A Kosovan man has been arrested in Malaysia after allegedly hacking into databases containing the personal information of 1,351 US military and government employees and passing the information to the Islamic State in Syria.
Ardit Ferizi, 20, is known in hacking circles as "Th3Dir3ctorY" and leads a group called Kosova Hacker's Security, the US Department of Justice said Thursday. Malaysian police accused Ferizi of passing the names, locations, phone numbers, email addresses and passwords of US military and federal employees to Junaid Hussain of the Islamic State between June and August to help incite terrorist acts against them. He's set to be extradited to the United States.
"Early investigation found the suspect communicated with [a] right hand man...of IS terrorist group in Syria to hack a few servers containing information and details of US security personnel and team," Reuters reported the Malaysian Police as saying. "The details were then transferred to the operation unit of the IS group for further action."
Ferizi's alleged actions demonstrate how computer attacks and conventional warfare are blending and, as a result, how the Internet allows IS to reach beyond its power base in the Middle East and North Africa. IS also has been adept at using social media campaigns to spread its message and attract recruits around the world.
Islamic State's hacking division tweeted the news that it had gotten the information with a link to a 30-page document containing the stolen details in hopes of encouraging attacks against the individuals.
"We are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands," the document read, according to the US Attorney's Office.
Describing Ferizi as a "terrorist hacker," Assistant Attorney General for National Security John Carlin said the case is the first of its kind.
"National security is compromised by computer intrusions, and Ferizi is charged with obtaining the personal identifying information of US military and government personnel and providing it" to the IS, added US Attorney Dana Boente. "We will investigate and prosecute these cyberattacks to fullest extent of the law."
If convicted, Ferizi could face 35 years in prison, the Department of Justice said.