THE BLOG
10/13/2016 04:55 am ET Updated Oct 13, 2017

This Twitter Collective Takes On ISIS One Account At A Time

Quashing the so-called Islamic State's social media presence is like fighting the mythical hydra: you can flag one account for removal, but several others pop up in its place.

Twitter, the favored public platform of extremist groups, shut down 125,000 ISIS-affiliated accounts earlier this year, but there are still thousands more, and new ones every week. Because of free speech concerns, it's hard for Twitter to just "wipe out" ISIS's presence online. Besides, it's hard to flag ISIS content with an algorithm or other automatic method: there's no single hashtag or phrase linked to the terror group. There's a large gray area of problematic content that Twitter can't decisively scrub.

One group that's risen to address this tenuous challenge is CtrlSec, an anonymous Twitter collective with a simple goal: to flag for removal as many ISIS-affiliated accounts as possible. Call it death by a thousand reports. From its main handle, @CtrlSec, it tweets out batches of flagged accounts several dozen times a day. As of June 2016, it claims to have flagged nearly 147,000 accounts, 133,361 of which were suspended.

Speaking via an encrypted messaging app, CtrlSec's founder, who identified himself only as a European male under the alias "Mikro," told me about the movement. (The Atlantic contributor Simon Cottee has also met with the "real" Mikro, "somewhere in Europe.")

Mikro is a member of Anonymous, the international hacktivist collective that declared "cyber war" on ISIS in August 2014. Mikro started CtrlSec, named after a secret WWII British intelligence unit, as an Anonymous offshoot in February 2015. He's an unemployed web designer who spends "15-19 hours a day" running CtrlSec and overseeing a group of about 25 other volunteer activists who flag accounts day and night.

"I saw ISIS as a growing threat to today's society and decided I had to at least try and do something about it," said Mikro. Most of his team members work less demanding hours than he does, but some of them have become similarly absorbed and quit their day jobs, he said. "But I always tell my team to prioritize their real life before this work."

CtrlSec runs a group of four linked Twitter accounts: @Ctrlsec, @Ctrlsec0, @Ctrlsec1 and @Ctrlsec2 that send out scheduled tweets several times an hour. Once a bot tweets a batch of targeted ISIS accounts, the account's followers work to Report the account to Twitter en masse, which usually gets the account taken down.

Mikro and his fellow volunteers find accounts through existing ISIS-affiliated profiles (whom they follow and are followed by) and straightforward hashtags like #IslamicState and رتويت # ("#retweet"). CtrlSec volunteers, whom he calls "hunters," don't have any special shortcuts for finding ISIS accounts beyond months of practice and a general proficiency in many languages. Mikro says he's fluent in six, and the collective includes several native Arabic speakers.

According to Mikro, Twitter is not interested in formally collaborating with the group. He was critical of Twitter's efforts to scrub extremist content.

"Twitter is working only for profit, they don't care about their platform being used to plan and perform attacks," said Mikro.

A Twitter spokesperson told me that "we condemn the use of Twitter to promote terrorism and the Twitter Rules make it clear that this type of behavior, or any violent threat, is not permitted on our service." But, they added, Twitter does not consult third-party lists like those compiled by CtrlSec, which the spokesperson described as "wildly inaccurate."

As a counterpoint, one counter-terrorism expert who has worked closely with the U.S. government had high praise for CtrlSec.

"They have done extraordinarily great work," Michael S. Smith, founder of the security consultancy Kronos Advisory, told me. "At a time when the government was more focused on monitoring ISIS online than disrupting their work, CtrlSec's voluntary effort to disrupt their presence was invaluable."

Even retired CIA General Petraeus praised the open-source data generated by groups like CtrlSec in a comment to Foreign Policy in 2015. The New York Times ISIS correspondent Rukmini Callimachi has also praised CtrlSec on Twitter.

Beyond reporting accounts, Smith also praised the data that CtrlSec maintains on flagged accounts. "Their most important work is infiltrating Islamic State networks on social media -- building trust among Islamic State members and supporters sufficient to gather information about the Islamic State's activities and plans offline," he said.

Smith said from mid-2015 to April 2016, CtrlSec would feed him national security tips that he would convey to relevant agencies "about 90 percent of the time."

Counter-extremism measures like CtrlSec's seem to be paying off: ISIS's Twitter presence has sharply diminished in 2016. Mikro attributes this both to his group's flagging and the migration of ISIS members to less public platforms, like WhatsApp and Telegram. CtrlSec has eyes on those platforms too, particularly Telegram, but Mikro said Twitter remains their flagship battleground because it is such a public medium.

He complains that state governments don't give citizen activist groups enough credit in the counterterrorism wars.

"The U.S. administration is taking all the credit [for reducing extremist content online] while I sit here with my team working 19 hours a day for free," he grumbled.

The work is not without its mental toll, even though all its members are anonymous.

"It can be a lot," he said. "ISIS threatens us every day. But you also get to know people who live in the conflict areas, and listening to what they go through is heartbreaking."