Entertainment

Binge This

Politics

Non-Partisan, but Not Neutral

Half Full

Eat. Drink. Think.

Arts and Culture

Style, Sex, Media, and The Stage

Photo Illustration by The Daily Beast
RUNNING AMAQ

They Planted Porn in ISIS Propaganda, Just for Starters, Then Sowed Chaos and Confusion in the 'Caliphate'

A small group of Iraqi hackers figured they could do a better job fighting ISIS online than most governments—and they did. And do. With a vengeance.

Gareth Browne11.21.17 5:00 AM ET

BEIRUT—Six young Iraqis are taking a strategy straight out of the Kremlin’s mischievous playbook, but with no thanks to Moscow. They’re using hacked accounts to attack the so-called Islamic State and fake news to disrupt its “virtual caliphate.”

Given the dangers they face, the six people who make up the little group calling itself, with conscious irony, “Daeshgram”—its name melding the Arabic acronym for ISIS and Instagram—are forced to live something resembling double lives. Four of them work professionally in information technology and cybersecurity, one is an engineer, the other a student—all of them live in Iraq. Their families and friends know nothing of their efforts to push back against ISIS.

If the streets of Mosul were Iraq’s physical frontline against the jihadists, then surely it is the social media channels and encrypted messaging applications that serve as the front line against the cyber caliphate, and these young geeks are deep in the trenches.

Nada and Ahmed are two of those six. For obvious reasons they wanted to use aliases for this story. They formed Daeshgram around a year ago.

“We started thinking about how we could fight them online,” says Nada. “We were always messing around on the internet with each other anyway. ISIS are still a threat to Iraq, to Syria, even the world. So we started looking into exactly what might be effective on social media, and on Telegram. Back then, ISIS could do whatever they wanted on Telegram, we wanted them to know we were going to fight them on there too.”

As Twitter and Facebook began clamping down on extremist material, the encrypted messaging app Telegram became the group’s new hangout and means of distributing propaganda amongst its members across the globe.

It all began with “infiltrating their Telegram channels” says Nada, “we spent months observing, and pretending to be ISIS members. We studied how they behaved, the sort of language they used, and tried to take note of the unwritten rules.”

Even in the apparent safety of their own homes, where they gathered as Daeshgram on the weekends and after work, they would receive death threats “every now and then on Twitter, and Telegram from ISIS,” explains Ahmed. “‘We will find you, we will kill you.’ We just accepted that it is a part of our activities,” he adds. “We are IT experts, we take our cybersecurity extremely seriously.”

But, ISIS wasn’t the only danger—so genuine-looking was much of the media Daeshgram was publishing, and so deeply embedded within the jihadists’ online activities were they, that there were fears the Iraqi government might also be a threat.

Had they been caught, Daeshgram’s activities likely would have been difficult to explain to the Iraqi authorities. Much of their work has a nuance and patience misunderstood even by counterterror experts on ISIS. “I’m not sure they would have understood what we were doing, so we had to be extremely careful with our security,” said Ahmed.

The group was operating in a murky area and without government sanction. People have been jailed for far less when it comes to participating in such groups online. But despite committing hundreds of thousands of men from the Iraqi army, special forces, and various militias to fight ISIS on the ground in Mosul, Fallujah, and elsewhere, the Iraqi government made no provision for fighting the group online.

Telegram often served as a means of delivery, it allowed for proliferation of the group’s high-quality media output, everything from radio broadcasts and written statements to half-hour cinematic battle videos.

Some of Daeshgram’s early efforts saw them photoshop a pornographic scene into an image announcing the opening of a new media center in Wilyat Al-Khayar, an area that roughly correlates to Deir az-Zour in eastern Syria. The scene is amusing, if a little crass, but it served an important purpose.

“It let Daesh know that we were capable of replicating their media to a very high standard, it was the first seed of doubt,” explains Nada. However, they soon learned that to have the effect they desired “our output had to be subtle, and believable.” Nada adds, “We wanted to create items that ISIS members would not question and would share widely”—believability was key, as with all fake news.

In one effort some months ago, the group released an official-looking video warning that Amaq, ISIS’ official news agency which has become the go-to source for information on the group’s activities, had been hacked. It hadn’t, but so legitimate-looking was the warning that moderators on various Telegram channels began marking Amaq output from the day as fake, and warning members off it.

The confusion was growing.

In another instance, seeing a rumor that ISIS’ radio station Al-Bayan had been destroyed in an airstrike, the group produced a perfectly branded and edited audio statement in the style of Al-Bayan denying it had been taken offline. Their Al-Bayan piece was ambitious, but it appeared to work: It was downloaded without question almost 800 times, and it included information about ISIS losses on the battlefield, and the increasing number of ISIS fighters who were working as informants for Western governments, or outright defecting—topics official ISIS media outlets would never include.

Another effort saw the group create the fake Al-Adnani news channel, which at its peak had some 500 members. Controlling the channel gave the group nearly complete control over exactly what was posted and shared between members.

This tactic of imitation and subtle manipulation became the focus of their efforts; “We took their templates, and we started to manipulate the information on there, it was almost impossible to tell which statements were ISIS and which we had made,” said Nada.

Are they aware of just how controversial the rise of fake news has been, and is it ever an ethical strategy to adopt?

“Naturally we’re aware of the discussions across the globe about fake news and the harmful impact it has had on countries, especially in their elections,” says Nada. “Fake news has been used to destabilize functioning democracies.” But she claims the strategy is justified: “While the tactics we have used are indeed similar, we—in contrast to other actors—openly acknowledge that we are purposefully creating confusion to delegitimize and discredit Daesh propaganda.”

Just this past week, the group pulled off what they described as “a major operation,” the culmination of weeks of preparation with other groups.

Dubbed #ParalyzingAmaq the operation saw the main Amaq website taken down by a hack, and perhaps equally as significant, the website’s Firefox plugin, which automatically redirects followers to the latest incarnation of Amaq, was thwarted.

With the site down, the group began uploading some of the more than 40 duplicate Amaq sites it had created—many of them barely discernible from the original—even to the best-trained eye. These duplicate sites are being bandied about among dozens of Telegram sites as genuine, with ISIS members vouching for their authenticity.

The Telegram phenomenon has given birth to an industry of analysts and experts. Navigating the groups and channels which frequently shut down and respawn is not especially complex, but it is time consuming and requires near constant attention.

Some analysts were quick to criticise last week’s efforts to disrupt ISIS’ activities labeling it “a publicity stunt.” Others said it was “just annoying.”

When I put it to Nada and Ahmed that their operation largely flopped, Nada said the purpose of the operation was never merely to take down Telegram accounts, as some appear to have expected. It was “to sow discord and confusion, and to undermine the credibility of Amaq among ISIS supporters, particularly Arabic speakers,” said Nada. “We achieved that goal.”

Indeed a look at some of the popular channels frequented by ISIS suggests they are right: In one chat several ISIS members are seen bickering following Amaq’s hacking. “This channel is not official,” says one. Another replies, “How do you know it’s not official?” A third member interjects, “No, give your evidence.” Only for the first to respond, “You should be careful what you say to me.”

Ahmed points out that ISIS enforces stringent anti-discord rules on Telegram, as it does in the real world. Arguments, and the questioning of authority, will often see members banned.

“That discord, or fitna [the Quranic term used by ISIS] includes doubting any credible news outlet,” says Ahmed. He adds that, following Friday’s operation, “We made them break their own rules, we made them engage in debates regarding what was real, and what wasn’t.”

Nada concludes: “Journalists and analysts are not our target audience. Daesh supporters themselves, especially the Arabic speaking ones, are our target. Our main objective was to create confusion and discord, and we were able to do that. What Western analysts think is not really relevant to our work.

“ISIS supporters don’t know which Amaq sites to trust,” she said, so, “they don’t trust Amaq anymore.”

In the fight against the virtual caliphate, that is no small victory.

Cheat Sheet®

The 10 Most Important Stories Right Now

  1. 1. SILVER SCREEN

    Drudge: Mark Levin Getting a Fox News Show

    The show will reportedly feature legal, political, and social commentary.

  2. 2. THE RECKONING

    Norah O’Donnell on Charlie Rose: There Is No Excuse

    ‘CBS This Morning’ co-host spoke candidly about her colleague’s alleged sexual harassment.

  3. 3. POINTING FINGERS

    Officials Accuse Tillerson of Breaking Law on Child Soldiers

    A confidential internal “dissent” memo claims he violated the Child Soldiers Prevention Act.

  4. 4. HUSH MONEY?

    Weinstein ‘Used Legal Agreements’ to Hide Allegations

    He allegedly concealed the payouts by funneling the funds from his brother's account.

  5. 5. Special Offer

    Here are the Sleek Sunglasses You Need to Have Now

    Ad by Daily Beast Shop

  6. 6. SURPRISE!

    Putin to Speak With Trump After Hosting Assad in Sochi

    Kremlin says Putin discussed resolving Syrian conflict with his even more notorious counterpart.

  7. 7. OH OK

    ‘Saturday Night Live’ Women Defend Franken

    “Not one of us ever experienced any inappropriate behavior.”

  8. 8. UNDER FIRE

    DOJ Investigating Harvard Over Affirmative-Action Policies

    Ivy accused of failing to cooperate in conservative activist’s suit claiming it limits Asian-American admissions.

  9. 9. TARGETED

    More Than 50 Killed in Nigeria Suicide Bombing

    Largest mass killing this year in region under siege from Boko Haram.

  10. 10. ANOTHER

    Ex-Staffers Accuse Rep. John Conyers of Sexual Harassment

    Rep settled complaint by employee who said she was fired for rejecting his advances.