Cyberwar Against Islamic State Is Struggling

The so-called "cyber bombs" that the US military is virtually dropping on Islamic State targets aren't working as well as first hoped.

The Pentagon is tracking ISIS growing threat to US and Iraqi forces by deploying small commercial drones armed with improvised explosives devices or spy cameras that can evade detection. The drones would be deployed within two years, if not sooner, according to a Pentagon spokesman.

UAS Vision reports that the Defense Department office charged with monitoring and countering improvised explosive devices has asked that Congress approve shifting $20 million to provide seed money for a counter-drone effort.

The funds would be invested in moves to “identify, acquire, integrate and conduct testing” of technologies that would “counter the effects of unmanned aerial systems and the threats they pose to US forces,” according to a budget document sent to Congress last week. It was part of a request for approval to shift $2.5 billion in defense funds from other purposes to reflect changing needs.

IS can use cheap commercail drones 

Commercially available drone technology has proliferated beyond hobbyists to adversaries. In its latest annual report on Iran’s military capabilities, the Defense Department said the Islamic Republic is fielding armed drones among other “increasingly lethal weapon systems.” At the Pentagon, the police force has posted “no drone” signs around the sprawling complex along with the usual “no photos” reminders.

In the fight against Islamic State, “small and tactical unmanned aerial systems” equipped with improvised explosive devices, or IEDs, “pose a direct threat to US and coalition forces,” according to the budget document, as quoted by UAS Vision.

The Joint Improvised-Threat Defeat Agency, the Pentagon office that has worked to combat improvised explosive devices since the 2003 Iraq war, has seen Islamic State fly “quadcopters and fixed-wing type drones you can buy commercially” as “both an IED delivery system and for reconnaissance,” according to its spokesman.

The commercial drones used by Islamic State have weighed about 50 pounds or less, he said, without providing any details on the number of attacks or resulting casualties.

In addition to using drones with full-motion video to look for attack opportunities and to monitor Iraqi Security Forces, the pilotless aircraft are being used to provide target information for vehicles carrying suicide bombs, added the spokesman.

Pentagon's 'cyber bombs' against the Islamic State aren't working

Secretary of Defense Ash Carter apparently coined the term "cyber bombs" in an interview with NPR earlier this year, describing the US military's cyber-offensive against the radical terrorist group.

But a new report by The Washington Post says the militant group's "sophisticated" use of technology is making it difficult for the Pentagon to disrupt the group's operations and spread of propaganda with specially-crafted malware designed to target the group's computers, mobile devices, and infrastructure.

The Pentagon earlier this year took the bizarre and almost unheard-of step to disclose it was ramping up its cyber-offensive against the Islamic State, better known as ISIS (or ISIL).

Carter didn't say exactly how the Pentagon would achieve its goals, but he hinted that it could take advantage of the US government's stockpile of exploits and cyber-weapons at its disposal.

With that, US officials were hoping to interrupt and disrupt the group's "command and control" apparatus. But that's proving difficult. The Washington Post said in a recent report that US operations so far have "not yet developed a full suite of malware and other tools tailored to attack an adversary dramatically different than the nation-states [US Cyber Command] was created to fight".

The situation is difficult because the group isn't a government or nation-state, which relies on fixed and traditional infrastructure, like North Korea and Iran. The group's decentralized and constantly moving units means any US government offensive has to target individuals with malware, or long-range jamming equipment, which may have an adverse effect on civilians.

That means Islamic State fighters can switch servers and other hardware to "stay ahead of the attacks," The Washington Post reports.

Lt. Gen. Edward Cardon, whose job it is to oversee a division of the National Security Agency tasked with creating digital weaponry, admits the war "is not going to be won in cyberspace".

This is said to be the first, significant push by a nation-state's military to use cyber-weapons and attack tactics traditionally used by clandestine intelligence services.

The Pentagon is developing cyber warfare tools to fight ISIS

US Cyber Command chief Adm. Michael S. Rogers has created a dedicated unit tasked with developing a suite of malware and digital weapons that can be used to wage digital war against ISIS. The Pentagon originally gave Cyber Command the daunting task of launching online attacks against the Islamic State earlier this year. 

Unfortunately, according to The Washington Post, Cybercom was ill-prepared for the role - besides lacking the tools to get the job done, it didn't have the right people to pull it off. WP says the new team is called "Joint Task Force Ares," and some of their possible missions include disrupting the terrorist group's payment system and knocking their current chat app of choice offline.

The Pentagon could also use the task force if it will reduce the risk of civilian casualties, for instance, cutting off communications to a hideout instead of bombing it. However, while it will be in charge of offensive operations, it won't be responsible for finding the military's airstrike targets. 

At this point in time, Joint Task Force Ares will only deploying cyber-attacks against ISIS in Iraq and Syria. A Pentagon official told the WP, though, that the unit will go global in the future.

Cyberwar against IS struggling

However, an unprecedented Pentagon cyber offensive against the Islamic State has gotten off to a slow start, officials said, frustrating Pentagon leaders and threatening to undermine efforts to counter the militant group's sophisticated use of technology for recruiting, operations and propaganda.

The US military's new cyberwar, which strikes across networks at the group's communications systems and other infrastructure, is the first major, publicly declared use by any nation's military of digital weapons that are more commonly associated with covert actions by intelligence services.

The debut effort is testing the ability of the military's 7-year-old US Cyber Command to conduct offensive operations against an enemy that has proved to be an adept user of technology to organize operations, recruit fighters and move money.

But defense officials said the command is still working to put the right staff in place and has not yet developed a full suite of malware and other tools tailored to attack an adversary dramatically different from the nation-states US Cyber Command was created to fight.

The very nature of the Islamic State, not a country or a government that would have vast institutions or infrastructure vulnerable to attack, makes it a challenging target for cyberattacks. It is unlike more traditional foes such as Iran, a country whose nuclear infrastructure was attacked in a joint US-Israeli operation by a sophisticated piece of malware designed to infiltrate and damage the computers running an enrichment facility.

"The more dependent you are on technology, the more you are a target for cyberattack. And ISIS is less dependent," said James Lewis, a cyber-policy expert at the Center for Strategic and International Studies, said, using an acronym for the Islamic State. "It doesn't mean you get no military advantage out of it. But scruffy insurgents aren't the best target for high-tech weapons."

I-HLS:    Ein News:    ZD Net:    Ein News

 

« In The UK Cybercrime Has Overtaken Traditional Crime
Civil Liberties Group Crashes Thailand Government Website »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IONU Security

IONU Security

IONU offer a security platform focused specifically on providing Data-centric Security.

CGI Group

CGI Group

CGI is a leading IT and business process services provider. Services include IT consulting, Systems Integration, Application Development, Infrastructure, Business Processes, Digital IP.

Homeland Security Advanced Research Projects Agency (HSARPA)

Homeland Security Advanced Research Projects Agency (HSARPA)

HSARPA's Cyber Security Division (CSD) was set up to address DHS cyber operational and critical infrastructure protection requirements.

Rambus Security Division

Rambus Security Division

Rambus Security Division solutions span areas including tamper resistance, content protection, network security, mobile payment, smart ticketing, and trusted provisioning services.

Cognizant

Cognizant

Cognizant offer services and solutions for IT Infrastructure Security, Enterprise Mobility and Internet of Things.

Japan Network Security Association (JNSA)

Japan Network Security Association (JNSA)

JNSA's goal is to promote standardization related to network security and to contribute to greater technological standards in the field.

Convercent

Convercent

We offer comprehensive and integrated compliance management, reporting, and analytics. A 360-degree view of compliance drives efficiency by aligning initiatives and data into a single dashboard.

OGiTiX

OGiTiX

OGiTiX Software AG is a German software manufacturer specializing in Identity and Access Management.

Cytellix

Cytellix

Cytellix is an industry-standards-based, managed cybersecurity service provider, specializing in proactive behavioral analytics and situational awareness of an organization’s cyber posture.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

ControlMap

ControlMap

ControlMap is a software as a service platform with a mission to simplify and eliminate stress from everyday operations of modern IT compliance teams.

TechBase

TechBase

TechBase is an innovation and start-up center offering technology-oriented start-ups optimal conditions for successful business development.

QAlified

QAlified

QAlified offer independent testing and quality assurance services for software projects including security testing.

Gleam Cloud Security Solutions (GCSS)

Gleam Cloud Security Solutions (GCSS)

GCSS Security is an information security firm providing cyber security protection with a highly skilled and experienced team focused on technology that creates best-in-class customer experiences.

ThreatView by Turaco Labs

ThreatView by Turaco Labs

ThreatView combines extensive experience in digital forensics with advanced analytics and threat detection capabilities to protect eCommerce websites.

Xcede

Xcede

Xcede are global technology recruitment specialists. We connect companies with exceptional professionals who empower growth.