Ghost Security

{{Short description|Internet vigilante group}}

{{Use dmy dates|date=May 2022}}

Ghost Security, also known as GhostSec, is a self-described "vigilante" group that was formed to attack ISIS websites that promote Islamic extremism.{{cite web|title = Beauty Queen and Vigilante Female Hackers Declare Online War on ISIS|url = https://www.msn.com/en-us/news/world/beauty-queen-and-vigilante-female-hackers-declare-online-war-on-isis/ar-AAdwUwJ|website = MSM.com|access-date = 26 July 2015}}{{cite news|last1 = Gladstone|first1 = Rick|title = Behind a Veil of Anonymity, Online Vigilantes Battle the Islamic State|url = https://www.nytimes.com/2015/03/25/world/middleeast/behind-a-veil-of-anonymity-online-vigilantes-battle-the-islamic-state.html?_r=1|work =The New York Times|date = 25 March 2015|access-date = 26 July 2015}} It is considered an offshoot of the Anonymous hacking collective.{{Cite web|title = Ghost Security Hackers, Offshoot Of 'Anonymous,' Claim They Disrupted ISIS Attack By Intercepting Twitter Messages|url = http://www.ibtimes.com/ghost-security-hackers-offshoot-anonymous-claim-they-disrupted-isis-attack-2077993|website = International Business Times| date=September 2015 |access-date = 15 November 2015}}{{Cite web|title = Anonymous vs. the Islamic State|url = https://foreignpolicy.com/2015/11/13/anonymous-hackers-islamic-state-isis-chan-online-war/|website = Foreign Policy|access-date = 15 November 2015}} According to experts of online jihad activism, the group gained momentum after the Charlie Hebdo shooting in Paris in January 2015. The group claims to have taken down hundreds of ISIS-affiliated websites or social media accounts and thwarted potential terrorist attacks by cooperating with law enforcement and intelligence agencies.{{Cite web|title = Can Cyber Activists Chase ISIS off Twitter?|url = https://www.theatlantic.com/international/archive/2015/10/anonymous-activists-isis-twitter/409312/|website = The Atlantic|date = 8 October 2015|publisher = |access-date = 15 November 2015|language = en-US}} The group uses social media hashtags like #GhostSec - #GhostSecurity or #OpISIS to promote its activities.

On 14 November 2015, Anonymous posted a video[https://www.youtube.com/watch?v=w49NCXhq0YI Anonymous réagit aux attentats de PARIS 13/11/15], YouTube announcing its "biggest operation ever" against the terrorist group{{Cite web|title = Anonymous Declares Cyber War on ISIS. Why It Matters|url = http://fortune.com/2015/11/16/anonymous-cyber-war-isis/|website = Fortune|access-date = 18 November 2015}}{{cite web|url = http://www.bbc.co.uk/newsbeat/article/34836400/anonymous-declares-war-on-islamic-state|title = Anonymous 'declares war' on Islamic State|work = BBC|date = 16 November 2015|access-date = 17 November 2015}} in response to the attacks in Paris, taking down 3,824 pro-ISIS Twitter accounts{{cite web|url = http://news.softpedia.com/news/one-day-later-anonymous-already-takes-down-3-824-pro-isis-twitter-accounts-496258.shtml|title = One Day Later, Anonymous Already Takes Down 3,824 Pro-ISIS Twitter Accounts – Update|first=Catalin|last=Cimpanu|date = 16 November 2015|work = softpedia}} and doxxing recruiters.{{cite web|url = https://www.independent.co.uk/life-style/gadgets-and-tech/news/paris-attacks-anonymous-operation-isis-activists-begin-leaking-details-of-suspected-extremist-a6737291.html|title = 'Operation Isis' Anonymous activists begin leaking details of suspected extremist Twitter accounts|first=Andrew|last=Griffin|date = 17 November 2015|work = The Independent}} A message posted by an ISIS-affiliated account on encrypted chat service Telegram replied defiantly to Anonymous by providing instructions on how to respond to a potential cyberattack.{{Cite web|title = 'Idiots': ISIS responds to Anonymous threatening its 'biggest operation ever' against it|url = http://www.businessinsider.com/isis-anonymous-response-paris-attacks-2015-11|website = Business Insider|access-date = 18 November 2015}}{{Cite magazine|title = ISIS Calls Anonymous 'Idiots' As Cyber War Heats Up|url = https://time.com/4117704/isis-anonymous-cyber-war/|magazine = Time|access-date = 18 November 2015|first = Don|last = Reisinger}} On 25 November, an ISIS WordPress dark web site was reportedly hacked by GhostSec, which replaced the site with an advert for Prozac.{{cite news|last1=Cuthbertson|first1=Anthony|title=Hackers replace dark web Isis propaganda site with advert for Prozac |work=International Business Times |url=http://www.ibtimes.co.uk/hackers-replace-dark-web-isis-propaganda-site-advert-prozac-1530385|access-date=25 November 2015|date=25 November 2015}}

GhostSec found information related to planned terrorist attacks in New York and Tunisia and passed this information on to law enforcement authorities.{{cite news|url=http://www.ibtimes.co.uk/anonymous-affiliate-ghostsec-thwarts-isis-terror-plots-new-york-tunisia-1512031 |title=Anonymous affiliate GhostSec thwarts Isis terror plots in New York and Tunisia |first=Anthony |last=Cuthbertson |newspaper=International Business Times |date=22 July 2015 |access-date=3 November 2016}} In the wake of the cooperation with law enforcement, GhostSec decided to "become legit" to more efficiently combat ISIS. The group renamed itself "Ghost Security Group" and by November 2015 ended its association with Anonymous. Those of the members who opposed this development re-formed under the old name of "GhostSec" and maintained Anonymous ties. Both groups continue to operate against ISIS.{{cite news|url=https://mic.com/articles/129679/anonymous-vs-isis-how-ghostsec-and-ghost-security-group-are-targeting-terrorists#.t7BdOvX5w |title=Anonymous Divided: Inside the Two Warring Hacktivist Cells Fighting ISIS Online |first=Jack |last=Smith IV |newspaper=Mic |date=4 December 2015 |access-date=3 November 2016}}

Lara Abdallat is one of the only members of Ghost Security Group whose identity is public.{{Cite web|url=https://www.smh.com.au/technology/digital-vigilantes-the-online-fight-against-islamic-state-20151111-gkwb8q.html|title=Digital vigilantes: the online fight against Islamic State|last=White|first=Mark|date=11 November 2015|website=The Sydney Morning Herald|language=en|access-date=21 November 2019}}

Ghostsec also has involvement in the recent Russia-Ukraine conflict, with the groups involvement dating back to the first signs of aggression in 2022. Since their involvement Ghostsec has carried out numerous attacks on the Russian government, one notable one being on July 20th 2022.{{Cite web |last=Karmakar |first=Tista |date=2022-07-20 |title=Exclusive: GhostSec has taken the responsibility for the recent Russian ICS attack with zero causality |url=https://www.thetechoutlook.com/news/technology/security/exclusive-ghostsec-has-taken-the-responsibility-for-the-recent-russian-ics-attack-with-zero-causality/ |access-date=2023-07-21 |website=The Tech Outlook |language=en-US}} The Gysinoozerskaya Hydro-Power Plant suffered an attack resulting in a spew of fire shutting down the power plant. The group carried out the attack in support of Ukraine's struggle against Russia, with precise timing in order to avoid unnecessary casualties.{{Cite web |last=Bussoletti |first=Francesco |date=2022-07-21 |title=Ukraine, Anonymous cyber warfare against Russia becomes more aggressive |url=https://www.difesaesicurezza.com/en/defence-and-security/ukraine-anonymous-cyber-warfare-against-russia-becomes-more-aggressive/ |access-date=2023-07-21 |website=Difesa e Sicurezza (difesaesicurezza.com) |language=en-US}}

As of August 2023 GhostSec has been active in the Middle East, particularly relating to the Islamic Republic of Iran. In August of 2023, they breached Fanap Behnama and exposed over 20gb of data from facial recognition to the software's own source code.{{Cite web |last=Woollacott |first=Emma |title=Hacktivists Breach Iranian Surveillance System |url=https://www.forbes.com/sites/emmawoollacott/2023/08/29/hacktivists-breach-iranian-surveillance-system/ |access-date=2023-12-31 |website=Forbes |language=en}}