You are not logged in. LOG IN NOW >

The Rising Fight Against ISIS on Social Media

BY Onnik James Krikorian | Thursday, March 12 2015

Typical Twitter profile pictures used by ISIS supporters (Photo courtesy J.M. Berger and Jonathon Morgan)

In 2013, Humera Khan, Executive Director of D.C.-based think tank Muflehun, watched as a teenager was radicalised and recruited on Twitter. “Over the course of two years,” she recently recounted for Foreign Affairs, “that individual went from an activist championing minority rights to supporting Jabhat al Nusra (al Qaeda in Syria), and in a final shift of allegiance, to one of the the largest distributors of ISIS propaganda. He is now in Syria.” Despite reporting the case to the law enforcement agencies in the United States, Khan says her warnings fell on deaf ears.

But in the wake of a sophisticated online media campaign that includes a number of gruesome videos of beheadings, governments are starting to take the use of social media by groups such as ISIS more seriously. Previously, and even though U.S. President Barack Obama had established the Centre for Strategic Counterterrorism Communications (CSCC) in 2011 with its Digital Outreach Team (DOT) sending out its own salvo of tweets initially targeting al Qaeda supporters, Countering Violent Extremism (CVE) practitioners such as Khan considered official initiatives ineffective.

“Trolling is ineffective for CVE and meaningful dialogue is needed with individuals, even when we disagree with everything they represent,” she told techPresident in July last year. However, with few others engaging alongside Khan, it also probably came as no surprise that upon taking up his appointment as Director of GCHQ, the British intelligence and security agency, Robert Hannigan wrote that the “largest US tech companies […] have become the command-and-control networks of choice for terrorists and criminals” in a controversial op-ed published by the Financial Times in November.

The words were harsh, and echoed by other government officials concerned that Twitter and other networks are being used for recruitment, but few had actually conducted any real analysis of how groups such as ISIS were using online social networks. That is, until the Brookings Institution published a report last week by counter-terrorism (CT) expert J.M. Berger and Ushahidi technologist Jonathon Morgan. Funded by Google Ideas, the report examines how important networks such as Twitter were to ISIS. The study, which was conducted from September to December last year, showed that it had at least 46,000 accounts, but not more than 70,000.


Photo courtesy J.M. Berger and Jonathon Morgan

It also found that more and more accounts have been suspended since the beheading of American hostage James Foley in August last year. Even so, that hasn’t prevented hacktivist collective Anonymous from demanding Twitter do more to prevent the flow of pro-ISIS propaganda. Ironically, even what it has done has already resulted in death threats made towards its employees earlier this month.

Berger believes the criticism is unwarranted. “Twitter has suspended thousands of accounts in recent months and picked up the pace in recent weeks,” he told techPresident. “Where Twitter can do better is by providing more detailed and robust rules for users so that there are clear guidelines on what sort of content qualifies for suspension. I would also like to see all social networks start disclosing information about who they suspend and for what reason, with reasonable privacy protections.”

The co-author of a new book, ISIS: The State of Terror, Berger also notes the complexities surrounding any discussion of the use of social media sites by terrorist groups.

“For my own work, Twitter has been very important,” he says, “and over time I think it has proven its worth as an intelligence tool. For instance, ISIS broadly telegraphed its intention to declare itself a “caliphate” on Twitter months in advance of the actual announcement. Twitter also allowed me to see, very early, that key al Qaeda supporters were defecting to ISIS. More recently, Twitter activity showed that Boko Haram was getting ready to establish a more formal relationship with ISIS."

But as important a tool for intelligence gathering as it may be, it is also just as important for ISIS to accomplish its goals. “I think the current situation, where ISIS networks are under heavy pressure but are not completely eradicated, may represent the best balance,” Berger explains, “but I am also sympathetic to those who would like to see more aggressive action taken against ISIS online.”

Yet, even if suspensions have disrupted ISIS’ ability to communicate its message online, visualizations in the report also show that suspending accounts could isolate supporters in their own virtual bubbles, perhaps with unintentional and possibly undesirable consequences.


Photo courtesy J.M. Berger and Jonathon Morgan

“Their presence on social media helps clarify where they are recruiting and allows for the possibility of intervention online,” he says. “Pressuring the network creates a closed environment in which ISIS supporters talk more to each other than to people outside the network, meaning that while it’s harder to get into their network, people might radicalize more quickly once they are in. Again, we need more study and data, but I think it is very important to explore this issue as soon as possible.”

Berger also acknowledges the importance of ICT4D (Information and Communication Technology for Development) specialists such as Morgan, who for his own part explained to techPresident how data was collected. Starting with a core group of 450 seed accounts, around two million others were extrapolated with machine learning applied to assess which were likely to be ISIS supporters. Berger’s deep domain experience, however, was vital in identifying the starting point.

“Complex data science techniques are great for finding patterns and crunching numbers,” Morgan says, “but without the intuition earned by years of investigation, it's hard to know which patterns are meaningful, or even which numbers are worth crunching in the first place. His intuition about how a user's relationships might indicate tacit, or even explicit, support was invaluable. J.M. is already a very technical guy, but if he's Kirk, I'm Spock.”


Photo courtesy J.M. Berger and Jonathon Morgan

With Google, Facebook, and Twitter already working with CVE practitioners to some extent, such collaboration might not be new, but it is arguably the first high profile and most public example of cooperation. Until now, Morgan believes, the lack of technology specialists in the world of CT and CVE created inertia. Simply put, many in government and civil society simply don’t understand how current technologies can be used to address the threat posed by ISIS.

“I think many don't have enough knowledge about what is actually involved,” he explains. “When most people think of fighting terrorism, they think of military or intelligence operations, but what technologists don't often understand is that, at least for us, this work doesn't involve riding through embattled neighborhoods in Damascus collecting data on our laptops, or surreptitiously swapping flash drives with spies. The same kind of analyses we already do each day on public and private data is useful in this context too.”

Nevertheless, cooperation between technologists, CT specialists, and government raises questions for those engaged in Internet freedom issues, especially in light of statements from GCHQ and earlier revelations about National Security Agency (NSA) snooping from whistleblower Edward Snowden. With many governments urging social media sites to shut down access or hand over user data, free speech advocates and others warn that current government policies could usher in an era of Internet censorship and surveillance. The Brookings report also recognizes the danger.

“It’s a dilemma for companies, for sure, but at the same time, the companies are providing the platform on which these threats are made, so they have some responsibilities here, both to the general public and to their employees,” says Berger. “I think the place to start is simply getting a lot of people into a room for a frank and open conversation. Until we sit everyone down to talk, we won’t know what common ground we can find. If we do that, everyone can air their concerns and put them on the table for consideration.”

And on March 5 - 6, VOX-Pol, a new European Union-funded network for academic research into the problem, did just that, conducting a workshop in Budapest on the role of social media and Internet companies in responding to online extremism. Although CVE practitioners were absent, social media companies, law enforcement agencies, and free speech activists attended. “It was a start in terms of getting a diversity of stakeholders together and putting the relevant issues on the table,” VOX-Pol’s Maura Conway told techPresident.

“In particular, with law enforcement on one side, and privacy and free speech activists on the other, each mentioned how relatively rare it is for them to sit down and exchange views,” she says, echoing Berger and Morgan’s recommendations in the report. “No general consensus was arrived at, but there was definitely an appetite for conversation and debate on all sides. Almost everybody agreed that open multi-stakeholder discussions such as these are useful and need to continue.”

Albeit still in its infancy, that conversation gained most prominence earlier this year when President Obama convened a three-day Summit on Countering Violent Extremism at the White House. It also looks set to continue at South by Southwest (SXSW) later this month, when J.M. Berger and Jonathon Morgan again present their Twitter study. Humera Khan will also be part of another panel which aims to bring together government officials, NGOs, and the tech community to explore ways to counter violent extremism online.

“I think this is essential,” says Morgan, “particularly as terrorist organizations like ISIS are increasingly sophisticated in how they use technology to pursue their objectives. CVE and CT practitioners are in the best position to identify the most pressing objectives in the fight against terrorism, but technologists are in the best position to come up with real solutions.”

Onnik James Krikorian is a journalist from the U.K. and was formerly the Caucasus Regional Editor for Global Voices. Since 2013 he has participated as a speaker, discussant, and moderator at Countering Violent Extremism (CVE) seminars and expert working groups organised by the Centre for Strategic Counterterrorism Communications (CSCC), Global Counterterrorism Forum (GCTF), Hedayah Centre, International Centre for Counterterrorism (ICCT) — The Hague, and Organisation for Security and Cooperation in Europe (OSCE).