The attack seemed like a garden-variety digital holdup.
A computer intruder, calling himself the “Albanian hacker,” left a message for the administrator of a website for an Illinois internet retailer: Pay two Bitcoins, or about $500 at the time, and the intruder would “remove all bugs on your shop!”
Such demands are typical among underground hackers who infect computers with malicious code and seize control of them, freeing them only after receiving a payment.
But this case was more than a surreptitious digital mugging. The trespasser had ties to the Islamic State Hacking Division, a terrorist cyber unit, and before it was over he’d put together a “kill list” for the Islamic State with the identities of 1,351 U.S. government and military personnel from the 100,000 names, credit card records and Social Security numbers he’d extracted from the host server.
The hacker operated in a gray area where criminal and terror interests blend messily to test malicious computer code, raise funds and identify Western targets, and it raises fresh concerns for U.S. businesses hit by cybercrime and for the government agents tasked with defeating it: If a business tries to make a problem quietly disappear, it may effectively be hindering government efforts to monitor terrorism. The need for collaboration between business and government on internet security has soared, even as distrust has risen between network managers and law enforcement.