Please Support SilentVector:

Tuesday, July 21, 2015

Bitcoin: A Solution to the Financial Data Breach Debacle

Financial Data Breach Statistics

Since 2005 there have been at least 5,377 high-profile data breaches, totaling 786,098,214 (financial, medical, corporate, and intellectual property) records stolen.(1)  The monetary impact these breaches has cost governments, companies, and consumers is widely approximated and can never completely be known.  Some large companies that have been breached within recent years are Target, Citibank, Heartland, Bank of New York Mellon, Countrywide Financial, T.J. Maxx, and CardSystems Solutions.  There are hundreds, if not thousands of more breaches; the ones listed are only the ones that have been formally identified and reported.  This article addresses financial records, specifically.

The costs of these heists are passed directly to the consumer by proxy payments of higher insurance premiums, expensive encryption algorithms (that often aren't applied at all), security hardware, and software.  The monetary second and third order effects of these initial costs are also inflated by the costs of training financial employees to use encryption software (which lowers overall productivity in time lost encrypting and decrypting customer information databases), and familiarization of IT employees with proper implementation and protocols associated with new security hardware and software.

Regardless of whether a company experiences a financial breach in security or not, the costs incurred just trying to keep up with the computer security arms race to keep financial data secure, costs consumers.

Maintaining Your Financial Information Costs Money

The United States military uses sophisticated, time-based, "rotating key" encryption algorithms to secure even the most benign communications.  These methods are effective, because as a code-breaker gains enough information about the encryption and "pools of relevant data" to attempt to break the algorithm, the time-based protocols will modify the electronic keys before it is computationally possible to exploit the communications they protect.

The personal information you transmit during any electronic financial transaction already presents an attacker with "pools of relevant data" that cuts their work into smaller pieces.  For example, the majority of credit card numbers are 16 digits, are accompanied by a four digit expiration date, a 3 digit CVV/CVC, and are always paired with your first and last name and your billing address.

Image from

This makes databases of your financial data some of the most lucrative electronic targets on the planet, simply because so much personal information is stored in one place.  Quite often, it sits on computer hardware whose security settings are factory defaulted (and easily searchable on Google).  It is often situated in poorly protected areas of corporate infrastructure.  It is also either shoddily encrypted or not encrypted at all to save productivity overhead time spent encrypting and decrypting portions of the database.

When a system breach and data purge occurs, there are corporate protections in place to compensate immediate victims and mitigate damage control.  What is not usually taken into account, are the financial hardships of the consumer when their identity is stolen.  The process of rebuilding mistakes on a credit score and recouping lost savings does not favor the individual consumer.  Often, companies will issue free subscriptions to identity theft protection services, which are themselves vulnerable to electronic attack.

Bitcoin and the Blockchain

Bitcoin was released in 2009 by Satoshi Nakamoto.  Bitcoin is a decentralized form of currency that operates outside of the industry standard "pool of relevant data" vulnerabilities I mentioned earlier.  It does not require a bank account, a credit card number, or your personal information to be transmitted along with financial transactions.

Bitcoin derives its value from the continued development of an encryption technology called the Blockchain.  The Blockchain is a complete record of all encrypted financial transactions that have ever occurred through the Bitcoin financial network.  Each Bitcoin transaction relies on a mathematical derivative (called a "hash") of every transaction that has occurred through the Blockchain, ever.

Each time a transaction is fed into the Blockchain, it is independently verified (by Bitcoin mining computers) against the entire history of the Blockchain.  Each time the individual transaction is verified, a new "hash" is encoded into the Blockchain.  When enough Bitcoin mining computers reach a consensus, or "verify" the transaction, it is permanently recorded into the Blockchain to be used in future transactions.  A new, temporary "CryptoAccount Key" is issued to the user's Bitcoin "wallet" as the old one is encoded in the Blockchain (although, permanent CryptoAccount Keys can be used as merchant accounts).

Bitcoin Miners use specialized computers to process these transactions back through the Blockchain, usually for a "miner fee" of 0.0001 Bitcoins (BTC).  Using the BTC to $USD exchange rates, that equates to approximately 25 to 30 cents.

Image from

The incredible utility of this system is derived from the mathematical elegance of its "rotating-key" Blockchain technology.  It is essentially a military-grade method of encrypting financial transactions that is essentially free for the public to use.  Personally, I am more than happy to pay a quarter of one dollar to instantaneously order products from my favorite companies without the fear of my financial data being siphoned off by an electronic criminal.  Any malicious attempt to modify transaction data or inject nefarious code into the Blockchain is immediately purged, because the customer to vendor "end to end encryption" cannot be verified against the copy of the Blockchain that is kept on all Bitcoin mining computers.  

Get With the Times, Crypto-Currency Is the Future

According to Judd Bagley, CEO of, Bitcoin users are between the ages of 18 and 34 years old.(2)  If we examine that demographic from outside the lens of crypto-currency users, these are the prime ages of American citizens attending colleges as computer science, software, and hardware engineering majors.

As a computer scientist attending school myself, I would rather not work in the financial sector of a company that has had any history of being breached.  These incidents are bad for the reputation of any company I may be employed by: my overall job security suffers, the amount of income I make while working for one of these companies is lessened any time their security is breached.  If I work as an electronic security manager when one of these companies is breached, my personal reputation suffers.

Like the person that insists on writing a check in line during peak hours at the grocery store, the continued use of non-secure financial technologies is becoming culturally annoying.  There needs to be a push from computer scientists working in all financial sectors to broaden the understanding of Blockchain technologies and crypto-currencies in general.  While others feel content to pay insurance premiums for financial institutions through service fees (on accounts and at ATM's), I feel quite comfortable paying 25 cents per use when I make purchases with my Bitcoin wallet.


For more information on Bitcoin and Blockchain technologies, visit:

The author uses Mycelium Bitcoin Wallet, which I have found to be secure and user-friendly:

Friday, July 17, 2015

U.S. Marines Mourn on Camp Pendleton

Submitted Anonymously on July 17, 2015.

In remembrance of those who gave the ultimate sacrifice on American soil on July 16, 2015.

To help combat ISIS online, follow the Controlling Section (@CtrlSec) on Twitter.

" We are the ghosts you have created. "

One Hacker Walks, Another Falls - An Odd Timeline of Events

Thanks For the Story, Fox

While sifting through the coverage of the DarKode website take-down on July 15, none of the articles caught my eye except one from Fox News.  I am not particularly a fan of Fox, but two paragraphs caught my attention:

"Some of the targets were responsible for hacking into Sony's PlayStation Network and Microsoft's Xbox Live services last year around Christmas, authorities said.

British authorities in January arrested an 18-year-old man for computer hacking offenses related to the disruptions but hadn't released his name. The South East Organized Crime Unit said then it had worked with the FBI."(1)

I ignored the rest of Fox's article because it was the same drivel everyone else was posting on their news sites.  The only high profile hack involving Xbox and PlayStation I could remember from around that time involved the Lizard Squad.  It seems Fox might have been on to something if they would have followed their leads a little deeper.

KMS and #freeKMS

After a bit of looking around Lizard Squad's Twitter, I found the following Tweet:

Rory Stephen Guidry a.k.a "KMS" has a court hearing scheduled for Friday July 17 at 10:00 am at the United States District Court, Western District in Louisiana(2).  A report on The Daily Dot(3) alleges Mr. Guidry was acting as an informant for the FBI.  The #freeKMS hashtag on Twitter is another interesting source of information and will most likely continue to be after KMS' hearing.

An Odd Timeline of Events

There have been a series of interesting computer security events in the past four years:

- In the summer of 2011, hacktivist blackhat Hector Monsegur (known as Sabu) became an informant for the FBI.

- Computer hacker Jeremy Hammond was arrested on March 5, 2012 for allegations of hacking the Stratfor security firm.
- Journalist Barrett Brown confirmed one of his arrests via Twitter on March 6, 2012.  Mr. Brown was arrested again on September 24, 2012 for allegedly threatening an FBI agent.  He was held in pre-trial confinement until he was indicted on additional charges relating to Jeremy Hammond's Stratfor case.

- In April 2012, NSA security contractor Edward Snowden uncovers Project PRISM.  Further "Snowden Leaks" show the unconstitutional surveillance by the United States of its own citizens, as well as foreign governments and persons of interest around the world.  Mr. Snowden remains in Russia under asylum.

- Ross Ulbricht was arrested in early October 2013 for his alleged administration of the DarkNet market Silk Road under the alias "Dread Pirate Roberts."

Jeremy Hammond was convicted in November 2013 for hacking Stratfor.

- Lizard Squad conducts DDoS attacks against Sony PlayStation in 2014, Tweets a bomb scare, and forces an American Airlines flight to make an emergency landing.  The flight was carrying Sony Online Entertainment President, John Smedley.
- On November 24, 2014 a hacking spree begins against Sony and ends up costing the company approximately $100 million in damages.  The attack was supposedly carried out by North Korea in retaliation for the production of the comedy film, The Interview.  There are conflicting reports, but the attack is said to have "ended" on December 24, 2014.

- Lizard Squad begins a DDoS attack against Sony PlayStation and Microsoft Xbox networks in December 2014.  After a slight reprieve after Christmas 2014, attacks picked back up again in January 2015.

- In January 2015, British authorities "arrest an 18-year-old man for computer hacking offenses related to the disruptions but hadn't released his name. The South East Organized Crime Unit said then it had worked with the FBI."(see 1)

- Ross Ulbricht's trial begins on January 12, 2015 and comes to be known as the "Silk Road Trial."

- Barrett Brown is convicted on January 22, 2015.

- Ross Ulbricht is convicted on February 4, 2015.

- In June 2015, the information of 4 million United States federal employees is stolen from the servers of the Office of Personnel Management (OPM).

- Italian-based security firm "Hacking Team" is breached on July 5, 2015.  400 gigabytes of emails and company information is posted to the website WikiLeaks.

- On July 8, 2015 unnamed Lizard Squad member walks free after being convicted of 50,700 counts of computer crime.  The same day, the New York Stock Exchange (NYSE) is knocked offline for nearly four hours, the Wall Street Journal is taken offline, and United Airlines flights are grounded because of a "computer glitch."  Authorities claim the attacks are not connected.  The White House reports there is no suspected "nefarious actor" involved in the NYSE blackout, even though a popular Anonymous account on Twitter seemingly "predicted" the outage the evening before.

- Nearly 22 million more federal employee records are stolen from the OPM's servers on July 9, 2015.

- On July 15, 2015 the malware marketplace DarKode is taken offline.  The United States Justice Department cites 12 charges in relation to the site, 28 arrests are reported by Europol in a coordinated effort the FBI has called "Operation Shrouded Horizon."

- KMR's pre-trial hearing is scheduled for July 17, 2015.  KMR allegedly used to have ties with the Lizard Squad.

"Shrouded Connections"

It seems many of the events listed overlap one another at opportunistic times to draw media and therefore, public attention away from high-profile anomalies and the actions leading up to important court cases.  Many of these cases are surrounded by uncertain evidence introduced that allegedly violates American constitutional 4th Amendment rights.  There are also interesting examples of the Justice Department deciding, or not deciding, to press charges in relation to these alleged crimes.

Unexpectedly, Lizard Squad also announced on July 16 that it would no longer keep a record of any of its main Twitter accounts tweets for longer than one week.

As these and similar stories unfold, electronic and computer laws will continue to be a matter of concern among journalists and activists.  Voices of protest and dissent are important for the accountability of governments and the continuation of democracy and its processes.

DarKode Continuation

DarKode was an invitation-only website, where potential members were nominated by existing members.  A list of electronic exploits and accesses were listed by potential members after their nomination as a form of resume.  Existing members would vote potential members into the group.

DarKode's wares included bot-net rentals, computer code, malware, and access to databases of sensitive information.

Among those charged in connection with Operation Shrouded Horizon was Synthet!c, also known as Johan Anders Gudmunds of Sollebrunn, Sweden.  Synthet!c was allegedly DarKode's administrator.


(1) Fox News, July 15, 2015 (

(2) KMS' detention hearing scheduled for Friday, 17 July at 10:00 AM at the United States District Court, Western District, Louisiana. #FreeKMS
(3) The Daily Dot, July 16, 2015 (

Original FBI press release on Twitter:

Monday, July 13, 2015

Ethics of Harnessing Crowd-Sourcing Technologies

Ethics of Harnessing Crowd-Sourced Technologies

     I have always been in awe of the collective power created by connecting people through the Internet.  Part of these incredibly potent abilities comes from crowd-sourcing.  Crowd-sourcing is the collective accomplishment of a task by giving a group of people small segments of work to be completed.  When each piece of work is completed, the individual parts are reassembled into a functioning product or information utility.  Examples of this are seen in crowd-funding, social networking, and the assignment of metadata to digital information to create meaningful content.

     When “Web 2.0” was built, the function of the Internet shifted.  In 2006, Time Magazine chose “You” as the person of the year because of the amount of useful information being produced by the general population.  Seamlessly, all around us all the time, we create information that is collectively changing the world.  Some of the smallest things we do on the Internet are having the largest impacts.  If we are the primary creators of Internet content, interesting ethical questions arise when owners of crowd-sourced products use our collective accomplishments in ways we did not intend.  Technology continues to pervade the most intimate aspects of our lives rapidly and lawmakers scramble to keep abreast of this development.  An important, modern, poorly documented and sparsely discussed question arises: If we produce so much valuable content, how much of the created products do we actually own and what is the difference between ethical and unethical use of information we create?

     One of the positive examples of crowd-sourcing I mentioned is the reCAPTCHA (Completely Automated Public Turn test to tell Computers and Humans Apart) project owned and run by Google.  Google uses reCAPTCHA information for a variety of projects, to include Google Books.  It is in the process of digitizing scans of books for wider availability and distribution.  Google Maps is in the process of tagging numbered addresses to be used on Google Maps and Google Street View.

     Google uses high resolution digital cameras and software called Optical Character Recognition (OCR) when it scans books or addresses.  Words and numbers the OCR software cannot identify are sent to reCAPTCHA on websites to be translated by humans.  Luis Von Ahn, co-creator of reCAPTCHA says “According to our estimates, humans around the world type more than 100 million CAPTCHAs every day” (“ReCAPTCHA: Human-Based Character Recognition via Web Security Measures,” 2008).

     Based on Mr. Von Ahn’s estimates of how many reCAPTCHAs are processed per day, the following chart shows how long it would take to digitize famous literary works:

Figure 1:  According to Luis Von Ahn, co-founder of reCAPTCHA, how long it would take to digital famous novels based on their world counts and daily reCAPTCHA usage statistics.  Data source:, “Word Count for Famous Novels”:

     I excluded data on my graph about the 44 million words included in the Encyclopedia Britannica because the data dwarfs the other page counts. If reCAPTCHA focused the output of all its users on digitizing the Encyclopedia Britannica, our collective effort would transcribe its data in less than twelve hours. This is an immensely powerful tool for the enrichment and dissemination of human knowledge, but it also provides useful benefits to its users.

     The security created by reCAPTCHA prevents fake accounts and bot programs from flooding Internet websites with Spam. Words and number sequences correctly identified by users are collected by Google. This information is used to complete books and maps, strengthening the usability of Google’s products. In my opinion, this is a great use of crowd-sourcing because both the users and the company providing the service both equally benefit. I found another product that leveraged the unique qualities of crowd-sourced information for more secretive, ethically ambiguous reasons.

     The majority of Facebook’s content is created by its users. Wall Street will disagree with me, but I believe Facebook’s value is determined by its customers. If Facebook didn’t have users to create content for the site, it would be an online advertising billboard; I wouldn’t visit. I assumed a website dependent on its customers for the existence of its business would be transparent and forthcoming when dealing with crowd-sourced information.

     I vaguely remembered a story that broke in the news about Facebook manipulating user’s feeds for some kind of psychological experiment. During my research, I came across the original study and read it in its entirety. What I found was a terrifying example of crowd-sourcing gone wrong. According to a study published in the National Academy of Sciences (“Experimental Evidence of Massive-scale Emotional Contagion Through Social Networks,” 2014), English Facebook users were selected and the “experiment manipulated the extent to which people were exposed to emotional expressions in their News Feed. This tested whether exposure to emotions led people to change their own posting behaviors, in particular whether exposure to emotional content led people to post content that was consistent with the exposure—thereby testing whether exposure to verbal affective expressions leads to similar verbal expressions, a form of emotional contagion.”

     In 2014, the study famously brought to light a peculiar social experiment being conducted by Facebook. In summary, Facebook crowd-sourced its users to test the propagation of “emotional contagions” (i.e. contentment, depression, happiness, anger) based on posts from Facebook user walls. Experiences with Facebook were deliberately distorted, evoking measurable positive or negative emotional responses in users who conveyed their feelings as new posts. This user-generated data further manipulated the moods of others involved in the project. Facebook users were oblivious to the experiment until the story broke in 2014. The reaction of the public was disappointing and became as fleeting as the Facebook timelines it was manipulating.

     As a user of social media, I am alarmed research like this is being conducted at all. I ponder what purpose it serves. It is an unsettling feeling to second guess if what I see on social media is a genuine representation of my personal network of friends and family. It is also concerns me that my colleagues, friends, and relatives may perceive my digital persona inaccurately if Facebook is manipulating my data for frivolous social experiments. Were any of my posts distributed or weighted differently with unfair bias, possibly casting me in an unfavorable light with people I work with, trust, and love?

     Most concerning, I do not recall an option to opt in or out of the experiment (other than to stop using Facebook or learn another language besides English). It is also interesting to point out Facebook has since introduced a new suicide hotline function on their website, only after the experiment was brought to light. The value of this tool in saving human life will prove to be invaluable, but I wonder if it doesn’t serve another purpose to deflect possible litigation hinged on public knowledge of Facebook’s experiment.

     Even in 1942, Doctors and ethics professionals had a clear vision of the parameters in which to conduct their experiments on human beings. Dr. A.N. Richards, chairman of the University of Pennsylvania School of Medicine explained in a letter that “when any risks are involved, volunteers only should be utilized as subjects, and these only after the risks have been fully explained and after signed statements have been obtained which shall prove that the volunteer offered his services with full knowledge and that claims for damages will be waived. An accurate record should be kept of the terms in which the risks involved were described” (Richards, 1942).

     The experiment Dr. Richards is referring to was a bioethics experiment during World War II, but the intent of his words applies today. The spirit of responsibility and accountability is undeniable in this decades old correspondence; so what happened? What thought processes took place in the designers of Facebook’s experiment? What made them believe they could bypass regulation, conduct emotional research, misinform their consumers, and conceal the purpose of their research. The most disconcerting aspect of the whole situation is from Facebook’s users: silence.

     It is my position that legal, ethical crowd-sourcing will positively change the Internet and many of its associated products. Clever uses of crowd-sourcing will continue to be an engine for the accomplishment of undesirable, menial tasks for the benefit of a broader consumer base. With oversight and careful consideration of data quality, crowd-sourcing can construct literal libraries of useful information. A dangerous line is crossed when consumers are not made aware of how their digital personas are manipulated, for any reason. This practice sows distrust between consumers and ultimately undermines a company’s business when they exercise unethical liberties on their users.


Von Ahn, L., Maurer, B., Mcmillen, C., Abraham, D., & Blum, M. (2008). “ReCAPTCHA: Human-Based Character Recognition via Web Security Measures.” Science, 321(5895), 1465-1468.

Kramer, Adam D. I., Guillory, Jamie E., and Hancock, Jeffrey T. (2014) "Experimental Evidence of Massive-Scale Emotional Contagion Through Social Networks." Proceedings of the National Academy of Sciences of the United States of America 111.24 (2014)

Richards, A. N., (1942) “Reply of A. N. Richards, Chaiman, To Dr. J. E. Moore” Reproduction of the National Archives.

Sunday, July 12, 2015

SilentVector33: July 5 - 12, 2015 Digest

Hacking Team - July 5, 2015

On July 5, 2015 Italian-based information security company Hacking Team (@HackingTeam) was breached.  400GB of software, email traffic, and internal details of the company's operations were leaked through links tweeted on its own Twitter account.  Embarrassing, indeed.  But embarrassment was the least of the company's problems until WikiLeaks published the information and pumped it through Twitter, where thousands of skilled information managers began to dissect it.

The online machinations of Twitter information security professionals may not pique your interest, but it should.  The trove of information gleaned from these accounts has much to do with the everyday Internet user.  Hacking Team's scope of operations is frightening, invades your privacy, and whether you like it or not, brings dangerous software and its effects directly into your living room.

Hacking Team Privacy Implications

Potentially dangerous implications of this type have not been revealed since Edward Snowden fled the country after revealing the inner-workings of the Prism project, directed by the United States National Security Agency.  If you have ever watched a YouTube video, accessed your banking or utilities statements online, the revelations of the Hacking Team's exploits could have potentially uncovered your identity.

The source for concern is born from a skilled computer security professional's ability to trace Hacking Team's business dealings back to Symantec Corporation.  Symantec is one of the keystone organizations that provides security for the everyday Internet user.  They are partnered with Norton Antivirus and Spyware Removal; some of the most trusted and connected computer security companies in the world.  Most modern computers ship with a version of the Microsoft Windows operating system already installed; Microsoft has a close corporate relationship with both Symantec and Norton Security.

To break it down, there are several different types of internet security certificates issued to reputable companies to do business online.  One is a Secure Socket Layer (SSL) certificate that assists in encrypting your private communications when you deal with your bank (that "lock" icon displayed in your web browser is an example).  
Hacking Team was given a "code signing" certificate, which according to Symantec "will help protect users from downloading compromised files or applications."  This includes "vetting and approval of software publishers, code signing, key protection, revocation, administrative controls and audit logs.  This cloud-based service also features unique or rotating keys to sign apps and centralized protection in Symantec's military-grade data centers."

If you have read Hacking Team's list of clients, that statement is terrifying.  Their clients include the governments of Mexico, Sudan, Morocco, and the United Arab Emirates.  Also listed on their client list are the United States Federal Bureau of Investigation (code named "Phoebe") and the Department of External Affairs (code named "Katie").  If you examine the human rights violations and government corruption of some of the countries on their client list, it is not difficult to question the purpose of their dealings with the United States.

Even more disturbing are file systems found within Hacking Team's leaks which contain traces of child pornography files, installed covertly on the systems of their company's targets.  Coding within their leaked documents shows executable malicious code capable of remotely installing these files on a target computer, which would make an open-and-shut case easily possible, but absolutely illegal.  According to American constitutional law, the execution of this code would be a violation of 4th Amendment rights if a warrant was executed by these means.

Further, all of this code is now in the hands of whomever visits the WikiLeaks website.  The initial breach was exploited because of the most fundamental security flaw imaginable: the CEO of Hacking Team's account was laughably protected by a simple aberration of the word "password."  When you continue reading this, remember that this malicious code and the "professionals" that produced it are still at large.


According to, the events that took place on July 8, 2015 are the equivalent of a cyber-war.  United Airlines grounded all flights, the New York Stock Exchange was taken offline for three-and-a-half hours, and the Wall Street Journal's website was taken down.  Isn't it interesting only three days after the largest IT upset (that did not make the evening news) since 2013 was followed by a huge information outage only three days later, after the Hacking Team's malicious files were released to the Internet?  No one is talking about this.

The government's official statement was that they did not suspect "malicious actors" were responsible for the NYSE computer crash.  Many media outlets blamed a so-called "Black Squirrel" incident, similar to ones that have crashed Wall Street's computer systems in previous years.

From a security perspective, it is now known that the New York Stock Exchange does not immediately route the most current trading data to its floor in the event of a data interruption.  Arguably, the most powerful financial network in the western hemisphere can be crashed by miscreant squirrels chewing through random wires.  Why backup systems, isolated from one another in quadruplicate are not prepared to process this critical financial data are not in place, makes me question the validity of the entire day's events as reported in the press.  Either the reports are faulty, or the information security professionals they hire are inept to plan for such occurrences.

These are not "technical glitches" like hiccups in your Internet connection.  If they are so simple to explain, Wall Street should take a hard look a how they occur and inform the public so their taxes can be better spent defending our infrastructure.

Greece & BitCoin

Because of the ongoing financial crisis in Greece, Bitcoin continues to improve performance.  At the time of publishing this article, @Bitcoin10min reports from July 6 - July 12:

July 6 = $271.59 | €249.09 | ¥1699.32 | £181.93

1h -0.84% | 1d +0.34% | 7d +5.97% | 1m +19.89%

$311.06 | €280.63 | ¥1974.55 | £207.15

1h +1.16% | 1d +6.19% | 7d +14.59% | 1m +33.84%

A $1000USD investment would have yielded $338.40USD since July 6, 2015.

Because of bank closures and the inability to withdraw money from Greek financial institutions, many Greeks have abandoned the Euro to seek shelter in BitCoin.  Price is expected to stay nearly level, with a slight increase as negotiations between Greece and the European Union continue.

Ghost Security & OpISIS

Operations continue between #GhostSec and their initiative, #OpISIS against the Islamic State.  GhostSec uses a unique reporting system, through a handle named the Controlling Section (#CtrlSec) to wage war against the propaganda machine ISIS continues to attempt to maneuver.

In the news, there are often reports of citizens being duped online, crossing borders, and ultimately assisting the Islamic State.  You, reading this right now, you have a voice.  Follow #CtrlSec and get involved.

Former United States Veterans, you can assist in the fight against ISIS by volunteering your skills.  Visit for more information.