Learning About ISIS Intentions Using Open Source Intelligence

ISIS' weekly newsletter al-Nabā' published an editorial about the lessons to be learned from the attack on the Iraqi embassy in Kabul, Afghanistan (July 30, 2017), which it called "an action of high quality."

In the editorial, attacking embassies and diplomatic staff is promoted as one of the most effective ways to put pressure on "infidel governments."

The Islamic State considers attacks like this as very important and encourages Muslims in every country to attack embassies and either kill the staff or take them hostage. Indeed, the latest edition of “Rumiyah”, an ISIS magazine, featured hostage taking as a notable topic. The editorial, is entitled "War on Embassies: The Greatest Cause of Fear and Pain for the Infidel Countries" (al-Nabā', Issue 92, August 3, 2017) 

Following its weakening across Iraq and Syria, ISIS is encouraging its operatives and supporters around the globe to carry out attacks in their own countries in support of the Islamic State.

The Islamic State consider embassies and those working in them as important targets. It encourages Muslims around the globe to strike embassies and either kill the staff or take them hostage. According to al- Nabā', anyone who wants to wage jihad and cannot, for whatever reason, leave his own country, will not find it difficult to locate foreigners near where they are living and attack them.

In this instance, ISIS is focusing on embassies and diplomats to get publicity for its attacks (compared with stabbing and vehicular attacks, which ISIS has also encouraged its supporters to carry out). A recent expample of such an attacke was carried out a double suicide bombing attack at the Iraqi embassy by ISIS's 'Khorasan Province', a group active in Afghanistan and Pakistan, which  has claimed responsibility for the attack.

Assesment

These types of threat feature a range of new methodologies that are being spread across social media groups and password protected web forums.

The impact of an attack against an embassy or diplomatic mission is a direct illustration of the response to an 'open source' request. Previously, Al Naba magazine has claimed this type of attack is preferable as it causes less damages to innocent civilians and maximises the exposure to their targets, diplomats, military personnel, government agents and law enforcement.

Online radicalization of individuals who are unknown to security services contniues to grow, making it almost impossible for new recruits to be monitored.  Social media media platforms, including Twitter and WhatsApp, are often highlighted by government agencies, particularly where communications are encrypted, however, secret forums and chat rooms hidden in the Dark Web are important places where illicit actors and Jihadists communicate.

Several of the mesaging Apps being used by the online Jihadist community are totally encrypted, with login credentials being randomly generated beyond a local server, making it impossible to monitor the content of their communications. “Threema” and “Wickr” are two such secure communications apps popular with Jihadi groups and are used to groom rectuits after first vetting their potential over “Telegram”.

Conclusion

There is a clear need to go beyond open source intelligence and to develop a new set of techniques to monitor threats concealed behind encryped messaging apps and Dark Web forums.

Law enforcment agencies need new technology  to get actionable Intelligence and live interception feed in real time, if they are to reliably predict and prevent future terror attacks. 

Vasco Da Cruz Amador is Chief Executive Officer at  Global Intelligence Insight

You Might Also Read: 

German Police To Hack Suspect Devices:

Islamic State On The Internet:

ISIS In The Dark Web Amidst Bitcoin  And Crime:

 

« Interpol/Group-IB Unmasking Pro-ISIS Hackers
Can US Cyber Weapons Stop N. Korea’s Nuclear Missiles? »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Paessler

Paessler

Paessler is a leading worldwide provider of network monitoring software.

Baker McKenzie

Baker McKenzie

Baker & McKenzie is an international law firm. Practice areas include Data & Technology.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

Augur Security

Augur Security

Augur Security (formerly SecLytics) is the only cybersecurity platform using AI-powered behavioral modeling and agentic automation to reliably predict and block threats before they launch.

Squalio

Squalio

Squalio is an information technology group that delivers solutions and services for secure and effective IT management.

ReliaQuest

ReliaQuest

ReliaQuest’s GreyMatter solution connects existing technology, people, and process – then equips security teams with unified, actionable insights across their entire environment.

Cyber Range Malaysia

Cyber Range Malaysia

With Cyber Range Malaysia organizations can train their security professionals in empirically valid cyber war-gaming scenarios necessary to develop IT staff skills and instincts for defensive action.

Cyber Lockout

Cyber Lockout

Comprehensive ransomware insurance and preventative cybersecurity technology solution, working together to help protect businesses 24/7/365.

National Cyber Security Center (NCSC) - Vietnam

National Cyber Security Center (NCSC) - Vietnam

National Cyber Security Center of Vietnam has a central monitoring function and is a technical focal point for monitoring and supporting information security for people, businesses and systems.

Cisco Networking Academy

Cisco Networking Academy

Cisco Networking Academy is the world's largest classroom, bringing technology education, 21st-century skills, and improved jobs prospects since 1997.

Opora

Opora

Opora is the leading cybersecurity provider of adversary behavior analytics “ABA” and preemptive security solutions.

Pessimistic Security

Pessimistic Security

The team behind Pessimistic helps blockchain startups meet modern security challenges since 2017.

Proximus Ada

Proximus Ada

Proximus Ada is the first Belgian center of excellence combining artificial intelligence and cybersecurity.

Synechron

Synechron

Synechron is a leading global digital consulting firm, providing innovative technology solutions for business.

Blue Networks & Infrastructure (BNI)

Blue Networks & Infrastructure (BNI)

Blue Networks and Infrastructure (BNI) is an innovative systems integrator and managed services provider.

Triam Security

Triam Security

Triam Security are on a mission to make software supply chain security effortless, effective, and invisible - so developers can move fast without leaving security behind.