Islamic State-Linked Hacker Pleads Guilty in U.S. Court

Ardit Ferizi, arrested in Malaysia in October last year over alleged connections with the Islamic State of Iraq and the Levant (ISIL), admitted in a United States court on Wednesday to providing material support to the terrorist organization, the Department of Justice announced.

Also known as Th3Dir3ctorY, Ferizi is a 20 years old citizen of Kosovo. After being arrested in Malaysia in fall, he appeared in court before U.S. Magistrate Judge Ivan D. Davis of the Eastern District of Virginia in January this year. In the complaint filed with the court, the FBI accused him not only of offering support to ISIL, but also of computer hacking and identity theft.

Ferizi pleaded guilty on June 15 before U.S. District Judge Leonie M. Brinkemaof the Eastern District of Virginia to the aforementioned accusations. According to the DoJ, the sentencing will take place on Sept. 16, 2016. Ferizi faces 20 years in prison for providing material support to ISIL and a maximum of 5 years for accessing a protected computer without authorization and obtaining information, the DoJ said.

Ferizi admitted that in July 2015 he gained administrator-level access to a server that maintained the website of an unnamed United States company, which also contained databases with personally identifiable information (PII) of tens of thousands of the company’s customers. The hacker also revealed that, between July and August 2015, he provided unlawfully-obtained PII to ISIL member Junaid Hussain, aka Abu Hussain al-Britani.

On August 11, Hussain posted on Twitter a document containing personal information on roughly 1,300 U.S. military and other personnel, in an effort to encourage terrorist acts against those individuals. Hussain had received the information from Ferizi, who stole it from the hacked server. In court, Ferizi admitted that the provided ISIL with the stolen PII, knowing that the information would be used to attack the impacted individuals.

According to DoJ, the document Hussain posted on Twitter, stated, in part, that “we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!”

As part of the plea agreement, Ferizi also agreed to a stipulated order of removal to Kosovo upon completion of his criminal sentence.

“Ferizi admitted to stealing the personally identifiable information of over 1,000 U.S. service members and federal employees, and providing it to ISIL with the understanding that they would incite terrorist attacks against those individuals,” said Assistant Attorney General for National Security John P. Carlin.  “The case against Ferizi is the first of its kind, representing the nexus of the terror and cyber threats.  The National Security Division will continue to use an all-tools approach to combat this ever-evolving blended threat, and we will identify, disrupt and prosecute any individual who provides material support to ISIL, no matter how they do so.”

Related: ISIS Cyber Capabilities Weak, Poorly Organized: Report

Related: US Military Conducts Cyber Attacks on IS