ISIS

U.S. Companies Are Playing Host To ISIS Websites And Forums

Websites disseminating propaganda by ISIS and other Islamic extremists are hosted by at least three American companies

ISIS
(Photos: Dreamstime, Photo Illustration: Robert A. Di Ieso/Vocativ)
Jul 17, 2015 at 5:28 AM ET

Several online networks affiliated with the Islamic State and other extremist organizations are peddling execution videos and luring would-be jihadists with a little help from businesses based in the United States.

At least three American companies are hosting websites used by ISIS supporters, and one other Islamic terror group, to spread news, disseminate propaganda and recruit followers, an analysis by Vocativ shows. The findings come as officials in the U.S. and elsewhere aggressively seek new powers to combat jihadists online, just months after France imposed stiff measures of its own.

“What’s changed the equation is that ISIS is much more effective online than any group we’ve seen,” says James Lewis, a director with the Center For Strategic and International Studies.

Two of the American-hosted sites identified by Vocativ are filled with the highly-choreographed images and videos that promote ISIS’ brutality and military prowess, as well the group’s advances across Iraq and Syria. One of the websites, hosted by Automattic, a San Francisco-based company, also includes video tutorials on military tactics and infiltration. The other, hosted by Provo, Utah’s Blue Host, documents a group of Chechen jihadists led by Omar al-Shishani, the northern commander for ISIS, who has authority over the group’s military operations in northern Syria. 

Vocativ’s analysis also found that at least one web company, Colocrossing, headquartered in Buffalo, New York, provides hosting services for a forum affiliated with Hezbollah, the Iranian-backed Lebanese militant group. Forum topics on the site range from discussions on weapons and military equipment to one focused on Israel entitled “Zionist Enemy.”

Vocativ identified the hosting companies through a WHOIS search on myip.ms—which provides domain names, IP addresses and other information on registered websites—and later cross-verified the companies using Host Advice, a separate query site. During its analysis, Vocativ also found that web companies in the UK, Hungary and Bulgaria hosted ISIS-affiliated sites and forums.

“There are two things you can do with these sites. You can eavesdrop on them or shut them down. Frankly, both options are easier if the site’s hosted in the U.S.” – Martin Libicki, RAND Corporation

None of the American hosting companies identified by Vocativ responded to requests for comment. Earlier this year, a different Internet service provider based in the U.S., CloudFlare, drew the ire of hacktivist collective Anonymous, who claimed the company was “helping terrorists” by providing digital protection for ISIS propaganda and recruitment websites against cyber attacks.

Matthew Prince, the CEO of CloudFlare, told the Mirror Online that law enforcement officials were aware of the ISIS sites, but had told the company not to discontinue its services. Prince also said that, contrary to Anonymous’ claims, CloudFlare did not accept money from the terrorist group because the ISIS sites in question used a free service. “A company should not set its policy by listening to random kids making a load of noise on Twitter,” he told the Mirror. Vocativ could not independently verify the claims against CloudFlare.

Experts say these American-hosted sites present a challenge for law enforcement and intelligence officials, who must balance their efforts to combat extremist activity online with the free speech protections that extend to even terrorist groups and their sympathizers. Officials must also assess the trade-offs between keeping a terror site or forum up, which allows them to monitor its users, and trying to disband it, which closes off a recruitment channel.

“There are two things you can do with these sites. You can eavesdrop on them or shut them down,” says Martin Libicki, a cybersecurity analyst with the RAND Corporation. “Frankly, both options are easier if the site’s hosted in the U.S.”

Libicki also says that some of these jihadist sites could be “false fronts” created by law enforcement officials to lure terrorist wannabes. Prince, CloudFlare’s CEO, suggested the same thing when he spoke to the Mirror in May.

The FBI did not respond to questions asked by Vocativ about American-hosted extremist sites. Reached by phone, a spokesman for the National Counterterrorism Center declined to speak publicly about them. U.S. lawmakers and intelligence officials, however, are currently seeking broader authority in which to track and counter Islamic State activity online.

The Senate Intelligence Committee quietly approved legislation earlier this month that would require Internet service providers—including hosting companies—to report suspected terrorist activity to federal authorities. The Obama administration, meanwhile, is ratcheting up its pressure on Silicon Valley companies to allow law enforcement agencies access to encrypted communications, which the FBI claims is now a powerful recruiting tool for ISIS.

As both measures in the U.S. draw criticism by privacy and civil liberty groups, governments in Europe have already taken their own steps to crack down on suspected terrorism content on the Internet. Following the Charlie Hebdo attacks in Paris, France issued rules that allow authorities to block sites accused of promoting terrorism. Later, the government succeeded in enlisting tech giants like Google and Facebook to delete extremist content online and turn over data on users.

As part of its own counter-terrorism efforts, the UK has also sought to regulate speech and other Internet activity. One bill being pushed by Prime Minister David Cameron would require Internet and mobile phone companies to keep records of customer’s browsing history and social media use.