The Justice Department’s top national security official said Wednesday that even hacks that look like traditional cyberattacks could have ties to terrorist groups.
In one example, John Carlin, the assistant attorney general for national security, said a company saw a hacker enter its networks and steal personally identifiable information, a fairly common type of attack.
Companies deal with cyberattacks like these hundreds of times a day and rarely report them to authorities, he said at the Foundation for the Defense of Democracies Washington Forum. In this case, the company did contact law enforcement, which was able to link the intrusion to Junaid Hussain, a British-born member of the Islamic State killed by a U.S. airstrike in August.
Carlin said the accused hacker was an extremist living in Malaysia who was providing the stolen personal information to Hussain. The terrorist was then culling through that to find information on employees and troops, and posting that info to Twitter, asking supporters to kill the people they identified.
At the time of his death, Hussian had released the personal information of 1,300 U.S. government and military employees.
Reporting the attack to authorities also led to the arrest last year of Ardit Ferizi, the Kosovar hacker who had moved to Malaysia.
Carlin also spoke about the intersection of criminal prosecution and natural security in the cyberrealm, including the 2014 indictment of five members of China’s People’s Liberation Army.
The hackers, he said, allegedly stole things like the pricing information for solar equipment made by American companies so China could introduce its own goods in the U.S. market at a lower price, threatening to drive the U.S. company out of the business.
When the U.S. company sued the Chinese, the same hackers broke into the system again to steal its litigation strategy, he said.
