Cyber and Reality Domains Converge As The US Targets ISIS Hackers

Uploaded on 2016-02-03 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

The threat posed by ISIS is bringing new meaning to convergence as the US military starts using air strikes against hacking groups.

The notion of the cyber domain crossing over into the physical world is increasingly becoming more prolific, most famously exemplified by the Stuxnet virus that damaged part of Iran’s nuclear processing ability. But the potential threat posed by ISIS is bringing new meaning to the convergence of these two domains, as the military is using air strikes against members of the group associated with hacking.

Army Col. Steve Warren, spokesperson for the global anti-ISIS coalition called Combined Joint Task Force-Operation Inherent Resolve (CJTF-OIR), told reporters in late December that, “in addition to our tactical operation, we are also striking at the head of this snake by hunting down and killing ISIL leaders,” using an alternative acronym for ISIS.

One of these individuals was a British-educated computer system engineer of Bangladeshi descent named Siful Haque Sujan. “Sujan was an external operations planner who was educated as a computer systems engineer in the United Kingdom,” Warren told reporters. “He supported ISIL's hacking efforts, their anti-surveillance technology and their weapons development. Now that he's dead, ISIL has lost a key link between their networks.”

In August, a drone strike killed Junaid Hussain, the supposed ring-leader of ISIS’s cyber operations and the person suspected of recruiting Sujan, who eventually took - place.

ISIS has proven adept online at using social media to recruit fighters, direct attacks globally, and obtain passwords to deface websites and gain access to databases.  

“The coalition's strategy to defeat ISIL includes eliminating high value individuals, which can include enemy leaders, commanders of various levels of importance, recruiters or even social media and information technology savvy ISIL members,” a spokesperson for CJTF-OIR told Defense Systems via email.

The military generally declines to discuss the criteria for targeting individuals, adversarial capabilities or ongoing operations. “As stated in the DOD Cyber Strategy, it is the responsibility of the department to provide integrated cyber capabilities to support military operations and contingency plans. This also includes supporting Operation Inherent Resolve. As a matter of policy, we do not comment on details of planning or ongoing cyber-related operations,” Lt. Col. Valerie Henderson, a DOD spokeswoman, told Defense Systems regarding the cyber operations against ISIS.

Defense Secretary Ashton Carter recently indicated that he would begin directing cyber efforts against ISIS from the US Cyber Command, as authorized by US law.
 
However, the recent air strikes eliminating members of ISIS’s indicates that the United States. is not merely looking to neutralize adversarial capabilities, but eliminate the actors capable of executing them, thus converging the cyber and physical realm. “The United States and its coalition allies and partners are in an armed conflict with the Islamic State of Iraq and the Levant (ISIL). There are both domestic and international legal bases to use lethal force against those individuals who are determined to be members of ISIL,” DOD spokesperson Army Lt. Col. Joe Sowers told Defense Systems.

The US does not enjoy similar authorities against those performing state-sponsored cyberattacks for nation states – though there is broad flexibility under the president’s constitutional powers to protect the nation and interests from imminent dangers. Additionally, most malicious cyber activity generally falls under the purview of law enforcement, rather than the military, given that actions such as cyber theft are illegal.
     
To date, ISIS and its global online sympathizers have achieved relatively little success online, defacing a few websites and shutting down a French news station for some time. Non-state groups such as ISIS, despite its proto-state profile, are not on par with the types of cyber capabilities nation states such as Russia or China possess.
         
“The most damaging cyberattacks – those that cause physical damage, such as Stuxnet’s destruction of many of the Iranian nuclear program’s centrifuges – are still a high art of which only a few nations are capable, but it is likely that Russia has this capability, that China may already possess it,” James Lewis, senior fellow and program director at the Center for Strategic and International Studies wrote in a report titled “US-Japan Cooperation in Cybersecurity.” He added that non-state actors do not pose similar threats given the fact it “takes a large, well-resourced, and time-intensive effort to use cyber tools for major disruption or physical damage.”

It is still not clear how extensive ISIS’s capabilities are in terms of inflicting real harm in cyberspace. “In terms of their ‘attacks’ so far, they have not displayed great sophistication. They may have some capacity in reserve,” J.M. Berger, a fellow with George Washington University's Program on Extremism, said of ISIS. Regarding ISIS’s cyber personnel, Berger said “it's difficult to put a number on this, especially after the attrition of the last year. At one point, there were certainly at least a couple dozen hackers formally affiliated with the group. I can't realistically estimate what that looks like today.”

“I don’t think anyone has any proof that there’s an imminent attack or that ISIS has acquired the manpower or the resources to launch an attack on the infrastructure of the United States,” Craig Guiliano, a former counterterrorism official with DOD, told Government Technology in May. “It could be a potential threat in the future, but we’re not there yet.”

This is not to say that groups such as ISIS do not pose a distinct threat in cyberspace. “As far as the terrorist – the evolving of the terrorist threat – they have gone from using the Internet and cyber as a propaganda tool to, I think, just recently this year we saw them not use it just for a tool but also to obtain information to target US government military personnel,” Sean Newell, deputy chief for Cyber, Counterintelligence and Export Control Section at the Justice Department, said at an event hosted by the Atlantic Council recently. “That’s a significant evolution and you can rest assured they don’t want to stop there and they want to keep moving towards greater destructive attacks or cyber-enabled attacks that cause loss of life.”  
            
Other aspect of ISIS’s online presence, include maintaining communications. Berger clarified that the so-called “Cyber Caliphate,” includes both members within ISIS as well as “less affiliated supporters.” Some hackers, he said, that have been recruited are responsible for securing communications and maintaining Internet connections in Iraq and Syria
 
One of, if not the most, prominent presence ISIS maintains online is that of its social media for propaganda as well as and recruitment. While the role of social media in recruiting and radicalizing individuals can be overstated to some degree, it is still an important component that the United States has prioritized combating.
      
To date, US counter-messaging campaigns have had less-than desired effects. The State Department is trying to improve its counter-messaging campaign. Recently, it named the current Assistant Secretary of Defense for Special Operations and Low Intensity Conflict Michael Lumpkin to head the Global Engagement Center, which helps allies counter extremist messaging. The New York Times reported recently that the decision to tap Lumpkin was to leverage his “understanding of covert operations to improve the State Department’s efforts.”

The Obama administration has also made a fervent push to increase its partnership with the Silicon Valley to leverage top technologies to combat ISIS. Last week, cabinet chiefs went to Silicon Valley to meet with company heads in an effort to increase the public-private partnership.

Richard Stengel, under secretary of State for Public Diplomacy and Public Affairs, who oversees the Center for Strategic Counterterrorism Communications – an outlet that counters ISIS propaganda – told an audience recently at the New America Foundation that a sprint team from the private sector came in to do a deep dive into what CSCC was doing. The team recommended four principles for success going forward, including more leveraging of data analytics, using campaigns (such as highlighting defector testimonials) rather than “tit for tat messaging,” relying more on partners and third parties globally, and leveraging the private sector.   

With ISIS trying to build up its cyber capabilities, compounded by hacktivist groups such as a Palestinian hacker organization pledging allegiance and its efforts to ISIS’ leader, the threat from the group in the virtual world in increasing. While the United States counters ISIS’ operations in the physical world, it’s also taking up the fight in cyberspace, and sometimes those two world converge.

DefenseSystems: http://bit.ly/1nz6LbM

« Egyptian Uprising - a 'social media revolution'?
The Dismal Sate Of Payment Data Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

KPMG

KPMG

KPMG s a leading provider of professional services including information technology and cyber security consulting.

British Insurance Brokers’ Association (BIBA)

British Insurance Brokers’ Association (BIBA)

BIBA is the UK’s leading general insurance intermediary organisation. Use the ‘Find Insurance‘ section of the BIBA website to find providers of cyber risk insurance in the UK.

Protectimus

Protectimus

Affordable two factor authentication (2FA) provider. Protect your data from theft with multi factor authentication service from Protectimus.

Rewertz

Rewertz

Rewterz is a cyber security company based out of Dubai, serving customers in UAE, Oman, Qatar, Bahrain, Saudi Arabia, and Pakistan.

BooleBox

BooleBox

Boolebox is the innovative suite of enterprise data protection applications that preserve the integrity and confidentiality of data from any unauthorized access.

Assac Networks

Assac Networks

Assac Networks ShieldIT is an app that completely protects any BYOD smartphone from both tapping and hacking.

BotRx

BotRx

BotRx is the only AI-enabled, automated fraud protection technology that allows fast & easy deployment - continually keeping invisible bad bots and agents at bay, so you can rest easy.

Clario Tech

Clario Tech

Clario is a simple, comprehensive, personalized protection app. It comes with a full suite of intelligent security software and intelligent people to help you live a better, safer digital life.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

CoreStack

CoreStack

CoreStack helps enterprises overcome cloud challenges such as ever growing security risks, stringent regulatory compliance needs and operational complexities.

Transparity Cyber

Transparity Cyber

Transparity Cyber is dedicated to cybersecurity. As part of the Transparity Group we’re an established name in the Microsoft Cloud landscape, with a focus on cybersecurity excellence.

Eden Data

Eden Data

Eden Data is on a mission to break the outdated mold of traditional cybersecurity consulting. We handle all of your security, compliance & data privacy needs.

Evo Security

Evo Security

Evo Security is an Identity and Access Management company focused exclusively on serving MSPs, MSSPs and their SMB and Mid-Market customers.

Knostic

Knostic

Knostic is an early stage startup developing a risk management and governance platform designed for enterprise large language models (LLM).

Identifid

Identifid

Identifid offers a suite of fraud prevention and identity authentication solutions to businesses and governments using the latest advances in AI, vision processing, and biometric recognition.

E-CQURITY (ECQ)

E-CQURITY (ECQ)

ECQ is a network security company offering offensive security services and solutions focused on active offensive and defensive positioning.