How Dangerous Is ISIS In The Cyber Domain?

Uploaded on 2017-09-12 in NEWS-News Analysis, INTELLIGENCE--International, FREE TO VIEW

The Islamic State group and other militant organisations have been creating precedents in terms of discussing cyber activities almost from the start. 

Most cyber operations by militant organisations have been on a fairly low level and merely aspirational, according to John Mulligan, deputy director of the US National Counterterrorism Center.

From a practical standpoint, cyber activity to date has been largely confined to groups such as ISIS finding information and generating kill lists related to security or military personnel. This is achieved through some low-level hacking and the exploitation of low-hanging fruit. The US government has seen some low-level defacement of websites, he added, but nothing critical.

The gap between the perception that entities able to do the most harm in cyberspace, to include sophisticated nation-states, probably have lesser intent and entities with more nefarious intent have lesser capability is closing, former Director of National Intelligence, James Clapper, told the Senate Armed Services Committee in May.

Terrorists, criminals and hacktivists are going to exploit technology, “and so that comfort that we may have taken in the past is something we shouldn’t count on,” he said. Echoing this sentiment, Mulligan noted: “We shouldn’t make the same mistake in terms of underestimating their ability to again adapt their cyber abilities,” he said.  From a military perspective, Mulligan said ISIS is a loose connection of broadly independent, functioning entities that lack a degree of predictability and uniformity. 

When it comes to ISIS’ hacking cohorts, such as the so-called Cyber Caliphate, they are for the most part considered sympathisers rather than members of ISIS. The United States’ concern, he said, is the individuals who are competent in the cyber arena and may be operating below the horizon, making them more difficult to detect.

This can include those undertaking official support tasks, networks of supporters retweeting ISIS propaganda and those that add value to the overall effort but are difficult to detect. These networks, Mulligan said, are believed to be globally dispersed.
“What’s really unique about ISIS is the fact that they have a deep understanding of the linkage between the media world, particularly social media, and the operational world,” Mulligan said. “They have very successfully been able to use media to amplify the effects of their operational activities.”

ISIS understands the broad range of commercial technological applicability, and social media allows the group to conduct global operations, Mulligan said. 

The militant group can conduct financial transactions, facilitate logistical movements, and organise in a dispersed, remote way. Organisations such as ISIS delegate to individual’s degrees of responsibility and accountability, allowing them to display their initiative.

I-HLS

You Might Also Read

Learning About ISIS Intentions Using Open Source Intelligence:

Interpol/Group-IB Unmasking Pro-ISIS Hackers:

Cyber Caliphate's Scorecard:
 

« Will Cyber Warfare Remove Kim From N. Korea?
New AI Claims To Determine If You Are Gay Or Straight. »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

securitycurrent

securitycurrent

Security Current's proprietary content and events provide insight, actionable advice and analysis giving executives the latest information to make knowledgeable decisions.

Herjavec Group

Herjavec Group

Herjavec Group's Managed Security Services practice defends your organization from increasingly sophisticated, targeted cybercrime threats.

Guardtime

Guardtime

Guardtime's Black Lantern platform provides real-time cybersecurity and data-centric asset protection.

Romanian Accreditation Association (RENAR)

Romanian Accreditation Association (RENAR)

RENAR is the national accreditation body for Romania. The directory of members provides details of organisations offering certification services for ISO 27001.

Global Incubator Network Austria (GIN Austria)

Global Incubator Network Austria (GIN Austria)

GIN Austria is the connecting link between Austrian and international startups, investors, incubators and accelerators with a focus on selected hotspots in Asia.

Adzuna

Adzuna

Adzuna is a search engine for job ads used by over 10 million visitors per month that aims to list every job everywhere, including thousands of vacancies in Cybersecurity.

BTblock

BTblock

Blockchain and cybersecurity is a vital combination for Enterprise success. BTblock is a Force Multiplier for its clients.

Cyber Risk Aware

Cyber Risk Aware

Cyber Risk Aware provide a security awareness and phishing simulation platform that focuses on real threats and educates and empowers employees to be the first line of defence.

InfoExpress

InfoExpress

InfoExpress provides network security solutions that enhance productivity and security through better visibility, improved security, and automating device and mobile access to the network.

SIRP Labs

SIRP Labs

SIRP is a Risk-based Security Orchestration, Automation and Response (SOAR) platform that fuses essential cybersecurity information to enable a unified cyber response.

Immuta

Immuta

Immuta empowers data engineering and operations teams to automate data governance, security, access control & privacy protection.

Camel Secure

Camel Secure

Camel Secure is a company specialized in the development of products for information security and technology risk management.

VikingCloud

VikingCloud

VikingCloud (formerly Sysnet Global Solutions) offers organizations an integrated cybersecurity and compliance solution to make informed, predictive, and cost-effective risk mitigation and prevention

BIG Cyber

BIG Cyber

BIG Cyber is a specialized Managed Security Service Provider (MSSP) dedicated to bringing military grade cyber security technology to the gaming industry.

Center for Cyber Security Studies & Research (CFCS2R)

Center for Cyber Security Studies & Research (CFCS2R)

CFCS2R's mission is to empower individuals, organizations, and governments with the knowledge and tools necessary to protect against cyber threats.