ALEXANDRIA, Va. — A computer hacker who helped the Islamic State group by providing names of more than 1,000 U.S. government and military workers as potential targets has been sentenced to 20 years in prison. Twenty-year-old Ardit Ferizi, a native of Kosovo arrested last year in Malaysia, was sentenced Friday in federal court in Alexandria, Virginia. Earlier this year, he became the first person convicted in the U.S. of both computer hacking and terrorism charges.
According to the U.S. Justice Department, Ferizi offered ISIS the hacked data "with the understanding that ISIL would use the [personally identifiable information] to 'hit them hard.' " ISIL is an alternative acronym for the Islamic State group. Assistant Attorney General John Carlin noted in June that this was the first time a hacker had been prosecuted on charges of terrorism. "Ferizi admitted to stealing the personally identifiable information of over 1,000 U.S. service members and federal employees and providing it to [ISIS] with the understanding that they would incite terrorist attacks against those individuals," Carlin said after the guilty plea was entered. "The case against Ferizi is the first of its kind, representing the nexus of the terror and cyberthreats." According to the indictment unsealed last October, Ferizi hacked into an online retailer's database in June 2015 and stole records on more than 100,000 customers. From those records, he was able to cull personally identifiable information on 1,351 federal employees and active military personnel. Ferizi provided this information to members of ISIS in August 2015; ISIS militants then posted the information online with a call for members to take action against those people, including perpetrating fraud using their personal information, as well as physical attacks.
Prosecutors sought the maximum sentence of 25 years. Defense lawyers said Ferizi meant no real harm and asked for a six-year sentence.
Federal Times Editor Aaron Boyd contributed to this report.