Exploring Alternatives: Terrorism Converging With Cyber Crime

Uploaded on 2016-08-26 in NEWS-News Analysis, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

Islamic State's german language magazine  'Kybernetiq', which is  designed to guide jihadist on how to take part in 'cyber war' against other countries.

There is growing evidence that terrorists and criminals are converging in cyperspace. 

Current reporting continues to focus terrorist usage of the technology as a tool for recruitment or the possibility of expanding into offensive cyber-attack operations. One additional possibility that may be overlooked is the development cybercrime operations by terrorist networks. Given the ongoing events in the world; what once could have been considered a farfetched idea is now coalescing as conditions are developing that provide the right environment and ripe opportunity. 

Examining the Islamic State (ISIS) one discovers that the network has a formally staffed capability that is focused on encryption and cyber-attacks. ISIS also has the Afaaq Electronic Foundation, which assists its members by providing online counter-surveillance training. As international military forces have targeted the ISIS revenue streams, the threat has expanded into other countries to reduce the operational impact. However, the global community has responded by expanding operations aimed to disrupt financial capabilities. Terrorists look to disperse support capabilities when threatened because fixed assets are vulnerable to disruption. The world of cybercrime offers ISIS a remote capability that could be conducted by its internationally dispersed support personnel. ISIS has expressed interest in ransomware, which has seen US universities and hospitals pay the extortion with no arrests. 

The focus on ISIS being technically savvy enough to avoid detection online is a direct result of the Snowden revelations. This revelation directly supports the continuation of ISIS monitoring the news of cyberspace to determine vulnerabilities, both its and the enemy, to improve operations. Given this world view, the case of the $81 million SWIFT bank account reveals challenging and systematic failures ripe for the terrorist network exploitation. Fundamentally, the hacking can be attributed to a lack of verification of SWIFT transactions between banking systems and the possibility from insider help. The following events present an even greater critical problem.

The Bangladesh Bank that was the target of the SWIFT hacking originally hired a cybersecurity company to investigate the crime. That company was dismissed in June 2016 as costs associated with the contract outpaced results. While the owner of the SWIFT messaging system hired a cyber forensic team the disparity between investigations shows that not all connected to the hack have the same ability or determination. Another exploitable area is that Bangladesh has demonstrated that the financial institution is willing to accept an $81 million dollar loss, concentrating instead on recovering some of those funds by claiming that the US Federal Reserve also shares responsibility. However this situation gets resolved, at the current time the $81 million is untraceable, those hacked are blaming each other, Bangladesh has established a loss threshold of millions, and the hack demonstrates the potential benefits of cyber-related criminal activities to terrorist organizations.    

Given the advantages to an illicit network, the SWIFT hack results are something that ISIS could find an interesting scenario. This development is also substantiated by revelations that ISIS used an “Albanian Hacker” to develop a kill list of US government/military personnel. While many debate the merits of a convergence between terrorists and criminals, this concept is confined to understanding these as two separate entities and not types of operations carried out by the threat networks. A 2013 paper by the US government reasoned that ‘all terrorist organizations are Transnational Criminal Organizations’. This goes to the critical need for money, which fuels operations. In 1969 Carlos Marighella wrote the book that set the standards on how terrorists can operate in a city environment called, “The Minimanual of the Urban Guerilla”. This manual instructed terrorists how to rob banks and perform kidnappings to fund operations. Margihella’s instructions continue to be promulgated through the global-connected network of terrorists. It would be safe to assume that Carlos would be a proponent of using cyber-crime to fund those operations if he was alive today. 
 
About the author: An intelligence professional with many years active service in the US Intelligence Community, Norman T Lihou has taught at the US Army Intelligence Center of Excellence, Defense Intelligence Agency, National Defense University, Army War College, NATO C-IED Center of Excellence and the Joint Forces Training Centre.

« Keyless Entry Renders Millions Of Cars Vulnerable
UK Police Hire Law Firms To Tackle Cyber Criminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Berkman Klein Center for Internet & Society

Berkman Klein Center for Internet & Society

The Berkman Klein Center for Internet & Society is a research center at Harvard University that focuses on the study of cyberspace.

World Privacy Forum (WPF)

World Privacy Forum (WPF)

The World Privacy Forum is a non-profit public interest research group that focuses on privacy and technology issues.

Software Testing News

Software Testing News

Software Testing News provides the latest news in the industry; from the most up-to-date reports in web security to the latest testing tool that can help you perform better.

Secure Thingz

Secure Thingz

Secure Thingz focus on developing and delivering advanced security solutions into the emerging Industrial Internet of Things (IIoT) and Critical Infrastructure markets.

Green Hills Software

Green Hills Software

Green Hills Software is the largest independent vendor of embedded secure software solutions for applications including the Internet of Things.

Telia Cygate

Telia Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

Convercent

Convercent

We offer comprehensive and integrated compliance management, reporting, and analytics. A 360-degree view of compliance drives efficiency by aligning initiatives and data into a single dashboard.

SGBox

SGBox

SGBox is a highly flexible and scalable solution for IT security. Choose the modules which your company needs and implement it without any modification to your network infrastructure.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Sonrai Security

Sonrai Security

Sonrai Security delivers an enterprise security platform focused on identity and data protection inside AWS, Azure, and Google Cloud.

Pentest360

Pentest360

Pentest360 is a 24x7x365 Penetration testing service offered through a feature-rich, centralised platform on the cloud that delivers instant visibility during security assessments.

SOC.OS Cyber Security

SOC.OS Cyber Security

SOC.OS is an alert correlation and triage automation tool. It correlates and prioritises your alerts, boosting productivity, enhancing threat visibility and shortening mean time to respond.

Point Predictive

Point Predictive

Point Predictive build Predictive Models using Artificial Intelligence and Machine Learning techniques that help our customers stop fraud and early payment default (EPD).

Data Storage Corp (DSC)

Data Storage Corp (DSC)

Data Storage Corporation is a provider of data recovery and business continuity services that help organizations protect their data, minimize downtime and recover and restore data.

FourNet

FourNet

FourNet is an award-winning provider of cloud and managed services; we work closely with our clients to enable digital transformation across their organisation.

Digimune

Digimune

Digimune is an all-encompassing cloud-based cyber risk protection platform that guards you against the dangers of our digital world.