Cyberterrorism: The Next Threat From Islamic State

Earlier this year the attacks in London and Manchester catapulted terrorism back into the mainstream for many UK citizens.

History demonstrates that terrorism, like any other entity, is constantly evolving, with earlier groups such as the IRA and Basque separatists ETA notorious for their breadth of tactics.

Scholars agree that prior to its recent territorial setbacks, including ejection from Mosul, one of the reasons Islamic State (IS)  had managed to successfully preside over such a vast swathe of land was because of its unique blend of a combination of guerrilla, infantry and organised crime tactics.

As IS loose territory in the Middle East we have seen an upsurge in IS attacks focusing on softer and less protected targets in the West, such bars and bridges.

The flexibility the organisation has demonstrated in the past suggest it is unlikely to ignore cyber for long and several prominent terrorism authorities argue “It is no longer a matter of if cyberterror will emerge, but when”.  States have demonstrated that they can bring down power stations (Stuxnet in Iran or BlackEnergy in Ukraine), so non-state actors have a template to follow.

Given both the significant funds still available to IS even now, and the ease by which hacking tools are available to purchase on the dark web, a combination of cybercrime and jihadism is a likely future threat.

If, for example, the motivations behind the WannaCry NHS ransomware attack had been clearly ideological rather than financial, then the consequences could have been a lot worse.

Hypothetically, if an IS supporter modified off-the-shelf hacking tools in an attempt to take down the national grid or gain access to computers at Heathrow airport, the consequences could be dire.

That's before we entertain the possibility that the wealth the group enjoys could easily be channelled into a state sponsored hacking collective similar to that purported to be orchestrated by the Chinese and Russian governments.

While there has only been one confirmed cyber-terrorism case, another case involving a Trojan infecting computers at a Madrid airport in 2008 outlines the potential impact – the resulting crash saw a hundred and fifty-four injuries –  although there was no evidence of terrorist involvement.

While this should not be overstated, it is not inconceivable that the two major threats of our time could come together.

The combination of increased reliance on technology, allied with the increase in cyber-criminals' capabilities, will give terrorists the motivation and capacity to carry out a new vector of attack capable of producing mass casualties without requiring the perpetrator to leave their home.

With a world almost totally reliant on computers the potential damage caused by hackers is limitless, combine this with the ideological fanaticism showed by groups such as IS and you have an issue that cannot be ignored.

Given that the government is struggling to get to grips with surges in both terrorist attacks and cyber-crime, it is undeniable there is some serious thinking to be done at governmental level to ensure that, should IS exploit the available technology, the UK isn't left paralysed by tech savvy jihadis.

Solving one of these mammoth issues would be difficult enough, but getting to grips with both may prove the challenge of our time. With no end in sight for either, the Government must get to work.

SC Magazine:

You Might Also Read:

Cyber Caliphate's Scorecard:

Flight Ban On Laptops 'sparked by IS threat':

 

« Why We Need a Transatlantic Charter for Data Security and Mobility
Microsoft Cloud Earnings Beat Expectations »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

MobileIron

MobileIron

MobileIron provides EMM capabilities to IT organizations that need to secure mobile devices, applications and content.

Cyber Security Challenge UK

Cyber Security Challenge UK

Cyber Security Challenge UK is a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cybersec professionals.

Cynerio

Cynerio

Cynerio develops cybersecurity protections for medical devices, comparing network behavior with a database of medical workflows.

Verafin

Verafin

Verafin is one of the North American leaders in fraud detection and AML software.

SensorHound

SensorHound

SensorHound’s mission is to improve the security and reliability of the Internet of Things (IoT).

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

3wSecurity

3wSecurity

3wSecurity provides visibility to your company’s internet facing systems throughout the security life cycle, allowing for a more thorough approach to vulnerability management.

Graylog

Graylog

Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.

Crowe

Crowe

Crowe is a public accounting, consulting, and technology firm that combines deep industry and specialized expertise with innovation.

Firmus

Firmus

As the leading penetration testing services provider in Malaysia, Firmus evaluates the ability of your internal or external information assets to withstand attacks.

Zenity

Zenity

Zenity is the first and only security governance platform for low-code/no-code applications.

Guardey

Guardey

Guardey protects thousands of SME's environments. Whether your team works at the office, at home, at the customer or remotely. We protect your business. We do this in an accessible and affordable way.

Oz Forensics

Oz Forensics

Oz Forensics is a global leader in preventing biometric and deepfake fraud. It is a developer of facial Liveness detection for Antifraud Biometric Software with high expertise in the Fintech market.

ExactTrak

ExactTrak

ExactTrak provide embedded cyber security solutions for your digital devices – whenever and wherever you need them.

Lenze

Lenze

Lenze are an experienced partner for automation systems, digitalization and cyber security.