Cyberterrorism: The Next Threat From Islamic State

Earlier this year the attacks in London and Manchester catapulted terrorism back into the mainstream for many UK citizens.

History demonstrates that terrorism, like any other entity, is constantly evolving, with earlier groups such as the IRA and Basque separatists ETA notorious for their breadth of tactics.

Scholars agree that prior to its recent territorial setbacks, including ejection from Mosul, one of the reasons Islamic State (IS)  had managed to successfully preside over such a vast swathe of land was because of its unique blend of a combination of guerrilla, infantry and organised crime tactics.

As IS loose territory in the Middle East we have seen an upsurge in IS attacks focusing on softer and less protected targets in the West, such bars and bridges.

The flexibility the organisation has demonstrated in the past suggest it is unlikely to ignore cyber for long and several prominent terrorism authorities argue “It is no longer a matter of if cyberterror will emerge, but when”.  States have demonstrated that they can bring down power stations (Stuxnet in Iran or BlackEnergy in Ukraine), so non-state actors have a template to follow.

Given both the significant funds still available to IS even now, and the ease by which hacking tools are available to purchase on the dark web, a combination of cybercrime and jihadism is a likely future threat.

If, for example, the motivations behind the WannaCry NHS ransomware attack had been clearly ideological rather than financial, then the consequences could have been a lot worse.

Hypothetically, if an IS supporter modified off-the-shelf hacking tools in an attempt to take down the national grid or gain access to computers at Heathrow airport, the consequences could be dire.

That's before we entertain the possibility that the wealth the group enjoys could easily be channelled into a state sponsored hacking collective similar to that purported to be orchestrated by the Chinese and Russian governments.

While there has only been one confirmed cyber-terrorism case, another case involving a Trojan infecting computers at a Madrid airport in 2008 outlines the potential impact – the resulting crash saw a hundred and fifty-four injuries –  although there was no evidence of terrorist involvement.

While this should not be overstated, it is not inconceivable that the two major threats of our time could come together.

The combination of increased reliance on technology, allied with the increase in cyber-criminals' capabilities, will give terrorists the motivation and capacity to carry out a new vector of attack capable of producing mass casualties without requiring the perpetrator to leave their home.

With a world almost totally reliant on computers the potential damage caused by hackers is limitless, combine this with the ideological fanaticism showed by groups such as IS and you have an issue that cannot be ignored.

Given that the government is struggling to get to grips with surges in both terrorist attacks and cyber-crime, it is undeniable there is some serious thinking to be done at governmental level to ensure that, should IS exploit the available technology, the UK isn't left paralysed by tech savvy jihadis.

Solving one of these mammoth issues would be difficult enough, but getting to grips with both may prove the challenge of our time. With no end in sight for either, the Government must get to work.

SC Magazine:

You Might Also Read:

Cyber Caliphate's Scorecard:

Flight Ban On Laptops 'sparked by IS threat':

 

« Why We Need a Transatlantic Charter for Data Security and Mobility
Microsoft Cloud Earnings Beat Expectations »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Lima Networks

Lima Networks

LIMA design and deliver IT Infrastructure solutions and services including managed Security Monitoring services.

Charlton Networks

Charlton Networks

Charlton Networks provide a complete range of IT infrastructure, network and security solutions aimed at SME companies.

CSIRT.CZ

CSIRT.CZ

CSIRT.CZ is the National Computer Security Incident Response Team of the Czech Republic.

International Association for Cryptologic Research (IACR)

International Association for Cryptologic Research (IACR)

(IACR is a non-profit scientific organization whose purpose is to further research in cryptology and related fields.

qSkills

qSkills

QSkills is an independent training provider specialized high-quality IT and IT management training courses including IT security.

Digital Hands

Digital Hands

Digital Hands is an award-winning managed security services provider.

Mission Secure (MSi)

Mission Secure (MSi)

MSi is a specialized provider of next generation cyber defense solutions protecting control systems and critical physical assets in energy, transportation and defense.

SteelCloud

SteelCloud

SteelCloud has spent the last decade inventing technology to automate policy compliance, configuration control, and Cloud security.

SANS CyberStart

SANS CyberStart

SANS CyberStart is a unique and innovative suite of tools and games designed to introduce children and young adults to the field of cyber security.

GMV

GMV

GMV is a technological business group offering solutions, services and products in diverse sectors including Intelligent Transportation Systems, Cybersecurity, Telecoms and IT.

Cyber Defense Networking Solutions (CDNS)

Cyber Defense Networking Solutions (CDNS)

CDNS is a global network infrastructure provider whose platforms are engineered for security, optimized for speed and designed for resiliency.

GoTo

GoTo

At GoTo we help people and businesses to connect and collaborate simply and securely – from anywhere. We’re the trusted partner for companies of all sizes.

Gilsbar

Gilsbar

For more than half a century, Gilsbar has offered insurance service solutions and support for businesses and their employees.

Diverto

Diverto

Diverto is a company that provides a high level of information security to companies, institutions and other organisations in an information-centric world.

Edera

Edera

Edera is changing the way containers are run and secured, making isolation a reality and fundamentally transforming computing in the process.

Cloud Native Computing Foundation (CNCF)

Cloud Native Computing Foundation (CNCF)

CNCF seeks to drive adoption of cloud native technologies by fostering and sustaining an ecosystem of open source, vendor-neutral projects.