Islamic State Likely To Switch To Cyber Warfare

Islamic State (IS) and other terrorist groups are turning to the underworld to try to secure tools to carry out cyber-attacks on critical infrastructure.

Terrorist groups have taken part in low-grade “cyber vandalism” and their ability to wage more damaging attacks will only increase, according to a former operations chief at the UK’s spy centre GCHQ.

Many of the required tools to launch crippling attacks are becoming increasingly available on criminal markets on the so-called Dark Web, part of the world wide web that needs special software to penetrate.

Committed extremists could seek to accelerate those efforts by recruiting knowledgeable insiders, said Conrad Prince in a report for government-backed insurance company Pool Re. “A well-placed insider can go a long way to simplifying the work involved in delivering a destructive cyber-attack,” he wrote.

He cited the case of Rajib Karim, a former IT worker for British Airways, who used his position to investigate how to cause international travel chaos by bringing down the airline’s systems. He was jailed for 30 years in 2011 for plotting to blow up a plane.

Mr Prince said that as IS lose control of more physical territory it seemed likely that they would focus their efforts on cyberspace. “The cyber conflict… has a long way to run yet,” he wrote.

“Their capability to do so is limited at present, but all the trends indicate that their ability to deliver such attacks will increase over time.”

IS has so far failed to carry out any major successful cyber-attack in part because of the targeting of its cyber experts by the US and other anti-IS forces, according to the most recent internet threat assessment published by the European Union’s policing agency Europol.

It said that the concerted action had led to a scaling down of the activities of Pro-IS hackers, such as a group known as the “United Cyber Caliphate”.

The group had specialised in the publication of “kill lists” of potential targets in the US and UK and called on followers to “kill them wherever you found them”. There has been no confirmed incident of anyone being targeted on the list.

Many previous known cyber-attacks amounted to little more than attention-grabbing stunts and hacks of public accounts, rather than the penetration of critical infrastructure.

Junaid Hussain, a British militant who was killed in a US drone strike in Syria in 2015, was believed to have been involved in obtaining the passwords of the US Central Command’s Twitter account to briefly send pro-ISIL messages.

He was jailed in the UK for six months while part of a hacking group known as Team Poison after hacking the address book of former UK premier Tony Blair and publishing information. He also was involved in tying up the phone-lines of a UK anti-terror hotline.

“The absence of any major cyber-attacks by terrorist organisations can be interpreted as the result of not enough technical skills on their side, at least for the present time,” Europol said in its internet organised crime threat assessment for 2017.

Despite the apparent amateurish nature of some of the hacks, the 2017 Europol report concluded that the militants’ receptiveness to new technologies and a stated commitment to waging the fight in the virtual world “leaves little room for complacency”.

The National:   picture: Abu Bakr al Baghdadi 

You Might Also Read: 

Terrorism, A Sea Change In Tactics:

Cyberterrorism: The Next Threat From Islamic State:

Cyber Caliphate's Scorecard:

 

 

« Will AI Make Data Analytics Jobs Obsolete?
Self-Drive Trucks Now Working In Australia »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Security Network Munich

Security Network Munich

Security Network Munich brings together leading players in the field of information and cyber security through joint research and innovation projects.

Galvanize

Galvanize

Galvanize is a leading provider of award-winning, cloud-based security, risk management, compliance, and audit software for some of the world’s largest organizations.

Fidus Information Security

Fidus Information Security

Fidus is a team of security professionals providing Penetration Testing and Cyber Security Consulting services throughout the UK and worldwide.

SOFTwarfare

SOFTwarfare

SOFTwarfare deliver high-quality, reliable and secure enterprise application integrations through RESTful APIs for Cyber, Ops & Dev.

01 Communique Laboratory

01 Communique Laboratory

01 Communique Laboratory is an innovation leader in the new realm of Post-Quantum Cyber Security.

Berezha Security Group (BSG)

Berezha Security Group (BSG)

BSG is a cybersecurity consulting firm specializing in all aspects of application security and penetration testing.

Global Resources

Global Resources

Global Resources' planning and management capabilities support city, regional, and national utility and infrastructure management, and information systems and cyber security service delivery.

Qascom

Qascom

Qascom is an engineering company offering security solutions in satellite navigation and space cybersecurity. We are one of the European key players in GNSS authentication and security.

Maintel

Maintel

Maintel provides cloud and managed communications services. We help our customers to deliver exceptional customer experiences, and to securely access their applications and their data.

Quatrro Business Support Services (QBSS)

Quatrro Business Support Services (QBSS)

QBSS is a tech-enabled outsourcing firm that’s changing the way companies think about finance, accounting, human resources and technology services.

SecureWeb3

SecureWeb3

SecureWeb3 helps businesses and brands to secure their Web3 presence by offering a full suite of security services including training, consultancy & brand protection solutions.

Port-IT

Port-IT

Port-IT is a leading partner in cybersecurity solutions tailored for the maritime industry.

Lakera

Lakera

Lakera empowers developers and organizations to build GenAI applications without worrying about AI security risks.

Vortacity Cyber

Vortacity Cyber

Vortacity is a boutique cybersecurity provider specializing in associations, nonprofits, and mission-based organizations.

ShieldHaus

ShieldHaus

Protect your business from evolving cyber threats with ShieldHaus. Our real-time, AI-powered security solutions block malicious IPs, phishing attempts, and harmful domains to safeguard your systems an

CYSEC Global

CYSEC Global

CYSEC Global is a series of summits dedicated to tackle regional cyber security challenges.