ISIS-linked hacker Ardit Ferizi pleaded guilty Wednesday to stealing the personal information of about 1,300 U.S. military personnel and then giving it to Iraqi terrorists, according to the Justice Department.
Ferizi, a 20-year-old Kosovan who used the name “Th3Dir3ctorY” online, admitted he hacked into the protected computers of an unnamed retail company, providing the terrorist group with “the personally identifiable information of over 1,000 U.S. service members and federal employees,” Assistant Attorney General John Carlin said in a statement.
Officials said Ferizi acted “in an attempt to incite terror attacks.”
When FBI first arrested Ferizi in October, he became the first person charged for terror-linked hacking. “The case against Ferizi is the first of its kind, representing the nexus of the terror and cyber threats,” Carlin said.
After accessing the information, Ferizi provided it to ISIS online recruiter Junaid Hussain. During the summer of 2015, Hussain tweeted a document containing the information of about 1,300 different personnel, which include military members. Then in August, Hussain was killed in a drone strike in Syria
“We are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!” the tweeted document said.
At his sentencing on Sept. 16, Ferizi will face a maximum sentence of 25 years in prison and “agreed to a stipulated order of removal to Kosovo upon completion of his criminal sentence. “
“Cybercrime knows no boundaries and our efforts to dismantle these operations would be impossible without international collaboration,” Special Agent in Charge Michelle S. Klimt said. “The FBI will continue to vigorously investigate these crimes and work with our international partners to track down and arrest those who steal from our nation and citizens.”
Overall, the indictment could deter people from treating hacking like a victimless act, even if the hacker is just a pawn to other terrorists, like Ferizi, said Jeffrey Carr, the founder and CEO of Taia Global. Carr has also investigated cyber warfare in Russia and India.
“I think this sets a precedent, especially to hackers or hacking activities, if it can be tied to a known terrorist, or if the definition of terrorism is expanded in some ways to include additional acts, I think you can expect to see more serious charges being levied against other hackers.”
Contact the reporter on this story via email: Jeremy.Snow@FedScoop.com. Follow him on Twitter @JeremyM_Snow. Sign up for the Daily Scoop — all the federal IT news you need in your inbox every morning — here: fdscp.com/sign-me-on.