Learning About ISIS Intentions Using Open Source Intelligence

ISIS' weekly newsletter al-Nabā' published an editorial about the lessons to be learned from the attack on the Iraqi embassy in Kabul, Afghanistan (July 30, 2017), which it called "an action of high quality."

In the editorial, attacking embassies and diplomatic staff is promoted as one of the most effective ways to put pressure on "infidel governments."

The Islamic State considers attacks like this as very important and encourages Muslims in every country to attack embassies and either kill the staff or take them hostage. Indeed, the latest edition of “Rumiyah”, an ISIS magazine, featured hostage taking as a notable topic. The editorial, is entitled "War on Embassies: The Greatest Cause of Fear and Pain for the Infidel Countries" (al-Nabā', Issue 92, August 3, 2017) 

Following its weakening across Iraq and Syria, ISIS is encouraging its operatives and supporters around the globe to carry out attacks in their own countries in support of the Islamic State.

The Islamic State consider embassies and those working in them as important targets. It encourages Muslims around the globe to strike embassies and either kill the staff or take them hostage. According to al- Nabā', anyone who wants to wage jihad and cannot, for whatever reason, leave his own country, will not find it difficult to locate foreigners near where they are living and attack them.

In this instance, ISIS is focusing on embassies and diplomats to get publicity for its attacks (compared with stabbing and vehicular attacks, which ISIS has also encouraged its supporters to carry out). A recent expample of such an attacke was carried out a double suicide bombing attack at the Iraqi embassy by ISIS's 'Khorasan Province', a group active in Afghanistan and Pakistan, which  has claimed responsibility for the attack.

Assesment

These types of threat feature a range of new methodologies that are being spread across social media groups and password protected web forums.

The impact of an attack against an embassy or diplomatic mission is a direct illustration of the response to an 'open source' request. Previously, Al Naba magazine has claimed this type of attack is preferable as it causes less damages to innocent civilians and maximises the exposure to their targets, diplomats, military personnel, government agents and law enforcement.

Online radicalization of individuals who are unknown to security services contniues to grow, making it almost impossible for new recruits to be monitored.  Social media media platforms, including Twitter and WhatsApp, are often highlighted by government agencies, particularly where communications are encrypted, however, secret forums and chat rooms hidden in the Dark Web are important places where illicit actors and Jihadists communicate.

Several of the mesaging Apps being used by the online Jihadist community are totally encrypted, with login credentials being randomly generated beyond a local server, making it impossible to monitor the content of their communications. “Threema” and “Wickr” are two such secure communications apps popular with Jihadi groups and are used to groom rectuits after first vetting their potential over “Telegram”.

Conclusion

There is a clear need to go beyond open source intelligence and to develop a new set of techniques to monitor threats concealed behind encryped messaging apps and Dark Web forums.

Law enforcment agencies need new technology  to get actionable Intelligence and live interception feed in real time, if they are to reliably predict and prevent future terror attacks. 

Vasco Da Cruz Amador is Chief Executive Officer at  Global Intelligence Insight

You Might Also Read: 

German Police To Hack Suspect Devices:

Islamic State On The Internet:

ISIS In The Dark Web Amidst Bitcoin  And Crime:

 

« Interpol/Group-IB Unmasking Pro-ISIS Hackers
Can US Cyber Weapons Stop N. Korea’s Nuclear Missiles? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clifford Chance

Clifford Chance

Clifford Chance are one of the world's pre-eminent law firms with resources across five continents. Practice areas include Cyber Security & Information Protection

infineon - IoT Security

infineon - IoT Security

Infineon is a leader in semiconductor solutions for a huge range of applications including automation, smart systems and security for the Internet of Things.

National Cyber Security Centre (NKSC) - Lithuania

National Cyber Security Centre (NKSC) - Lithuania

NKSC is the main Lithuanian cyber security institution, responsible for unified management of cyber incidents, monitoring and control of the implementation of cyber security requirements.

Maryman & Associates

Maryman & Associates

Maryman & Associates are specialists in computer forensic investigations, incident response and e-discovery services.

DynaRisk

DynaRisk

DynaRisk helps companies protect their staff, clients and supply chain from cyber threats by enabling people to take action for themselves.

360 Total Security

360 Total Security

360 company is the largest provider of Internet and mobile security products in China.

sayTEC

sayTEC

sayTEC's mission is to develop and deliver next-generation products and services in encrypted data and voice transmission.

CipherMail

CipherMail

CipherMail provides email security products which allow organizations world wide to automatically protect their email against unauthorized access both in transit and at rest.

Compnet

Compnet

Compnet is a service company that assists customers in integrating complete ICT systems including network infrastructure and security solutions.

ReFirm Labs

ReFirm Labs

ReFirm Labs provides the tools you need for firmware security, vetting, analysis and continuous IoT security monitoring.

Cyberport

Cyberport

Cyberport is focused on facilitating the growth of major technology trends such as FinTech and cybersecurity as well as the emerging technologies of AI, big data and blockchain.

Experis

Experis

Experis provide IT resourcing, project solutions and managed services. We enable organizations to cultivate individuals and teams prepared for the digital age.

senhasegura

senhasegura

senhasegura is a global Privileged Access Management vendor. Our mission is to eliminate privilege abuse in organizations around the globe and build digital sovereignty.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Maintel

Maintel

Maintel provides cloud and managed communications services. We help our customers to deliver exceptional customer experiences, and to securely access their applications and their data.

OccamSec

OccamSec

OccamSec is a leading provider in the world of cybersecurity. We provide accurate, actionable information to reduce risk and enable better informed decisions.