ISIS Now Doxxing Members of US Military
Doxxing — derived from the word 'documents' — is a common tactic used by online hacktivist groups such as Anonymous, wherein personally identifiable information about targets is posted on the internet. Over the weekend, about 100 U.S. military servicemen and women were doxxed by the group that calls itself the Islamic State.
The posting included soldiers' names, addresses, photos and other information, and it asked sympathizers to, "Kill them in their own lands, behead them in their own homes, stab them to death as they walk their streets thinking that they are safe."
The personal information was purportedly hacked from military data servers and posted on Polish social media site JustPaste.it.
Paul Scharre, former defense department official, now Fellow at the Center for a New American Security, shared how serious the threat is and what service members can do to protect their privacy.
Scharre says that at this point the government has been publicly downplaying the threat to military personnel but argues individuals should still be cautious.
"There are general force protection concerns for U.S. service members," he says. "There have been lone wolf attacks of this type in Canada and in Great Britain against military personnel in those countries. So it's certainly something to be concerned about, not just for these individuals, but also for military personnel at-large to be aware of their surroundings and to not stand out and make themselves a potential target."
According to Scharre, individuals on the list don't seem to be connected in any meaningful way to each other, or to a particular assignment that might be related to counterterrorism. Instead, he says, the group may have found these individuals through social media and other online sources.
"They seem to have pulled together sort of a random list of names of actual military personnel that they could find through open sources online," Scharre says. "Which again is a suggestion that military personnel should pay attention to operational security not just physically in their person, but also their digital presence online."