Margaret Coker, Danny Yadron And Damian Paletta, Wall Street Journal
28 August 2015
Targeting of Islamic State’s electronics expert shows how digital warfare has upset balance of power on modern battlefield
U.S. and British officials decided earlier this year that a hacker needed to die.
Junaid Hussain, a British citizen in his early 20s, had risen fast to become a chief in Islamic State’s electronic army. One person familiar with the matter said he hacked dozens of U.S. military personnel and published personal and financial details online, including those of a general, for others to exploit.
He helped sharpen the terror group’s defense against Western surveillance and built hacking tools to penetrate computer systems, said people familiar with the matter.
Mr. Hussain was killed by a U.S. drone strike on Tuesday while he was in a car in Raqqa, Syria, U.S. officials said. That he was targeted directly shows the extent to which digital warfare has upset the balance of power on the modern battlefield.
Islamic State didn’t build a large cyber force like the U.S.’s National Security Agency or China’s People’s Liberation Army. Instead, it had people like Mr. Hussain, a convicted hacker whose suite of inexpensive digital tools threatened to wreak havoc on even the world’s most-powerful country. Islamic State communications described him as one of the group’s secret weapons, said one person who has seen them.
U.S. officials said they believe Mr. Hussain played an important role in recruiting two American Muslims to open fire in Garland, Texas, this spring on a contest for cartoon depictions of the Prophet Muhammad. He also frequently hacked into U.S. service members’ Facebook accounts to determine personal details and future targets, one of the people familiar with the probe said.
“If you don’t have anybody who is kind of fluent in computer operations, you’ve got a problem,” said Michael Sulmeyer, a former cyberpolicy expert for the Pentagon now at the Belfer Center for Science and International Affairs at Harvard University’s John F. Kennedy School of Government. “The ballgame is pretty much the coder or the individual.”
Mr. Hussain drew attention from U.S. and British intelligence and military agencies in part because of his efforts to recruit and incite violence, said one U.S. official. His importance to Islamic State made him a legitimate target, the official said. “Leadership: That is what gets our attention.”
Islamic State hasn’t confirmed Mr. Hussain’s death, as it sometimes does after operatives are killed in drone strikes. Eulogies from Islamic State supporters, including one man who like Mr. Hussain grew up in the West Midlands city of Birmingham, England, began trickling through Twitter on Thursday.
In the 14 months since Islamic State announced it had formed a caliphate, the group has carved out a state of sorts in Iraq and Syria. Since last fall, when U.S. officials began tracking Mr. Hussain, the terror network also started to strengthen its cyberwarfare capabilities, adopting cutting-edge encryption technology and boosting its attempts to recruit hackers to even the odds against major Western powers.
Mr. Hussain grew up a book-smart teenager, according to court records and several people familiar with his case. He was planning to study computer science.
Before graduating from high school, however, he joined a group of British teens in a hacking collective called Team Poison. Using the handle “Tr1ck,” Mr. Hussain claimed responsibility for hacking into the email account of an assistant to former Prime Minister Tony Blair. Mr. Blair’s personal details, including his National
ID number, the equivalent of a Social Security number, were published online.
A British court found Mr. Hussain guilty and he served a prison sentence.
Birmingham police in July 2013 arrested him for involvement in a street fight. While awaiting trial, he fled to Syria, U.K. officials said. By January 2014, he was communicating online with other British Muslims about how to join Islamic State, according to court documents.
Once living in Islamic State territory, Mr. Hussain re-emerged with a new online persona: Abu Hussain al-Britaini.
U.S. officials began to view Mr. Hussain as a top threat because he was on the leading edge of Islamic State efforts to recruit in the U.S. He would post names, addresses and photos of U.S. troops on his Twitter feed and suggest followers find and kill the person. In several instances, the Federal Bureau of Investigation and Defense Department set up 24-hour watches around targeted service members, a person familiar with the situation said.
Mr. Hussain developed a hacking tool, or malware, that could be used to spy on other machines, called a remote access Trojan, or RAT. He was training other Islamic State members in how to use hacker techniques, people familiar with the case said.
In at least one interaction, according to a Wall Street Journal review of online communications, he discussed the possibility of obtaining a zero-day exploit – hacker jargon for software that takes advantage of flaws in commercial software, such as Microsoft Word, unknown to that developer. Because they are unknown, they are almost impossible to stop.
Islamic State leaders have long communicated on a variety of platforms such as Facebook Inc. that U.S. officials can easily tap through court orders. Computer-security types such as Mr. Hussain, however, are notorious for being cautious with digital communications. After Mr. Hussain moved into a leadership role in the group’s so-called hacking division, Islamic State began ordering and teaching its commanders and followers to tighten its security awareness.
In December, Islamic State issued an order banning fighters from using devices equipped with location-tracking software, particularly Apple Inc. devices. By May, members were tweeting to throw out Samsung Galaxy smartphones as well.
This year, Islamic State officials started warning against using WhatsApp, the popular messaging app owned by Facebook, for fears it was being monitored. Officials said operatives should use one of several Western encrypted or hard-to-track messaging apps, such as Surespot, Telegram or Kik, according to security memos reviewed by The Wall Street Journal.
In August, Islamic State supporters lighted up social media over an apparent cyber bombshell. IS Hacking Division claimed responsibility for hacking into the social-media accounts of hundreds of U.S. military members. The group published lists of 1,481 names, departments, email addresses, passwords and phone numbers, warning, “we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data.”
The hacked list of U.S. military names was retweeted on Aug. 11 by @AbuHu55ain_911, the last known social-media profile on Twitter for Mr. Hussain.
That feed has since been deleted, as has the Twitter feed of his wife, a 45-year-old British onetime punk rocker named Sally Jones who converted to Islam and traveled to Syria to marry Mr. Hussain.
Mr. Hussain appears to have institutionalized Islamic State’s interest in fostering an electronic army. Supporters send daily entreaties to Muslims around the world to move to the caliphate. They also regularly make specialized recruitment drives. A list of needed professional skills published on Islamic State media outlets on Jan. 3 included hackers, “penetrators” and computer programmers.
Julian E. Barnes in Brussels and Alexis Flynn in London contributed to this article.