Ghost Security

Ghost Security, also known as GhostSec, is a self-described "vigilante" group that was formed to attack ISIS websites that promote Islamic extremism. It is considered an offshoot of the Anonymous hacking collective. According to experts of online jihad activism, the group gained momentum after the Charlie Hebdo shooting in Paris in January 2015. The group claims to have taken down hundreds of ISIS-affiliated websites or social media accounts and thwarted potential terrorist attacks by cooperating with law enforcement and intelligence agencies. The group uses social media hashtags like #GhostSec - #GhostSecurity or #OpISIS to promote its activities.

On 14 November 2015, Anonymous posted a video announcing its "biggest operation ever" against the terrorist group in response to the attacks in Paris, taking down 3,824 pro-ISIS Twitter accounts and doxxing recruiters. A message posted by an ISIS-affiliated account on encrypted chat service Telegram replied defiantly to Anonymous by providing instructions on how to respond to a potential cyberattack. On 25 November, an ISIS WordPress dark web site was reportedly hacked by GhostSec, which replaced the site with an advert for Prozac.

GhostSec found information related to planned terrorist attacks in New York and Tunisia and passed this information on to law enforcement authorities. In the wake of the cooperation with law enforcement, GhostSec decided to "become legit" to more efficiently combat ISIS. The group renamed itself "Ghost Security Group" and by November 2015 ended its association with Anonymous. Those of the members who opposed this development re-formed under the old name of "GhostSec" and maintained Anonymous ties. Both groups continue to operate against ISIS.

Lara Abdallat is one of the only members of Ghost Security Group whose identity is public.

Ghostsec also has involvement in the recent Russia-Ukraine conflict, with the groups involvement dating back to the first signs of aggression in 2022. Since their involvement Ghostsec has carried out numerous attacks on the Russian government, one notable one being on July 20th 2022. The Gysinoozerskaya Hydro-Power Plant suffered a attack resulting in a spew of fire shutting down the power plant. The group carried out the attack in support of Ukraine's struggle against Russia, with precise timing in order to avoid unnecessary casualties.

As of August 2023 GhostSec has been active in the Middle East, particularly relating to the Islamic Republic of Iran. In August of 2023, they breached Fanap Behnama and exposed over 20gb of data from facial recognition to the software's own source code.