Learning About ISIS Intentions Using Open Source Intelligence

Uploaded on 2017-08-16 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, FREE TO VIEW

ISIS' weekly newsletter al-Nabā' published an editorial about the lessons to be learned from the attack on the Iraqi embassy in Kabul, Afghanistan (July 30, 2017), which it called "an action of high quality."

In the editorial, attacking embassies and diplomatic staff is promoted as one of the most effective ways to put pressure on "infidel governments."

The Islamic State considers attacks like this as very important and encourages Muslims in every country to attack embassies and either kill the staff or take them hostage. Indeed, the latest edition of “Rumiyah”, an ISIS magazine, featured hostage taking as a notable topic. The editorial, is entitled "War on Embassies: The Greatest Cause of Fear and Pain for the Infidel Countries" (al-Nabā', Issue 92, August 3, 2017) 

Following its weakening across Iraq and Syria, ISIS is encouraging its operatives and supporters around the globe to carry out attacks in their own countries in support of the Islamic State.

The Islamic State consider embassies and those working in them as important targets. It encourages Muslims around the globe to strike embassies and either kill the staff or take them hostage. According to al- Nabā', anyone who wants to wage jihad and cannot, for whatever reason, leave his own country, will not find it difficult to locate foreigners near where they are living and attack them.

In this instance, ISIS is focusing on embassies and diplomats to get publicity for its attacks (compared with stabbing and vehicular attacks, which ISIS has also encouraged its supporters to carry out). A recent expample of such an attacke was carried out a double suicide bombing attack at the Iraqi embassy by ISIS's 'Khorasan Province', a group active in Afghanistan and Pakistan, which  has claimed responsibility for the attack.

Assesment

These types of threat feature a range of new methodologies that are being spread across social media groups and password protected web forums.

The impact of an attack against an embassy or diplomatic mission is a direct illustration of the response to an 'open source' request. Previously, Al Naba magazine has claimed this type of attack is preferable as it causes less damages to innocent civilians and maximises the exposure to their targets, diplomats, military personnel, government agents and law enforcement.

Online radicalization of individuals who are unknown to security services contniues to grow, making it almost impossible for new recruits to be monitored.  Social media media platforms, including Twitter and WhatsApp, are often highlighted by government agencies, particularly where communications are encrypted, however, secret forums and chat rooms hidden in the Dark Web are important places where illicit actors and Jihadists communicate.

Several of the mesaging Apps being used by the online Jihadist community are totally encrypted, with login credentials being randomly generated beyond a local server, making it impossible to monitor the content of their communications. “Threema” and “Wickr” are two such secure communications apps popular with Jihadi groups and are used to groom rectuits after first vetting their potential over “Telegram”.

Conclusion

There is a clear need to go beyond open source intelligence and to develop a new set of techniques to monitor threats concealed behind encryped messaging apps and Dark Web forums.

Law enforcment agencies need new technology  to get actionable Intelligence and live interception feed in real time, if they are to reliably predict and prevent future terror attacks. 

Vasco Da Cruz Amador is Chief Executive Officer at  Global Intelligence Insight

You Might Also Read: 

German Police To Hack Suspect Devices:

Islamic State On The Internet:

ISIS In The Dark Web Amidst Bitcoin  And Crime:

 

« Interpol/Group-IB Unmasking Pro-ISIS Hackers
Can US Cyber Weapons Stop N. Korea’s Nuclear Missiles? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Trust Guard

Trust Guard

Trust Guard services provide complete security for your website.

Hodgson Russ

Hodgson Russ

Hodgson Russ is a US business law firm. Practice areas include Privacy, Data Breach & Cybersecurity.

CI-CERT

CI-CERT

CI-CERT is the national Computer Incident Response Team for Cote d'Ivoire.

Cybersecurity Professionals

Cybersecurity Professionals

Search vacancies from top cyber security jobs worldwide on CyberSecurity Professionals. View IT security jobs or upload your CV to be seen by recruiters from industry leading firms.

EUROCONTROL

EUROCONTROL

EUROCONTROL is a pan-European, civil-military organisation dedicated to supporting European aviation. We help our stakeholders protect themselves against cyber threats.

Plexal

Plexal

Plexal is East London's innovation centre and co-working space. We offer startups flexible memberships, giving them access to office space plus all the benefits and support they need to scale.

CAPSLOCK

CAPSLOCK

CAPSLOCK delivers career-changing cyber training to help adults re-skill. Learn online to become a cyber security professional and pay no tuition until you land a high-paying job.

Nineteen Group

Nineteen Group

Nineteen Group delivers major-scale exhibitions within the security, fire, emergency services, health and safety, facilities management and maintenance engineering sectors.

Electrosoft Services

Electrosoft Services

Electrosoft provide mature, innovative technology-based services and solutions to power critical IT programs and keep our nation safe from cybersecurity attacks.

CybersCool Defcon

CybersCool Defcon

CybersCool is committed to educate and train, re-skill and up-skill the current workforce of various industries and businesses in the knowledge and know-how of cybersecurity.

HighGround

HighGround

HighGround offer a Cyber Security Solution for everybody, regardless of skillset, to feel empowered in their security experience in reaching Cyber Resilience.

Privasee

Privasee

Make GDPR compliance simple with Privasee. Our software makes it easy to protect your data and ensure you’re compliant with the new regulations.

NetRise

NetRise

NetRise was founded as a direct result of the many shortcomings currently in the device security market, specifically targeting the firmware of devices.

Certera

Certera

Certera is a modern and affordable SSL Certificate, Code Signing Certificate, and Cyber Security Services provider.

Excite Cyber

Excite Cyber

Excite Technology Services (formerly Cipherpoint) is focused on improving the security posture of our customers.

IT Voice

IT Voice

IT Voice specializes in Managed IT and VoIP solutions. Our focus is simplifying the technology so our customers can stay focused on what they do best.