Cyber and Reality Domains Converge As The US Targets ISIS Hackers

The threat posed by ISIS is bringing new meaning to convergence as the US military starts using air strikes against hacking groups.

The notion of the cyber domain crossing over into the physical world is increasingly becoming more prolific, most famously exemplified by the Stuxnet virus that damaged part of Iran’s nuclear processing ability. But the potential threat posed by ISIS is bringing new meaning to the convergence of these two domains, as the military is using air strikes against members of the group associated with hacking.

Army Col. Steve Warren, spokesperson for the global anti-ISIS coalition called Combined Joint Task Force-Operation Inherent Resolve (CJTF-OIR), told reporters in late December that, “in addition to our tactical operation, we are also striking at the head of this snake by hunting down and killing ISIL leaders,” using an alternative acronym for ISIS.

One of these individuals was a British-educated computer system engineer of Bangladeshi descent named Siful Haque Sujan. “Sujan was an external operations planner who was educated as a computer systems engineer in the United Kingdom,” Warren told reporters. “He supported ISIL's hacking efforts, their anti-surveillance technology and their weapons development. Now that he's dead, ISIL has lost a key link between their networks.”

In August, a drone strike killed Junaid Hussain, the supposed ring-leader of ISIS’s cyber operations and the person suspected of recruiting Sujan, who eventually took - place.

ISIS has proven adept online at using social media to recruit fighters, direct attacks globally, and obtain passwords to deface websites and gain access to databases.  

“The coalition's strategy to defeat ISIL includes eliminating high value individuals, which can include enemy leaders, commanders of various levels of importance, recruiters or even social media and information technology savvy ISIL members,” a spokesperson for CJTF-OIR told Defense Systems via email.

The military generally declines to discuss the criteria for targeting individuals, adversarial capabilities or ongoing operations. “As stated in the DOD Cyber Strategy, it is the responsibility of the department to provide integrated cyber capabilities to support military operations and contingency plans. This also includes supporting Operation Inherent Resolve. As a matter of policy, we do not comment on details of planning or ongoing cyber-related operations,” Lt. Col. Valerie Henderson, a DOD spokeswoman, told Defense Systems regarding the cyber operations against ISIS.

Defense Secretary Ashton Carter recently indicated that he would begin directing cyber efforts against ISIS from the US Cyber Command, as authorized by US law.
 
However, the recent air strikes eliminating members of ISIS’s indicates that the United States. is not merely looking to neutralize adversarial capabilities, but eliminate the actors capable of executing them, thus converging the cyber and physical realm. “The United States and its coalition allies and partners are in an armed conflict with the Islamic State of Iraq and the Levant (ISIL). There are both domestic and international legal bases to use lethal force against those individuals who are determined to be members of ISIL,” DOD spokesperson Army Lt. Col. Joe Sowers told Defense Systems.

The US does not enjoy similar authorities against those performing state-sponsored cyberattacks for nation states – though there is broad flexibility under the president’s constitutional powers to protect the nation and interests from imminent dangers. Additionally, most malicious cyber activity generally falls under the purview of law enforcement, rather than the military, given that actions such as cyber theft are illegal.
     
To date, ISIS and its global online sympathizers have achieved relatively little success online, defacing a few websites and shutting down a French news station for some time. Non-state groups such as ISIS, despite its proto-state profile, are not on par with the types of cyber capabilities nation states such as Russia or China possess.
         
“The most damaging cyberattacks – those that cause physical damage, such as Stuxnet’s destruction of many of the Iranian nuclear program’s centrifuges – are still a high art of which only a few nations are capable, but it is likely that Russia has this capability, that China may already possess it,” James Lewis, senior fellow and program director at the Center for Strategic and International Studies wrote in a report titled “US-Japan Cooperation in Cybersecurity.” He added that non-state actors do not pose similar threats given the fact it “takes a large, well-resourced, and time-intensive effort to use cyber tools for major disruption or physical damage.”

It is still not clear how extensive ISIS’s capabilities are in terms of inflicting real harm in cyberspace. “In terms of their ‘attacks’ so far, they have not displayed great sophistication. They may have some capacity in reserve,” J.M. Berger, a fellow with George Washington University's Program on Extremism, said of ISIS. Regarding ISIS’s cyber personnel, Berger said “it's difficult to put a number on this, especially after the attrition of the last year. At one point, there were certainly at least a couple dozen hackers formally affiliated with the group. I can't realistically estimate what that looks like today.”

“I don’t think anyone has any proof that there’s an imminent attack or that ISIS has acquired the manpower or the resources to launch an attack on the infrastructure of the United States,” Craig Guiliano, a former counterterrorism official with DOD, told Government Technology in May. “It could be a potential threat in the future, but we’re not there yet.”

This is not to say that groups such as ISIS do not pose a distinct threat in cyberspace. “As far as the terrorist – the evolving of the terrorist threat – they have gone from using the Internet and cyber as a propaganda tool to, I think, just recently this year we saw them not use it just for a tool but also to obtain information to target US government military personnel,” Sean Newell, deputy chief for Cyber, Counterintelligence and Export Control Section at the Justice Department, said at an event hosted by the Atlantic Council recently. “That’s a significant evolution and you can rest assured they don’t want to stop there and they want to keep moving towards greater destructive attacks or cyber-enabled attacks that cause loss of life.”  
            
Other aspect of ISIS’s online presence, include maintaining communications. Berger clarified that the so-called “Cyber Caliphate,” includes both members within ISIS as well as “less affiliated supporters.” Some hackers, he said, that have been recruited are responsible for securing communications and maintaining Internet connections in Iraq and Syria
 
One of, if not the most, prominent presence ISIS maintains online is that of its social media for propaganda as well as and recruitment. While the role of social media in recruiting and radicalizing individuals can be overstated to some degree, it is still an important component that the United States has prioritized combating.
      
To date, US counter-messaging campaigns have had less-than desired effects. The State Department is trying to improve its counter-messaging campaign. Recently, it named the current Assistant Secretary of Defense for Special Operations and Low Intensity Conflict Michael Lumpkin to head the Global Engagement Center, which helps allies counter extremist messaging. The New York Times reported recently that the decision to tap Lumpkin was to leverage his “understanding of covert operations to improve the State Department’s efforts.”

The Obama administration has also made a fervent push to increase its partnership with the Silicon Valley to leverage top technologies to combat ISIS. Last week, cabinet chiefs went to Silicon Valley to meet with company heads in an effort to increase the public-private partnership.

Richard Stengel, under secretary of State for Public Diplomacy and Public Affairs, who oversees the Center for Strategic Counterterrorism Communications – an outlet that counters ISIS propaganda – told an audience recently at the New America Foundation that a sprint team from the private sector came in to do a deep dive into what CSCC was doing. The team recommended four principles for success going forward, including more leveraging of data analytics, using campaigns (such as highlighting defector testimonials) rather than “tit for tat messaging,” relying more on partners and third parties globally, and leveraging the private sector.   

With ISIS trying to build up its cyber capabilities, compounded by hacktivist groups such as a Palestinian hacker organization pledging allegiance and its efforts to ISIS’ leader, the threat from the group in the virtual world in increasing. While the United States counters ISIS’ operations in the physical world, it’s also taking up the fight in cyberspace, and sometimes those two world converge.

DefenseSystems: http://bit.ly/1nz6LbM

« Egyptian Uprising - a 'social media revolution'?
The Dismal Sate Of Payment Data Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Gamma

Gamma

Gamma is a leading provider of Unified Communications as a Service (UCaaS) into the UK, Dutch, Spanish and German business markets.

Secure360

Secure360

Secure360 focuses on the following key areas: governance, risk and compliance, information security, physical security, business continuity management, and professional development.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

Bufferzone Security

Bufferzone Security

Bufferzone is a patented containment solution that defends endpoints against advanced malware and zero-day attacks while maximizing user and IT productivity.

Harel Mallac Technologies

Harel Mallac Technologies

Harel Mallac Technologies is a Mauritian organisation that has developed a strong network of ICT specialists with nodes across the African continent.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

BwCIRT

BwCIRT

BwCIRT is the Computer Incident Response Team (CIRT) for Botswana and provides an official point of contact for dealing with computer security incidents.

IT Acceleration

IT Acceleration

IT Acceleration is a full-service IT management and support, IT compliance and Digital Forensics company.

Curity

Curity

The Curity Identity Server brings identity and API security together, enabling highly scalable and secure user access to digital services.

QAlified

QAlified

QAlified offer independent testing and quality assurance services for software projects including security testing.

Bastion Technologies

Bastion Technologies

All your cyber defense. One platform. Keep your business assets and employees safe under one roof. Manage your cyber defense quickly, easily & efficiently.

Fulcrum Technology Solutions

Fulcrum Technology Solutions

The Fulcrum team of technologists are recognized experts in the fields of IT Infrastructure Technology, Security, Service Management and Support.

Cyber Explorers

Cyber Explorers

Cyber Explorers is a fun, free and interactive learning platform for future digital superstars. An exciting addition to UK curriculum delivery or after school activities.

GitLab

GitLab

GitLab is a complete DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate and build software.

Cyro Cyber

Cyro Cyber

Cyro Cyber is a collective of some of the UK’s most experienced and savvy cybersecurity, information assurance, data protection, IT governance and compliance experts.