Islamic State Likely To Switch To Cyber Warfare

Islamic State (IS) and other terrorist groups are turning to the underworld to try to secure tools to carry out cyber-attacks on critical infrastructure.

Terrorist groups have taken part in low-grade “cyber vandalism” and their ability to wage more damaging attacks will only increase, according to a former operations chief at the UK’s spy centre GCHQ.

Many of the required tools to launch crippling attacks are becoming increasingly available on criminal markets on the so-called Dark Web, part of the world wide web that needs special software to penetrate.

Committed extremists could seek to accelerate those efforts by recruiting knowledgeable insiders, said Conrad Prince in a report for government-backed insurance company Pool Re. “A well-placed insider can go a long way to simplifying the work involved in delivering a destructive cyber-attack,” he wrote.

He cited the case of Rajib Karim, a former IT worker for British Airways, who used his position to investigate how to cause international travel chaos by bringing down the airline’s systems. He was jailed for 30 years in 2011 for plotting to blow up a plane.

Mr Prince said that as IS lose control of more physical territory it seemed likely that they would focus their efforts on cyberspace. “The cyber conflict… has a long way to run yet,” he wrote.

“Their capability to do so is limited at present, but all the trends indicate that their ability to deliver such attacks will increase over time.”

IS has so far failed to carry out any major successful cyber-attack in part because of the targeting of its cyber experts by the US and other anti-IS forces, according to the most recent internet threat assessment published by the European Union’s policing agency Europol.

It said that the concerted action had led to a scaling down of the activities of Pro-IS hackers, such as a group known as the “United Cyber Caliphate”.

The group had specialised in the publication of “kill lists” of potential targets in the US and UK and called on followers to “kill them wherever you found them”. There has been no confirmed incident of anyone being targeted on the list.

Many previous known cyber-attacks amounted to little more than attention-grabbing stunts and hacks of public accounts, rather than the penetration of critical infrastructure.

Junaid Hussain, a British militant who was killed in a US drone strike in Syria in 2015, was believed to have been involved in obtaining the passwords of the US Central Command’s Twitter account to briefly send pro-ISIL messages.

He was jailed in the UK for six months while part of a hacking group known as Team Poison after hacking the address book of former UK premier Tony Blair and publishing information. He also was involved in tying up the phone-lines of a UK anti-terror hotline.

“The absence of any major cyber-attacks by terrorist organisations can be interpreted as the result of not enough technical skills on their side, at least for the present time,” Europol said in its internet organised crime threat assessment for 2017.

Despite the apparent amateurish nature of some of the hacks, the 2017 Europol report concluded that the militants’ receptiveness to new technologies and a stated commitment to waging the fight in the virtual world “leaves little room for complacency”.

The National:   picture: Abu Bakr al Baghdadi 

You Might Also Read: 

Terrorism, A Sea Change In Tactics:

Cyberterrorism: The Next Threat From Islamic State:

Cyber Caliphate's Scorecard:

 

 

« Will AI Make Data Analytics Jobs Obsolete?
Self-Drive Trucks Now Working In Australia »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Leonardo

Leonardo

Leonardo (formerly Finmeccanica) is a global high-tech company in Aerospace, Defence, Security & Information Systems including Cybersecurity & ICT solutions.

Titania

Titania

Titania provide network security and compliance software. Find your Network Security gaps before hackers do with our security & compliance tools.

First Response

First Response

First Response is a Cyber Incident Response and Digital Forensic Investigation company.

S21sec

S21sec

S21sec is a leading European pure play cybersecurity consultancy, services and solutions provider.

BitRaser

BitRaser

BitRaser serves your needs for a managed & certified data erasure solution that can support internal & external corporate audit requirements with traceable reporting.

Entrust

Entrust

Entrust is a global leader in digital security, identities, payments, and data protection.

Irish National Accreditation Board (INAB)

Irish National Accreditation Board (INAB)

INAB is the national accreditation body for Ireland. The directory of members provides details of organisations offering certification services for ISO 27001.

Secure Recruitment

Secure Recruitment

Secure Recruitment is a specialist Executive Search business that focuses its efforts on attracting specific exceptional talent in Cyber Security.

Reed

Reed

reed.co.uk is a leading job site in the UK, providing a full online service for anyone looking for a new job.

HardSecure

HardSecure

Hardsecure supports organizations to face security threats through the adoption of cybersecurity capabilities that guarantee 360º monitoring, visibility, mitigation, and blocking.

Unit21

Unit21

Unit21 helps protect businesses against adversaries through a simple API and dashboard for detecting and managing money laundering, fraud, and other sophisticated risks across multiple industries.

Activu

Activu

Activu makes any information visible, collaborative, and proactive for people tasked with monitoring critical operations including network security.

Covenant Technologies

Covenant Technologies

Make Covenant Technologies the only choice for your IT and cybersecurity recruitment needs. We deliver quality candidates at the forefront of the cybersecurity and IT industry.

CentriVault

CentriVault

CentriVault is a leading independent provider of Cyber Security and Data protection services to small and medium enterprises (SMEs).

Hummingbird International

Hummingbird International

Hummingbird International, LLC offers services for the collection, audit, computer recycling and safe disposal of laptops, monitor/LCD, hard drives, and IT disposal.

Emircom

Emircom

Emircom is one of the Middle East's leading independent providers of IT infrastructure services, helping clients to drive growth and deliver measurable outcomes.