Israeli security firm claims to have hacked ISIS forum, discloses future targets

But should it have…?

Isis

An Israeli security company has claimed it hacked an ISIS forum and disclosed where members of the terrorist organization might be planning future attacks.

Intsights, a firm based in Israel that specializes in digital intelligence services, told Israeli TV station Channel 10 that it located a forum on the dark web. It was hosted through Telegram, which provides a layer of security for users who post messages.

As Alon Arvatz, co-founder of Intsights, told the media:

"Telegram is completely encrypted and there’s no fear that someone will intercept the messages and understand what you wrote."

The Israeli company went on to report that the forum contained a list of past attacks carried out by ISIS, including one instance where two ISIS members used knives to kill an 85-year-old Catholic priest in a church in northern France.

The forum is also said to have included a world map highlighting future attacks against military bases operated by the United States, the United Kingdom, Canada, and other Western European nations. It also listed Israeli air force bases as upcoming targets.

F 16

Arvatz and the other founders of Intsights have not disclosed how they hacked into the ISIS forum. However, the Herzliya-based company is primarily run by former members of the Israel Defense Forces' (IDF) intelligence division, which means they probably had the skills and/or contacts to gain access to the dark web terrorist hub.

But that begs the question: should they have hacked the forum in the first place?

6a00d83451b71f69e201b8d19059be970c 600wiSecurity companies that take matters into their own hands don't just risk contaminating evidence that might prove useful to law enforcement, they may potentially drive groups like ISIS further underground where it may be harder for intelligence agencies to spy upon their activities.

Some may argue that the security companies are also politicizing themselves and could, by extension, alienate users who might not agree with their position.

Then again, that might not be it at all. Perhaps someone at the IDF asked Intsights to hack the forum, or maybe it was a public-private takedown of ISIS forums. In that case, shouldn't the Israeli government take the lead on disclosing (or keeping secret) the hack lest Intsights inadvertently jeopardize an important piece of national security?

These are the questions many security firms - and researchers more generally - confront on a day-to-day basis.

What are your thoughts? Were Intsights right to hack the forum and then share details with the media? Let us know in the comments.

Tags: , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

, , ,

10 Responses

  1. The Grocer

    August 5, 2016 at 7:14 am #

    100 correct in gaining the information but should have passed to world governments NOT openly publicised the fact

  2. Shawn Owens

    August 5, 2016 at 7:50 am #

    The 'dancing israelis' are at it again lol

    • Antisemite Killer in reply to Shawn Owens.

      August 5, 2016 at 10:37 am #

      Oh look, we found the mentally ill antisemite. Quick, somebody step on it and put it out of its misery.

    • Antisemite Killer in reply to Shawn Owens.

      August 5, 2016 at 10:38 am #

      Oh look, we found the racist. Someone step on it quick.

  3. Rich

    August 5, 2016 at 10:35 am #

    WIthout a doubt they should have kept the fact that they hacked ISIS prvt like the British kept the fact they had cracked the German code in WWII private. ere is why ISIS will certainly fail http://me.richtrek.com/2014/08/isis-ego-poison-and-destruction-is.html though they've hung on longer than I thought

  4. John

    August 5, 2016 at 11:24 am #

    It may be that this is a way of showing good professional skills – on a tech level I mean – that Intsights was somehow able to 1) either hack into Telegram (though I doubt that) or 2) to hack into / get a man-in-the-middle-position on some end-user computers run by ISIS (the more likely option IMHO).

    But being technically capable, and showing off about it in public (are they so desperately in need of paying customers = money perhaps?) … that is just plain stupid.

    And out of the window (!) goes any advantage to counter the terrorists of this world. Stupid, plain stupid. As Rich correctly stated, when the Brits cracked the Enigma code, would it have been wise to start bragging about it – thereby giving away any tactical advantage?

    Nope.

    Any 10 year old understands that. Intsights does not, which tells you… well, exactly what about the friends at Intsights?

  5. Mark Z

    August 5, 2016 at 12:50 pm #

    Reconsider your use of "begs the question".

  6. drdos1943

    August 5, 2016 at 1:43 pm #

    There's got to be more to it. Publicly announcing it??? The Israelis are not that stupid.

    • adad in reply to drdos1943.

      August 7, 2016 at 2:37 pm #

      "The Israelis are not that stupid" no they are not but that doesn't mean some stupid company did this for publicity

  7. Randall Morris

    August 9, 2016 at 4:48 pm #

    I think this is most missleading – ISIS is smarter than to attach military targets. Such a security lead is most likely a rabbit trail to lead away from the truth and to make Americans feel secure. Why would anyone with any smarts attack the bees when you can just take the honey. Schools, Theators, etc – anyplace where people are congregated and defenseless is the most likely place of terrorist attack and the honey of their business. And the more disarmed and defenseless the better for them. All the better have the government get them to disarm before planning any terror attack. I think the government is culpable to the crime of terror when they call for disarmament in the face of terrorist attacks.

Leave a Reply