How The U.S. Hacked ISIS
In August 2015, the NSA and U.S. Cyber Command, the military's main cyber arm, were at a crossroads about how to respond to a new terrorist group that had burst on the scene with unrivalled ferocity and violence. The one thing on which everyone seemed to agree is that ISIS had found a way to do something other terrorist organizations had not: It had turned the Web into a weapon. ISIS routinely used encrypted apps, social media and splashy online magazines and videos to spread its message, find recruits and launch attacks.
A response to ISIS required a new kind of warfare, and so the NSA and U.S. Cyber Command created a secret task force, a special mission, and an operation that would become one of the largest and longest offensive cyber operations in U.S. military history. Few details about Joint Task Force ARES and Operation Glowing Symphony have been made public.
Four teams sat at workstations set up like high school carrels. Sergeants sat before keyboards; intelligence analysts on one side, linguists and support staff on another. Each station was armed with four flat-screen computer monitors on adjustable arms and a pile of target lists and IP addresses and online aliases. They were cyberwarriors, and they all sat in the kind of oversized office chairs Internet gamers settle into before a long night.
It looked like a giant bingo card. Each number represented a different member of the ISIS media operation. One number represented an editor, for instance, and all the accounts and IP addresses associated with him. Another might have been the group's graphic designer. As members of the terrorist group slept, a room full of military cyber operators at Fort Meade, Md., near Baltimore was ready to take over the accounts and crash them.
They brought in experts in counterterrorism who understood ISIS and had watched it evolve from a ragtag team of Iraqi Islamists to something bigger. There were operators — the people who would be at the keyboards finding key servers in ISIS's network and disabling them — and digital forensics specialists who had a deep understanding of computer operating systems.
"They can say this is good, this is bad, this is where the files are located that we're interested in," he said. He found analysts, malware experts, behavioralists and people who had spent years studying the smallest habits of key ISIS players. The mission, he explained to them, was to support the defeat of ISIS — to deny, degrade and disrupt them in cyberspace.
This was more complicated than it sounded.
For more details read at NPR website