Cyberwar Against Islamic State Is Struggling

The so-called "cyber bombs" that the US military is virtually dropping on Islamic State targets aren't working as well as first hoped.

The Pentagon is tracking ISIS growing threat to US and Iraqi forces by deploying small commercial drones armed with improvised explosives devices or spy cameras that can evade detection. The drones would be deployed within two years, if not sooner, according to a Pentagon spokesman.

UAS Vision reports that the Defense Department office charged with monitoring and countering improvised explosive devices has asked that Congress approve shifting $20 million to provide seed money for a counter-drone effort.

The funds would be invested in moves to “identify, acquire, integrate and conduct testing” of technologies that would “counter the effects of unmanned aerial systems and the threats they pose to US forces,” according to a budget document sent to Congress last week. It was part of a request for approval to shift $2.5 billion in defense funds from other purposes to reflect changing needs.

IS can use cheap commercail drones 

Commercially available drone technology has proliferated beyond hobbyists to adversaries. In its latest annual report on Iran’s military capabilities, the Defense Department said the Islamic Republic is fielding armed drones among other “increasingly lethal weapon systems.” At the Pentagon, the police force has posted “no drone” signs around the sprawling complex along with the usual “no photos” reminders.

In the fight against Islamic State, “small and tactical unmanned aerial systems” equipped with improvised explosive devices, or IEDs, “pose a direct threat to US and coalition forces,” according to the budget document, as quoted by UAS Vision.

The Joint Improvised-Threat Defeat Agency, the Pentagon office that has worked to combat improvised explosive devices since the 2003 Iraq war, has seen Islamic State fly “quadcopters and fixed-wing type drones you can buy commercially” as “both an IED delivery system and for reconnaissance,” according to its spokesman.

The commercial drones used by Islamic State have weighed about 50 pounds or less, he said, without providing any details on the number of attacks or resulting casualties.

In addition to using drones with full-motion video to look for attack opportunities and to monitor Iraqi Security Forces, the pilotless aircraft are being used to provide target information for vehicles carrying suicide bombs, added the spokesman.

Pentagon's 'cyber bombs' against the Islamic State aren't working

Secretary of Defense Ash Carter apparently coined the term "cyber bombs" in an interview with NPR earlier this year, describing the US military's cyber-offensive against the radical terrorist group.

But a new report by The Washington Post says the militant group's "sophisticated" use of technology is making it difficult for the Pentagon to disrupt the group's operations and spread of propaganda with specially-crafted malware designed to target the group's computers, mobile devices, and infrastructure.

The Pentagon earlier this year took the bizarre and almost unheard-of step to disclose it was ramping up its cyber-offensive against the Islamic State, better known as ISIS (or ISIL).

Carter didn't say exactly how the Pentagon would achieve its goals, but he hinted that it could take advantage of the US government's stockpile of exploits and cyber-weapons at its disposal.

With that, US officials were hoping to interrupt and disrupt the group's "command and control" apparatus. But that's proving difficult. The Washington Post said in a recent report that US operations so far have "not yet developed a full suite of malware and other tools tailored to attack an adversary dramatically different than the nation-states [US Cyber Command] was created to fight".

The situation is difficult because the group isn't a government or nation-state, which relies on fixed and traditional infrastructure, like North Korea and Iran. The group's decentralized and constantly moving units means any US government offensive has to target individuals with malware, or long-range jamming equipment, which may have an adverse effect on civilians.

That means Islamic State fighters can switch servers and other hardware to "stay ahead of the attacks," The Washington Post reports.

Lt. Gen. Edward Cardon, whose job it is to oversee a division of the National Security Agency tasked with creating digital weaponry, admits the war "is not going to be won in cyberspace".

This is said to be the first, significant push by a nation-state's military to use cyber-weapons and attack tactics traditionally used by clandestine intelligence services.

The Pentagon is developing cyber warfare tools to fight ISIS

US Cyber Command chief Adm. Michael S. Rogers has created a dedicated unit tasked with developing a suite of malware and digital weapons that can be used to wage digital war against ISIS. The Pentagon originally gave Cyber Command the daunting task of launching online attacks against the Islamic State earlier this year. 

Unfortunately, according to The Washington Post, Cybercom was ill-prepared for the role - besides lacking the tools to get the job done, it didn't have the right people to pull it off. WP says the new team is called "Joint Task Force Ares," and some of their possible missions include disrupting the terrorist group's payment system and knocking their current chat app of choice offline.

The Pentagon could also use the task force if it will reduce the risk of civilian casualties, for instance, cutting off communications to a hideout instead of bombing it. However, while it will be in charge of offensive operations, it won't be responsible for finding the military's airstrike targets. 

At this point in time, Joint Task Force Ares will only deploying cyber-attacks against ISIS in Iraq and Syria. A Pentagon official told the WP, though, that the unit will go global in the future.

Cyberwar against IS struggling

However, an unprecedented Pentagon cyber offensive against the Islamic State has gotten off to a slow start, officials said, frustrating Pentagon leaders and threatening to undermine efforts to counter the militant group's sophisticated use of technology for recruiting, operations and propaganda.

The US military's new cyberwar, which strikes across networks at the group's communications systems and other infrastructure, is the first major, publicly declared use by any nation's military of digital weapons that are more commonly associated with covert actions by intelligence services.

The debut effort is testing the ability of the military's 7-year-old US Cyber Command to conduct offensive operations against an enemy that has proved to be an adept user of technology to organize operations, recruit fighters and move money.

But defense officials said the command is still working to put the right staff in place and has not yet developed a full suite of malware and other tools tailored to attack an adversary dramatically different from the nation-states US Cyber Command was created to fight.

The very nature of the Islamic State, not a country or a government that would have vast institutions or infrastructure vulnerable to attack, makes it a challenging target for cyberattacks. It is unlike more traditional foes such as Iran, a country whose nuclear infrastructure was attacked in a joint US-Israeli operation by a sophisticated piece of malware designed to infiltrate and damage the computers running an enrichment facility.

"The more dependent you are on technology, the more you are a target for cyberattack. And ISIS is less dependent," said James Lewis, a cyber-policy expert at the Center for Strategic and International Studies, said, using an acronym for the Islamic State. "It doesn't mean you get no military advantage out of it. But scruffy insurgents aren't the best target for high-tech weapons."

I-HLS:    Ein News:    ZD Net:    Ein News

 

« In The UK Cybercrime Has Overtaken Traditional Crime
Civil Liberties Group Crashes Thailand Government Website »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ReadWrite

ReadWrite

ReadWrite is a leading media platform dedicated to IoT and the Connected World.

CFC Underwriting

CFC Underwriting

CFC is a specialist insurance provider and a pioneer in emerging risk, including cyber insurance.

Bricata

Bricata

Bricata offers industry-leading IPS solutions for enterprise-wide threat prevention and unparalleled situational awareness.

Disklabs

Disklabs

Disklabs are industry leaders in data recovery, digital forensics and data erasure.

SAASPASS

SAASPASS

SAASPASS is a full-stack identity and access management solution, a single product which allows you to manage all your digital and physical access needs securely and conveniently.

TI Safe

TI Safe

TI Safe provide cybersecurity solutions for industrial networks of main critical infrastructures in Latin America.

adaware

adaware

adaware is an award-winning security and privacy software provider, empowering users to connect with confidence.

Y-PARC

Y-PARC

Y-PARC is a center of excellence for cybersecurity, precision industries and medtech, fostering innovation and development and support for startups.

AlertSec

AlertSec

AlertSec Ensure is a U.S. patented technology that allows you to educate, verify and enforce encryption compliance of third-party devices.

Socure

Socure

Socure’s identity verification increases auto approval rates, reduces false positives and captures more fraud. In real time.

DNX Ventures

DNX Ventures

Based in Silicon Valley and Tokyo, DNX Ventures is an early stage VC for B2B startups in sectors including Cybersecurity.

Difenda

Difenda

Difenda Shield is a fully integrated and modular cybersecurity suite that gives your organization the agility it needs to implement a world-class cybersecurity system.

Protect AI

Protect AI

Protect AI is a cybersecurity company focused on AI & ML systems. Through innovative security products and thought leadership in MLSecOps, we help our customers build a safer AI powered world.

Verinext

Verinext

Verinext delivers transformative business technology, from intelligently automating time-consuming tasks and protecting data assets to securing infrastructure and improving customer experiences.

Tamnoon

Tamnoon

Tamnoon is the Managed Cloud Detection and Response platform that helps you turn CNAPP and CSPM alerts into action and fortify your cloud security posture.

Frenos

Frenos

The Frenos Platform helps enterprises understand their most probable attack paths while highlighting the most effective risk mitigations to deter and defend against today’s adversaries.