ISIL-Linked Kosovo Hacker Sentenced to 20 Years in Prison

WASHINGTON – Ardit Ferizi, aka Th3Dir3ctorY, 20, a citizen of Kosovo, was sentenced today to 20 years in prison for providing material support to the Islamic State of Iraq and the Levant (ISIL), a designated foreign terrorist organization, and accessing a protected computer without authorization and obtaining information in order to provide material support to ISIL.

Assistant Attorney General for National Security John P. Carlin, U.S. Attorney Dana J. Boente for the Eastern District of Virginia, Assistant Director in Charge Paul M. Abbate of the FBI’s Washington Field Office and Special Agent in Charge Charles P. Spencer of the FBI’s Jacksonville Field Office made the announcement after the defendant was sentenced by U.S. District Judge Leonie M. Brinkema.

"This case represents the first time we have seen the very real and dangerous national security cyber threat that results from the combination of terrorism and hacking,” said Assistant Attorney General Carlin. “This was a wake-up call not only to those of us in law enforcement, but also to those in private industry. This successful prosecution also sends a message to those around the world that, if you provide material support to designated foreign terrorist organizations and assist them with their deadly attack planning, you will have nowhere to hide.  As this case shows, we will reach half-way around the world if necessary to hold accountable those who engage in this type of activity. I want to thank the corporation that worked with law enforcement to solve this crime, and the agents, analysts and prosecutors who worked on this groundbreaking case."

Ferizi, who was detained by Malaysian authorities on a provisional arrest warrant on behalf of the U.S., was charged by criminal complaint on Oct. 6, 2015. The criminal complaint was unsealed on Oct. 15, 2015. Ferizi subsequently consented to extradition.

Ferizi pleaded guilty on June 15. According to court documents, Ferizi admitted that on or about June 13, 2015, he gained system administrator-level access to a server that hosted the website of a U.S. victim company. The website contained databases with personally identifiable information (PII) belonging to tens of thousands of the victim company’s customers, including members of the military and other government personnel. Ferizi subsequently culled the PII belonging to U.S. military members and other government personnel, which totaled approximately 1,300 individuals. That same day, on June 13, Ferizi provided the PII belonging to the 1,300 U.S. military members and government personnel to Junaid Hussain, a now-deceased ISIL recruiter and attack facilitator. Ferizi and Hussain discussed publishing the PII of those 1,300 victims in a hit list.

According to court documents, on Aug. 11, 2015, in the name of the Islamic State Hacking Division (ISHD), Hussain posted a tweet that contained a document with the PII of the approximately 1,300 U.S. military and other government personnel that Ferizi had taken from the victim company and provided to Hussain. The document stated, in part, that “we are in your emails and computer systems, watching and recording your every move, we have your names and addresses, we are in your emails and social media accounts, we are extracting confidential data and passing on your personal information to the soldiers of the khilafah, who soon with the permission of Allah will strike at your necks in your own lands!” Ferizi admitted that he provided the PII to ISIL with the understanding that ISIL would use the PII to “hit them hard.”

This case is being prosecuted by Special Assistant U.S. Attorney Brandon Van Grack of the Eastern District of Virginia and Trial Attorney Gregory Gonzalez of the National Security Division’s Counterterrorism Section. The Malaysian authorities and the Justice Department’s Office of International Affairs also provided significant assistance.