The attack was part of a larger campaign: In a matter of weeks, violent ISIS operations befell Jordan, Bangladesh, Yemen, Afghanistan, Indonesia and Saudi Arabia. Locals carried out the attacks, but the inspiration and timing came from ISIS leadership.
Fighting such a widespread assault means figuring out how to defeat an enemy that spreads in secret, popping up inside far-flung countries like a viral epidemic. In Paris, Belgium, the U.S., and elsewhere, ISIS has used the global reach of the Internet to gain recruits, funnel money, and coordinate attacks. Now, the U.S. is finally making that shift: using the Internet to fight back.
NOW, THE U.S. IS FINALLY USING THE INTERNET TO FIGHT BACK.
This year, the Pentagon officially sicced Cyber Command on ISIS. "I have given the Cyber Command really its first wartime assignment," Defense Secretary Ashton Carter told reporters after a speech in April. "It means interrupting [ISIS's] ability to command and control their forces, interrupting their ability to plot against us here and anywhere else…[and] interrupting their finances." Admiral Mike Rogers, the dual-hatted chief of Cyber Command and head of the National Security Agency, told Congress there will be 27 combat mission teams ready to launch offensive cyber missions by 2018. Some hackers will even be deployed overseas.
So-called "lone wolf" attacks like the shootings in Orlando and San Bernardino, meanwhile, are perpetrated by ISIS sympathizers with few real ties to the group. These are decentralized actions, and the best ways to stop them haven't changed: following up on leads given to local law enforcement by friends and family. That said, military cyber teams could blunt ISIS's international reach by denying them tools of mass communication. This sort of mischief sounds easy, but quickly identifying and stopping the information flow on social media is a challenge. One 2015 report from the Brookings Institute tallied 46,000 Twitter accounts used by ISIS supporters between September through December 2014.
IT'S A LOT LIKE THE ONLINE RELATIONSHIP CON OF CATFISHING, ONLY AGAINST REALLY BAD GUYS.
To disrupt attacks, the Pentagon is considering some tried-and-true tricks—the ones perfected by crooks. ISIS communicates across nations using the Internet, like everyone else, and like everyone else they can be tricked into downloading tainted programs, what pros call phishing. "Insurgents often send each other e-mail attachments," Borg says. "They are just as likely to be fooled into opening malicious ones as the general population."
Another rich target for cyberattacks is finance. When ISIS has cash in a warehouse, American warplanes bomb it. When that money is stored in a digital form, cyber attackers can clean out those accounts. Even better, almost any cyber attack can be made to look like someone within the organization did it, creating infighting and mistrust.
The idea of the military using cyberspace to attack enemies might put fear in the minds of civil libertarians and Edward Snowden admirers. But the Pentagon's rules of engagement are more strict than the CIA's, which introduces tighter controls over the use of cyber tools than the limits put on spy agencies. Meanwhile, data scientists are getting the opportunity to serve their country in ways that have never before been possible. It may only be a matter of time before someone gets a medal for valor without ever leaving a desk.
