels such as Telegram Messenger, which boasts on its website that its communications are "heavily encrypted and can self-destruct."
Even so, ISIS seems to be concerned about Anonymous' reach. In a Telegram message, the terrorist organization felt the need to remind its followers to take simple security precautions. "Do not open any kind of links unless u r sure from the source," the message advised.