An Israeli security company has claimed it hacked an ISIS forum and disclosed where members of the terrorist organization might be planning future attacks.
Intsights, a firm based in Israel that specializes in digital intelligence services, told Israeli TV station Channel 10 that it located a forum on the dark web. It was hosted through Telegram, which provides a layer of security for users who post messages.
As Alon Arvatz, co-founder of Intsights, told the media:
“Telegram is completely encrypted and there’s no fear that someone will intercept the messages and understand what you wrote.”
The Israeli company went on to report that the forum contained a list of past attacks carried out by ISIS, including one instance where two ISIS members used knives to kill an 85-year-old Catholic priest in a church in northern France.
The forum is also said to have included a world map highlighting future attacks against military bases operated by the United States, the United Kingdom, Canada, and other Western European nations. It also listed Israeli air force bases as upcoming targets.
Arvatz and the other founders of Intsights have not disclosed how they hacked into the ISIS forum. However, the Herzliya-based company is primarily run by former members of the Israel Defense Forces’ (IDF) intelligence division, which means they probably had the skills and/or contacts to gain access to the dark web terrorist hub.
But that begs the question: should they have hacked the forum in the first place?
Some may argue that the security companies are also politicizing themselves and could, by extension, alienate users who might not agree with their position.
Then again, that might not be it at all. Perhaps someone at the IDF asked Intsights to hack the forum, or maybe it was a public-private takedown of ISIS forums. In that case, shouldn’t the Israeli government take the lead on disclosing (or keeping secret) the hack lest Intsights inadvertently jeopardize an important piece of national security?
These are the questions many security firms – and researchers more generally – confront on a day-to-day basis.
What are your thoughts? Were Intsights right to hack the forum and then share details with the media? Let us know in the comments.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.