{"id":20772,"date":"2015-06-01T14:30:02","date_gmt":"2015-06-01T04:30:02","guid":{"rendered":"http:\/\/www.aspistrategist.ru\/?p=20772"},"modified":"2015-06-01T14:54:27","modified_gmt":"2015-06-01T04:54:27","slug":"isis-pushes-for-offensive-cyber-capability","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/isis-pushes-for-offensive-cyber-capability\/","title":{"rendered":"ISIS pushes for offensive cyber capability"},"content":{"rendered":"
<\/a>The nature of ISIS\u2019s online presence is intended to do three things. Firstly, and most importantly for the longevity of its existence, it\u2019s intended as a mechanism to attract and recruit members to its ranks. Secondly it\u2019s a means through which ISIS aims to strike fear into the hearts of all that come across its frequently gruesome propaganda. Both objectives are well documented, but a third dimension to the ISIS presence online is emerging: their attempts to use cyberspace for offensive purposes.<\/p>\n By \u2018offensive\u2019 I don\u2019t mean delivering cyber attacks that involve some kind of kinetic impact, but rather I refer to attempts to use the cyber domain to disrupt services, damage reputations and reveal sensitive data.<\/p>\n Over the past five months we\u2019ve seen an uptick in offensive cyber activities by groups claiming an association with ISIS. In January US CENTCOM Twitter and YouTube accounts were suspended<\/a> after \u00a0CyberCaliphate\u2014a group claiming to support ISIS\u2014had hacked into both, defacing them with pro-ISIS messages. While the hacks didn\u2019t have a direct impact on CENTCOM\u2019s operations, they were certainly embarrassing and akin to acts of \u2018hacktivism\u2019 we\u2019ve seen from groups like Anonymous. Following up in February, the same group hacked into Newsweek and, of all things, Taylor Swift\u2019s twitter account<\/a>, defacing both with pro-ISIS messages and sending threatening messages to President Obama.<\/p>\n In March a group claiming to be the Islamic State Hacking Division published on JustPaste.it a list of photos, names, addresses and branch of US service personnel, which it claimed was taken from US military data servers. Accompanying the data was a statement from the group<\/a>:<\/p>\n With the huge amount of data we have from various different servers and databases, we have decided to leak 100 addresses so that our brothers in America can deal with you\u2026Kill them in their own lands, behead them in their own homes, stab them to death as they walk their streets thinking that they are safe.<\/p><\/blockquote>\n In April we saw the most significant effort from a group purporting to be part of ISIS. The group managed to orchestrate a complete three-hour blackout of the French channel TV5Monde.<\/em> They hacked into all 11 channels run by the company, along with its website and social media outlets<\/a>. While the attack took place, the hackers placed documents on TV5Monde\u2019s Facebook page, which they claimed were identity cards and CVs of relatives of French soldiers involved in fighting ISIS, accompanied by threats against the troops themselves. The Islamic State Hacking Division again claimed responsibility.<\/p>\n What this attack illustrated was the group\u2019s increased degree of sophistication. There had clearly been an amount of pre-attack planning, including a degree of social engineering that had gone on in order to completely shut down the stations computer systems.<\/p>\n This isn\u2019t the first time we\u2019ve seen terrorist groups utilise the power of online systems and networks in their operations. In February 2010 Rajib Karim, an IT employee for British Airways (BA), was arrested for terrorism offenses<\/a>. Having been in contact with radical preacher, Anwar al-Awlaki, he explained that he had access to BA’s servers and could erase all the data, causing massive disruption and financial loss of \u00a320 million per day. Luckily he was arrested before he was able to carry out any kind of nefarious activity. Giving evidence at a UK House of Commons hearing on Cyber Security in 2013, Thomas Rid was asked the question, \u2018Why hasn\u2019t al-Qaeda carried out a cyber attack on a national infrastructure delivery point?<\/a>\u2019 He replied that \u2018al-Qaeda are too stupid\u2026 You need skills and intelligence. Right now militants don\u2019t have that.\u2019 But ISIS, or at least those claiming to support the group, are now looking to take their cyber offensive to the next level.<\/p>\n Should we be worried about the self-styled CyberCaliphate and the potential for ISIS to launch highly sophisticated attacks against sensitive networks, similar to the STUXNET virus that was unleashed on Iran? At present, despite a clear elevation in capability, the answer would be \u2018not yet\u2019. Attacks of the magnitude of STUXNET require a level of financing, highly-skilled personnel and human intelligence gathering that an organisation such as ISIS simply can\u2019t . The more likely scenario is that we continue to see websites defaced and social media accounts hacked.<\/p>\n But that\u2019s no reason to be complacent about ISIS\u2019 capabilities and its intent. The cyber domain provides the group with a low-cost means of harassing their enemies and publicising their cause. They\u2019ve demonstrated an ability to utilise modern technology and unleash effective propaganda; and they\u2019ve proven attractive to \u2018tech savvy\u2019 youngsters. With their successful take down of a major television company, confidence will have increased and the next attack will be planned with greater ambition. There\u2019s no reason that ISIS won\u2019t work to mature what has so far been a successful strategy and capability. In many ways this reflects what we\u2019re seeing in the broader cyber threat environment: the cyber domain is becoming a key part of offensive operations for any group, be it a government, criminal organisation or terrorist group. Over the last five months ISIS have shown us that they are pushing to close the knowledge and capability gap when it comes to offensive cyber operations. We\u2019d be wise to keep a close watch.<\/p>\n","protected":false},"excerpt":{"rendered":" The nature of ISIS\u2019s online presence is intended to do three things. Firstly, and most importantly for the longevity of its existence, it\u2019s intended as a mechanism to attract and recruit members to its ranks. …<\/p>\n","protected":false},"author":49,"featured_media":20784,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[531],"tags":[391,713,728,895,808],"class_list":["post-20772","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security-2","tag-cyber","tag-cyberattack","tag-hacking","tag-islamic-state","tag-radicalisation"],"acf":[],"yoast_head":"\n