Site icon Sophos News

IS defector steals USB stick revealing 22K members identities

A disillusioned fighter has defected from the Islamic State (IS), bringing with him a stolen USB drive containing a wealth of intelligence about the group’s members.

The memory stick contained names, addresses, family contacts, phone numbers and more personal information of thousands of IS jihadis.

Both Sky News and The Guardian claim to have obtained the documents, which reveal the identities of 22,000 IS recruits.

The documents are believed to come from a border crossing into Syria and represent people who come from at least 51 countries, including the UK, northern Europe and the US.

Sky News reports that the fighter who defected is a former Free Syrian Army convert to IS who calls himself Abu Hamed.

He allegedly stole a memory stick from the head of IS’s internal security police, which insiders describe as being the group’s equivalent to SS.

The head of IS security police would have been entrusted to protect the terrorist group’s core secrets and is said to have rarely parted with the drive.

The documents on the drive contain a questionnaire with 23 questions that would-be recruits are required to fill out.

The questions ask for name, date and place of birth, hometown, telephone number, education and blood type, The Guardian reports.

They also asked recruits about any previous experience they had in jihad and whether they were prepared to be suicide bombers. One file, marked “Martyrs,” held the names of those fighters who wanted to carry out suicide attacks and were trained to do so.

The documents represent a major intelligence coup in that they reveal a number of previously unknown jihadis in the UK, across northern Europe, much of the Middle East and North Africa, as well as in the US and Canada.

Germany’s intelligence now has the documents.

The news was first revealed by the Munich-based Süddeutsche Zeitung paper and German broadcasters WDR and NDR on Monday evening. On Tuesday, Zaman al-Wasl, a pro-opposition Syrian news website, published examples of the questionnaires.

According to Zaman al-Wasl, personal details of 1,736 fighters have been revealed, with 25% being Saudis and the rest predominantly Tunisian, Moroccan and Egyptian.

The documents were apparently collected at the end of 2013.

Written in Arabic and stamped with IS logos, they allegedly give details of 16 British fighters, four from the US and six from Canada, as well as recruits from France and Germany.

Lost, unencrypted memory sticks have been a threat vector for years, be it from their role in losing sensitive data or as potential malware delivery devices dropped by crooks who hope the curious will plug them in.

As organizations are increasingly beset by cybercrooks picking apart their defenses, the story of IS being hit by this massive data breach is a good reminder that everyone needs to be careful about who they allow to access their organisation’s data.

IS is obviously not immune to the security threats carried by a piece of technology no bigger than a pack of gum.

Image of USB stick courtesy of Shutterstock.com

Exit mobile version