Cyber and Reality Domains Converge As The US Targets ISIS Hackers

The threat posed by ISIS is bringing new meaning to convergence as the US military starts using air strikes against hacking groups.

The notion of the cyber domain crossing over into the physical world is increasingly becoming more prolific, most famously exemplified by the Stuxnet virus that damaged part of Iran’s nuclear processing ability. But the potential threat posed by ISIS is bringing new meaning to the convergence of these two domains, as the military is using air strikes against members of the group associated with hacking.

Army Col. Steve Warren, spokesperson for the global anti-ISIS coalition called Combined Joint Task Force-Operation Inherent Resolve (CJTF-OIR), told reporters in late December that, “in addition to our tactical operation, we are also striking at the head of this snake by hunting down and killing ISIL leaders,” using an alternative acronym for ISIS.

One of these individuals was a British-educated computer system engineer of Bangladeshi descent named Siful Haque Sujan. “Sujan was an external operations planner who was educated as a computer systems engineer in the United Kingdom,” Warren told reporters. “He supported ISIL's hacking efforts, their anti-surveillance technology and their weapons development. Now that he's dead, ISIL has lost a key link between their networks.”

In August, a drone strike killed Junaid Hussain, the supposed ring-leader of ISIS’s cyber operations and the person suspected of recruiting Sujan, who eventually took - place.

ISIS has proven adept online at using social media to recruit fighters, direct attacks globally, and obtain passwords to deface websites and gain access to databases.  

“The coalition's strategy to defeat ISIL includes eliminating high value individuals, which can include enemy leaders, commanders of various levels of importance, recruiters or even social media and information technology savvy ISIL members,” a spokesperson for CJTF-OIR told Defense Systems via email.

The military generally declines to discuss the criteria for targeting individuals, adversarial capabilities or ongoing operations. “As stated in the DOD Cyber Strategy, it is the responsibility of the department to provide integrated cyber capabilities to support military operations and contingency plans. This also includes supporting Operation Inherent Resolve. As a matter of policy, we do not comment on details of planning or ongoing cyber-related operations,” Lt. Col. Valerie Henderson, a DOD spokeswoman, told Defense Systems regarding the cyber operations against ISIS.

Defense Secretary Ashton Carter recently indicated that he would begin directing cyber efforts against ISIS from the US Cyber Command, as authorized by US law.
 
However, the recent air strikes eliminating members of ISIS’s indicates that the United States. is not merely looking to neutralize adversarial capabilities, but eliminate the actors capable of executing them, thus converging the cyber and physical realm. “The United States and its coalition allies and partners are in an armed conflict with the Islamic State of Iraq and the Levant (ISIL). There are both domestic and international legal bases to use lethal force against those individuals who are determined to be members of ISIL,” DOD spokesperson Army Lt. Col. Joe Sowers told Defense Systems.

The US does not enjoy similar authorities against those performing state-sponsored cyberattacks for nation states – though there is broad flexibility under the president’s constitutional powers to protect the nation and interests from imminent dangers. Additionally, most malicious cyber activity generally falls under the purview of law enforcement, rather than the military, given that actions such as cyber theft are illegal.
     
To date, ISIS and its global online sympathizers have achieved relatively little success online, defacing a few websites and shutting down a French news station for some time. Non-state groups such as ISIS, despite its proto-state profile, are not on par with the types of cyber capabilities nation states such as Russia or China possess.
         
“The most damaging cyberattacks – those that cause physical damage, such as Stuxnet’s destruction of many of the Iranian nuclear program’s centrifuges – are still a high art of which only a few nations are capable, but it is likely that Russia has this capability, that China may already possess it,” James Lewis, senior fellow and program director at the Center for Strategic and International Studies wrote in a report titled “US-Japan Cooperation in Cybersecurity.” He added that non-state actors do not pose similar threats given the fact it “takes a large, well-resourced, and time-intensive effort to use cyber tools for major disruption or physical damage.”

It is still not clear how extensive ISIS’s capabilities are in terms of inflicting real harm in cyberspace. “In terms of their ‘attacks’ so far, they have not displayed great sophistication. They may have some capacity in reserve,” J.M. Berger, a fellow with George Washington University's Program on Extremism, said of ISIS. Regarding ISIS’s cyber personnel, Berger said “it's difficult to put a number on this, especially after the attrition of the last year. At one point, there were certainly at least a couple dozen hackers formally affiliated with the group. I can't realistically estimate what that looks like today.”

“I don’t think anyone has any proof that there’s an imminent attack or that ISIS has acquired the manpower or the resources to launch an attack on the infrastructure of the United States,” Craig Guiliano, a former counterterrorism official with DOD, told Government Technology in May. “It could be a potential threat in the future, but we’re not there yet.”

This is not to say that groups such as ISIS do not pose a distinct threat in cyberspace. “As far as the terrorist – the evolving of the terrorist threat – they have gone from using the Internet and cyber as a propaganda tool to, I think, just recently this year we saw them not use it just for a tool but also to obtain information to target US government military personnel,” Sean Newell, deputy chief for Cyber, Counterintelligence and Export Control Section at the Justice Department, said at an event hosted by the Atlantic Council recently. “That’s a significant evolution and you can rest assured they don’t want to stop there and they want to keep moving towards greater destructive attacks or cyber-enabled attacks that cause loss of life.”  
            
Other aspect of ISIS’s online presence, include maintaining communications. Berger clarified that the so-called “Cyber Caliphate,” includes both members within ISIS as well as “less affiliated supporters.” Some hackers, he said, that have been recruited are responsible for securing communications and maintaining Internet connections in Iraq and Syria
 
One of, if not the most, prominent presence ISIS maintains online is that of its social media for propaganda as well as and recruitment. While the role of social media in recruiting and radicalizing individuals can be overstated to some degree, it is still an important component that the United States has prioritized combating.
      
To date, US counter-messaging campaigns have had less-than desired effects. The State Department is trying to improve its counter-messaging campaign. Recently, it named the current Assistant Secretary of Defense for Special Operations and Low Intensity Conflict Michael Lumpkin to head the Global Engagement Center, which helps allies counter extremist messaging. The New York Times reported recently that the decision to tap Lumpkin was to leverage his “understanding of covert operations to improve the State Department’s efforts.”

The Obama administration has also made a fervent push to increase its partnership with the Silicon Valley to leverage top technologies to combat ISIS. Last week, cabinet chiefs went to Silicon Valley to meet with company heads in an effort to increase the public-private partnership.

Richard Stengel, under secretary of State for Public Diplomacy and Public Affairs, who oversees the Center for Strategic Counterterrorism Communications – an outlet that counters ISIS propaganda – told an audience recently at the New America Foundation that a sprint team from the private sector came in to do a deep dive into what CSCC was doing. The team recommended four principles for success going forward, including more leveraging of data analytics, using campaigns (such as highlighting defector testimonials) rather than “tit for tat messaging,” relying more on partners and third parties globally, and leveraging the private sector.   

With ISIS trying to build up its cyber capabilities, compounded by hacktivist groups such as a Palestinian hacker organization pledging allegiance and its efforts to ISIS’ leader, the threat from the group in the virtual world in increasing. While the United States counters ISIS’ operations in the physical world, it’s also taking up the fight in cyberspace, and sometimes those two world converge.

DefenseSystems: http://bit.ly/1nz6LbM

« Egyptian Uprising - a 'social media revolution'?
The Dismal Sate Of Payment Data Security »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Intruder

Intruder

Intruder is a cloud-based vulnerability scanner that finds cyber security weaknesses in your digital infrastructure, to avoid costly data breaches.

Unitrends

Unitrends

Unitrends helps IT pros do more with less by providing an all-in-one enterprise backup and continuity solution.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

MENAInfoSecurity

MENAInfoSecurity

MENAInfoSecurity is a regional leader in information security solutions, assurance services and managed services.

EU Joint Research Centre

EU Joint Research Centre

JRC is the European Commission's science and knowledge service which employs scientists to carry out research in order to provide independent scientific advice and support to EU policy.

Critical Insight

Critical Insight

Critical Insight provide Managed Detection and Response, Vulnerability Detection, and Consulting Services to help you secure your mission-critical systems.

SECURITI.ai

SECURITI.ai

SECURITI.ai's PrivacyOps platform is a full-stack solution that operationalizes and simplifies privacy compliance using robotic automation and a natural language interface.

Aujus Cybersecurity

Aujus Cybersecurity

Aujas is a pure-play cyber security services company with deep expertise in Identity and Access Management, Managed Security and Security Testing services.

SyncDog

SyncDog

SyncDog is a leader in enterprise security and the preeminent vendor for containerized mobile application security across cloud & on-premise computing environments.

White Cloud Security

White Cloud Security

White Cloud is a cloud-based Application Trust-Listing security service that prevents unauthorized programs from running on your computers.

Reliance Cyber

Reliance Cyber

Reliance Cyber (formerly Reliance ACSN) help to monitor and manage your organisation’s security infrastructure 24/7, so you can make sure all threats and issues are dealt with.

SecurIT360

SecurIT360

SecurIT360 is a full-service specialized Cyber Security and Compliance consulting firm.

Rimstorm

Rimstorm

Rimstorm’s mission is to significantly improve the security of your data using award-winning, state-of-the-art technology combined with cyber managed security services.

Quzara

Quzara

Quzara provides trusted advisory services and highly adaptive cybersecurity services to federal, commercial and Defense Industrial Base customers to meet their security compliance and cyber needs.

NASK

NASK

NASK is a National Research Institute under the supervision of the Chancellery of the Prime Minister of Poland. Our key activities involve ensuring security online.

SecureKloud Technologies

SecureKloud Technologies

SecureKloud is a global leader in the Cloud services arena. Our experience in cloud consulting and servicing for highly regulated industries extends more than a decade.