Isis Kids Planned a Violent 'Caliphate Revival' on Discord

2 hours ago 2

This is the online edition of The Wiretap newsletter, your weekly digest of cybersecurity, internet privacy and surveillance news. To get it in your inbox, subscribe here.

Discord has been a popular platform among extremists, according to federal investigators. (Photo by Jakub Porzycki/NurPhoto via Getty Images)

NurPhoto via Getty Images

Back in summer 2022, the FBI received a tip from a minor about a Discord group called “Caliphate Revivalists.” Around 70 participants were chatting about bringing ISIS back to prominence after it’d lost its control over large parts of Iraq and Syria in the late 2010s. The group’s channels included chats about militant training, jihad and jihadist weaponry. Videos of executions and terrorist attack plans were often among the topics of conversation.

Soon after one user threatened to carry out a knife attack, Discord closed the group for promoting violence, according to a search warrant demanding Discord provide the groups’ communications. The warrant was filed in 2023, but unsealed only this month.

The U.K. police had already ordered Discord hand over the communications of the Caliphate Revivalists in 2022, leading to the arrest of the minor who’d made the knife threat. It appeared they were not bluffing; when British cops apprehended him, they found a knife in his bag and handwritten letters to various to his family and to Britain and America, criticizing their treatment of Muslims. A month later, police arrested another minor from the group after finding manuals for making explosives and terrorist propaganda on his devices. Other suspects were located in the U.S., Austria, Italy, Germany, Kuwait, Macedonia, Pakistan, Poland, Slovenia and the U.A.E.

Although ISIS’s power has greatly diminished over the past few years, this case highlights how teenagers are using online platforms to bring it back to the fore through violent means. As the FBI wrote in its warrant, “Despite the loss of physical territory, ISIS continues to rally supporters and incite attacks against its enemies, to include the United States, its allies, and its interests. The FBI’s investigation of the “Caliphate Revivalists” Discord users has shown that these individuals echoed those goals.”

Neither Discord nor the FBI had responded to requests for comment at the time of publication. The DOJ declined comment.

Seamus Hughes, a senior research faculty at the University of Nebraska Omaha’s National Counterterrorism Innovation, Technology and Education Center, has spent years researching online radicalization and continues to find new examples of teenagers falling under the sway of ISIS. “While it may have faded from the daily headlines, there has been a steady stream of investigations and federal cases involving ISIS adherents this year,” added Hughes.

“We’ve seen a continued reliance on online platforms like Discord to help coordinate and push their message. And an increasingly younger demographic drawn to the terrorist organization.”

As reported in 2023 in The Wiretap newsletter, federal agents have described Discord as a "preferred platform” for violent extremists because it permits “anonymous communication through private servers and channels, which assists offenders in avoiding detection by law enforcement." Not that Discord is that private. As past cases have proven, the federal government can compel Discord to furnish it with information when it gets court orders, as it often does.

Got a tip on surveillance or cybercrime? Get me on Signal at +1 929-512-7964.

THE BIG STORY:

Ransomware Causes Global Travel Delays

(Photo by Leon Neal/Getty Images)

Getty Images

American software maker Collins Aerospace was hacked last week and the target is believed to be its Muse tool, used for automatic checkins and boarding at airports. That led to delays and cancellations across major airports in Europe, from London to Berlin.

According to the BBC, this was part of a ransomware attack, though it’s unknown whether Collins is negotiating with the hackers or if it found another way to get its systems back online.

Stories You Have To Read Today

The Secret Service found a secret communications network of 100,000 SIM cards and 300 servers located within 35 miles of the UN General Assembly taking place in New York. It’d been “used to conduct multiple telecommunications-related threats directed towards senior U.S. government officials,” the Secret Service said, but could also have been used to take down mobile connectivity. It also appears to have been used by “nation-state threat actors and individuals that are known to federal law enforcement” for private communication.

A cyberattack that hit Jaguar Land Rover earlier this month has had a severe impact on the automotive supply chain, Wired reports. Production lines have been shut down and thousands of jobs, as well as tens of millions of dollars, may also be lost as a result. Manufacturing will continue to be shut down until at least the start of October, Sky reports.

In the last week, Forbes found ICE bought social media surveillance tech banned by Meta and a robot that’s capable of going up stairs and opening doors, as it looks to arm its agents ahead of a hiring surge. Meanwhile, Google gave ICE data on a student before he had the chance to challenge a subpoena for his Gmail account, raising concerns about how big tech is providing data to the immigration agency, The Intercept reports.

Winner of the Week

AI security startup Irregular, previously known as Pattern Labs, has announced $80 million in funding across seed and Series A rounds led by VC giant Sequoia Capital. Now valued at $450 million, it works with frontier AI labs to test models for their capacity to do evil, such as helping cybercriminals code malware or break into a network.

Loser of the Week

U.K. national Thalha Jubair has been charged for his alleged role in a prolific cybercriminal group called Scattered Spider. The crew has claimed as many as 120 scalps and extorted nearly 50 American companies, leading victims to pay at least $115 million in ransom payments. Among its victims are British corporate giant Marks & Spencer and major casinos in Las Vegas. Jubair was also one of two Brits charged for an attack on Transport For London, which runs the Underground and bus networks in the English capital city.