Courts & Litigation Criminal Justice & the Rule of Law Terrorism & Extremism

International Terrorism Prosecutions: ISIL Cyber Attacks

Nora Ellingsen
Tuesday, September 27, 2016, 9:59 AM

On Friday, September 23rd, a federal district court in the Eastern District of Virginia sentenced Ardit Ferizi, a citizen of Kosovo and resident of Malaysia, to 20 years in prison for providing material support to ISIL and accessing a protected computer without authorization and obtaining information in order to provide material support to ISIL.

Published by The Lawfare Institute
in Cooperation With
Brookings

On Friday, September 23rd, a federal district court in the Eastern District of Virginia sentenced Ardit Ferizi, a citizen of Kosovo and resident of Malaysia, to 20 years in prison for providing material support to ISIL and accessing a protected computer without authorization and obtaining information in order to provide material support to ISIL.

According to the government’s sentencing memo and press release, the 20-year-old hacker—who was previously arrested several times for cyber crimes in Kosovois the first person to be effectively prosecuted in the U.S. for a combination of terrorism and hacking. The government alleges that the defendant indefinitely put the lives of 1,300 U.S. military members and government employees at risk when he passed their personal identifying information to ISIL as part of the terrorist group’s plan to “crowdsource” terrorism.

From April 2015, Ferizi began supporting ISIL by administering a website that hosted ISIL videos and Dabiq, ISIL’s English language magazine. The complaint and supporting affidavit allege that Ferizi then graduated to providing ISIL with the personally identifiable information (PII) of individuals in “kuffar” countries that were attacking the United States. Several months later, he took a leap forward when he hacked into the server of an Illinois-based company that sold goods to customers in the United States and abroad. Many of those customers were U.S. military and other government personnel, easily identified by their “.gov” or “.mil” email addresses in the system.

According to the statement of facts accompanying the plea agreement, Ferizi subsequently sent the 27 pages of PII to the now-deceased Junaid Hussain, who released the information via Twitter on August 11th under the name “Islamic State Hacking Division.” ISIL encouraged its supporters to attack the named individuals and warned that "we are extracting confidential data and passing on your personal information to the soldier of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!" The "kill list" included residents of the Eastern District of Virginia.

Aside from being one of the first cyberterrorism cases in the country, this case is interesting in that it highlights the extensive cooperation between the government and industry in the aftermath of the hack. Less than two days after the list was published, the victim company contacted the FBI to report a threatening message it had received—Ferizi, unidentified at the time, had sent a threatening email after the company deleted the malware he had placed on the server in order to gain access to their systems. The company quickly provided the FBI with consent to review all information related to their website, which eventually led to the identification of the defendant, via a Malaysia-based IP address.

Presenting a contrast to the cumbersome extradition process in the Irfan Demirtas case, Ferizi had his initial appearance in the U.S. within six months. In September, Malaysian authorities detained Ferizi as he was attempting to leave the country. Like Demirtas, who was charged in the U.S. after he was already under the control of a foreign service, Ferizi was charged via a sealed complaint on October 6th. On October 12th, Malaysian authorities provisionally arrested him at the request of the United States; the case was unsealed three days later, and, on January 22, 2016, Ferizi was extradited to the United States.

In a separate case arising out of the Northern District of Illinois, Hasan R. Edmonds and Jonas M. Edmonds were sentenced to 30 and 21 years, respectively, for conspiring to provide material support to ISIL, according to the Justice Department’s press release.

The two cousins were arrested in March 2015, after planning to carry out an armed attack at the U.S. Army National Guard base in Joliet, Illinois, about 45 minutes southwest of Chicago. Like Bailor Jalloh and Michael Teausant, Hasan Edmonds was a member of the Army National Guard. According to the complaint, Hasan also planned to travel to the Middle East to fight for ISIL.


Nora Ellingsen is a third-year student at Harvard Law School. Prior to graduate school, she spent five years working for the FBI's Counterterrorism Division. She graduated cum laude from Northwestern University with a B.A. in Psychology and Political Science.

Subscribe to Lawfare