How the Islamic State Is Disrupting Online Jihad

In this April 23, 2013 file photo, a suspected Yemeni al-Qaida militant, center, holds a banner as he stands behind bars during a court hearing in state security court in Sanaa, Yemen.

Hani Mohammed/AP

AA Font size + Print

In this April 23, 2013 file photo, a suspected Yemeni al-Qaida militant, center, holds a banner as he stands behind bars during a court hearing in state security court in Sanaa, Yemen.

The Islamic State group’s use of social media for messaging has drawn plenty of attention. But their use of the web to mount terrorist attacks is just as revolutionary.

Since the May 4 attack by two gunmen in Garland, Texas, the top US spymasters have been taking turns to ring the alarm bells about ISIL’s growing internet threat. FBI director James Comey has warned that the terrorist organization has “thousands” of online followers in the US. Homeland security secretary Jeh Johnson has raised the specter of lone-wolf jihadists who can “strike at any moment.” And Mike Rogers, director of the National Security Agency, has noted that the group’sability to recruit online is “clearly increasing.”

We’ve heard all this before: The intelligence community has been talking up the threat of online jihad for years. And indeed, ever since the Yemeni-American preacher Anwar al-Awlaki began to upload hate-spewing videos a decade ago, the internet has been a useful recruiting and propaganda tool for terrorist groups.

Awlaki was the leading propagandist for Al Qaeda in the Arabian Peninsula until he was killed by a US drone strike in 2011. He is believed to have recruited—or at least tried to enlist—many wannabe terrorists in the US. His email exchange with Nidal Hasan helped persuade the Fort Hood shooter to open fire on his fellow soldiers, killing 13.

AQAP and other Al Qaeda affiliates continue to use Awlaki’s techniques for online messaging and recruitment, but Western intelligence agencies have become smarter about monitoring the internet to interdict web-enabled terrorist plots. (Some still slip through the cracks, as with the case of the Charlie Hebdo gunmen.)

Now ISIL—the group also goes by ISIS, and the Islamic State—is disrupting Awlaki’s playbook, in a way that makes it much harder for intelligence agencies to spot terrorist plots. ISIL’s use of social media as a propaganda tool has already drawn plenty of attention, but the group’s use of the web to mount terrorist attacks is just as revolutionary.

The difference is in the amount of online planning involved. AQAP has used the internet to mount elaborate attacks—requiring careful coordination and frequent communications with a handler in Yemen. Recruits are encouraged to travel to Yemen for training, just as the Kouachi brothers did in preparation for the Charlie Hebdo attack.

ISIL, on the other hand, seems uninterested in any kind of build-up for an attack. The two men behind the attack in Garland didn’t have long exchanges of emails with a handler; nor did they travel to Syria or Iraq for training. One of them, Elton Simpson, used his Twitter account to name-check an ISIL hacker.

(See also: Three Steps To Destroy ISIS on Twitter)

News of the attack was cheered by ISIL supporters on social media, but it wasn’t until a day later that ISIL claimed the two men were its “soldiers.”

Rather than micro-manage attacks, ISIL seems content to encourage followers to essentially go it on their own, with some general guidelines on who and what to target. The instructions from the group’s self-styled “caliph,” Abu Bakr al-Baghdadi, are no more specific than “erupt volcanoes of jihad everywhere.”

This DIY jihad means ISIL has no responsibility for any attack until it chooses, retroactively, to take responsibility. An attack that succeeds can be embraced, accompanied by much chest-thumping on social media, while one that fails can conveniently be ignored. This is also attractive to would-be terrorists, because they are not required to go through any indoctrination process, to demonstrate their jihadi chops, or to travel halfway across the world for training.

For intelligence agencies, DIY jihad means there are few clues available in the lead-up to an attack—no email or chatroom messages to monitor. As the DHS’s Johnson points out, “we could have little or no notice in advance of an independent actor attempting to strike.” The attackers, being self-starters, may not show up on any radar until the moment of the attack. Finding lone-wolf terrorists was already like looking for a needle in a haystack. ISIL has made the needle smaller.

Close [ x ] More from DefenseOne