Hopefully the FBI will notify those people who are on the kill list and PROTECT them. Thankfully, most Americans are armed and ready to shoot down any terrorist swine.
The attack seemed like a garden-variety digital holdup.
A computer intruder, calling himself the “Albanian hacker,” left a message for the administrator of a website for an Illinois internet retailer: Pay two Bitcoins, or about $500 at the time, and the intruder would “remove all bugs on your shop!”
Such demands are typical among underground hackers who infect computers with malicious code and seize control of them, freeing them only after receiving a payment.
But this case was more than a surreptitious digital mugging. The trespasser had ties to the Islamic State Hacking Division, a terrorist cyber unit, and before it was over he’d put together a “kill list” for the Islamic State with the identities of 1,351 U.S. government and military personnel from the 100,000 names, credit card records and Social Security numbers he’d extracted from the host server.
The hacker operated in a gray area where criminal and terror interests blend messily to test malicious computer code, raise funds and identify Western targets, and it raises fresh concerns for U.S. businesses hit by cybercrime and for the government agents tasked with defeating it: If a business tries to make a problem quietly disappear, it may effectively be hindering government efforts to monitor terrorism. The need for collaboration between business and government on internet security has soared, even as distrust has risen between network managers and law enforcement.
The case of Ardit Ferizi, an ethnic Albanian who was raised in Kosovo, is typical of hackers who “might act on behalf of a group but are also doing it for their own profit, for criminal means,” said John P. Carlin, the assistant attorney general for national security.
Ferizi’s case is also notable because his handiwork generated one of the first “kill lists” issued by the Islamic State designed to generate fear and publicity. FBI agents used the early list of U.S. military and government employees to notify the targeted individuals. More recent lists have included thousands of ordinary civilians and even U.S. Muslims the terrorist group considers apostates.
Ferizi, 21, was extradited from Malaysia last autumn and has been held by U.S. Marshals since then. On June 15, Ferizi signed a plea agreement in Alexandria, Virginia, in which he admitted to providing material support to terrorists and to computer hacking. He also signed a statement of facts outlining details of that support.
It marked one of the federal government’s first successful cyber terrorism cases in which an individual in custody admitted a link to a foreign terrorist organization.
Ferizi’s story is gleaned from federal court records, and an interview he once gave to Infosec Institute, a Chicago-based training center for technology professionals that also does research on hackers.
A native of Gjakova in western Kosovo, Ferizi was largely self-trained in computers. By his late teens had formed the Kosova Hacker’s Security, a group with vague pro-Muslim objectives. He adopted the moniker @Th3Dir3ctorY, and claimed that the group had hacked systems in Serbia, Greece, Ukraine, France and the United States, including Microsoft’s Hotmail servers and a research domain operated by IBM.
In early 2015, Ferizi traveled to Malaysia to study and “in part to get better access to bandwidth” to carry out cyberattacks, Carlin said.
His tools? A Dell Latitude laptop, a second MSI laptop and computer application known asDUBrute, which allows a user to seize control of another computer remotely.
Ferizi had already established contact with Junaid Hussain, a Briton who Carlin called “one of the most notorious cyber terrorists in the world.” At the time, Hussain lived in the Syrian city of Raqqa, the de facto capital of the Islamic State. A charismatic hacker of Pakistani descent, Hussain had once run a collective, TeaMpOisoN, and had a club of fanboys.
One day last August, a system administrator at the Illinois company, which is not named in court documents, contacted the FBI about a cyber ransom demand. Appealing to the feds for help was an unusual step.