Remote Radicalisation: Islamic State's Online War

On 31 October, an Uzbek national identified as Sayfullo Saipov drove a rented pickup truck into cyclists and runners on a bike path along Lower Manhattan’s Hudson River, killing eight people and injuring 11 others. An Islamic State (IS) flag and document pledging allegiance to the Islamist group were discovered inside his vehicle, raising alarm. However, as investigations into Saipov progressed, it became evident that that he had no direct connections to IS or any other jihadist militant group. It appears that Saipov had a far more tenuous flirtation with the group; FBI investigators found 90 graphic and violent Islamist propaganda videos on his phone, including one showing IS leader Abu Bakr al Baghdadi calling on Muslims to avenge deaths in Iraq. The evidence has raised concerns over remote radicalisation of so-called lone actors; a significant challenge for domestic security agencies to address.

IS’s approach represents a hybrid between two strategies used by Islamist terrorists against the West: centrally-coordinated and inspired plots. The former relies on direct involvement by a militant organisation in terms of training, coordination, financing, and indoctrination. Conversely, inspired plots typically involve lone perpetrators with loose online relations with these groups and access to propaganda. While limited, this online engagement enables individuals to plot and carry out attacks with significant autonomy in the name of IS without substantial investment from the group’s central leadership.

IS has proven that it is adept in the online sphere, and has been credited with “winning the war on social media” through the use of various communication platforms, social media and its own propaganda outlet, Amaq News Agency. According to a George Washington University report published in May 2017, IS shares its online media in over 40 languages and publishes at least 35 press releases every day. In addition, through supporters, an average of 18,425 ISrelated posts are uploaded to social media daily. While some social media companies have clamped down on online activity by extremist groups, these groups have found alternatives to promote their agenda. For example, after Twitter adopted a more effective approach to shutting down IS-related accounts in early 2016, the group’s sympathisers moved their focus to Telegram and other less strictly regulated endto-end encrypted communications applications. 

The group not only uses propaganda videos and publications to radicalise and inspire individuals like Saipov, but IS is known to use social media accounts to communicate directly with wouldbe jihadists to plot attacks. This tactic proved effective with Munir Abdulkader, an Ohio resident who pleaded guilty in March 2016 to plotting to attack US government officials. Abdulkader’s online engagement with IS commenced in July 2014 when he created Twitter accounts to voice his support for the group. Within months, he was in contact with Junaid Hussain, a British IS hacker who later died in Raqqa. According to court documents, Abdulkader “placed himself under the direction of IS and its overseas leadership.” Abdulkader initially aimed to travel to Syria, but Hussain convinced him to orchestrate a domestic attack when it became clear that plans to travel to Syria would likely be intercepted by US authorities. Instead, they devised a plot to kidnap and behead a US soldier before attacking a local police station with guns and pipe bombs. Hussain provided Abdulkader with reconnaissance and tactical advice online via direct messages on Twitter. Although the FBI was initially secretly monitoring Hussain’s direct messages over Twitter, the bureau later had to use an undercover informant after the pair moved their online conversation to an encrypted messaging app. Abdulkader was arrested in May 2015 before he could execute the planned attack. 

While Saipov did not have direct communication with IS, the large volumes of chatter and propaganda pertaining to IS highlights obstacles for authorities in determining whether online posts and conversations by sympathisers demonstrate real intent. A 2015 Department of Homeland Security bulletin noted that the “sheer number of social media postings by US-based IS supporters is challenging for investigators in differentiating those supporters focused solely on promoting IS rhetoric which may be protected speech, versus detecting those prepared to engage in violence on the group’s behalf.” Monitoring potential suspects online will remain a mammoth task for authorities, particularly given that lone actor attacks frequently involve few detectable precursor signs. 

As pressure continues to mount against IS through significant territorial losses in Syria and Iraq, the group is expected to lash out against Western countries by urging its supporters abroad to carry out domestic attacks. The group is likely to use attacks in Europe and North America as a means of demonstrating its reach and strength in the face of its failing insurgency. Given the challenges that US authorities face in terms of identifying chatter demonstrating real terrorist intent, and cases like Saipov where no direct online engagement with IS is evident, further attacks in the US by remotely radicalised individuals are an unfortunate reality.