Exploring Alternatives: Terrorism Converging With Cyber Crime

Uploaded on 2016-08-26 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

Islamic State's german language magazine  'Kybernetiq', which is  designed to guide jihadist on how to take part in 'cyber war' against other countries.

There is growing evidence that terrorists and criminals are converging in cyperspace. 

Current reporting continues to focus terrorist usage of the technology as a tool for recruitment or the possibility of expanding into offensive cyber-attack operations. One additional possibility that may be overlooked is the development cybercrime operations by terrorist networks. Given the ongoing events in the world; what once could have been considered a farfetched idea is now coalescing as conditions are developing that provide the right environment and ripe opportunity. 

Examining the Islamic State (ISIS) one discovers that the network has a formally staffed capability that is focused on encryption and cyber-attacks. ISIS also has the Afaaq Electronic Foundation, which assists its members by providing online counter-surveillance training. As international military forces have targeted the ISIS revenue streams, the threat has expanded into other countries to reduce the operational impact. However, the global community has responded by expanding operations aimed to disrupt financial capabilities. Terrorists look to disperse support capabilities when threatened because fixed assets are vulnerable to disruption. The world of cybercrime offers ISIS a remote capability that could be conducted by its internationally dispersed support personnel. ISIS has expressed interest in ransomware, which has seen US universities and hospitals pay the extortion with no arrests. 

The focus on ISIS being technically savvy enough to avoid detection online is a direct result of the Snowden revelations. This revelation directly supports the continuation of ISIS monitoring the news of cyberspace to determine vulnerabilities, both its and the enemy, to improve operations. Given this world view, the case of the $81 million SWIFT bank account reveals challenging and systematic failures ripe for the terrorist network exploitation. Fundamentally, the hacking can be attributed to a lack of verification of SWIFT transactions between banking systems and the possibility from insider help. The following events present an even greater critical problem.

The Bangladesh Bank that was the target of the SWIFT hacking originally hired a cybersecurity company to investigate the crime. That company was dismissed in June 2016 as costs associated with the contract outpaced results. While the owner of the SWIFT messaging system hired a cyber forensic team the disparity between investigations shows that not all connected to the hack have the same ability or determination. Another exploitable area is that Bangladesh has demonstrated that the financial institution is willing to accept an $81 million dollar loss, concentrating instead on recovering some of those funds by claiming that the US Federal Reserve also shares responsibility. However this situation gets resolved, at the current time the $81 million is untraceable, those hacked are blaming each other, Bangladesh has established a loss threshold of millions, and the hack demonstrates the potential benefits of cyber-related criminal activities to terrorist organizations.    

Given the advantages to an illicit network, the SWIFT hack results are something that ISIS could find an interesting scenario. This development is also substantiated by revelations that ISIS used an “Albanian Hacker” to develop a kill list of US government/military personnel. While many debate the merits of a convergence between terrorists and criminals, this concept is confined to understanding these as two separate entities and not types of operations carried out by the threat networks. A 2013 paper by the US government reasoned that ‘all terrorist organizations are Transnational Criminal Organizations’. This goes to the critical need for money, which fuels operations. In 1969 Carlos Marighella wrote the book that set the standards on how terrorists can operate in a city environment called, “The Minimanual of the Urban Guerilla”. This manual instructed terrorists how to rob banks and perform kidnappings to fund operations. Margihella’s instructions continue to be promulgated through the global-connected network of terrorists. It would be safe to assume that Carlos would be a proponent of using cyber-crime to fund those operations if he was alive today. 
 
About the author: An intelligence professional with many years active service in the US Intelligence Community, Norman T Lihou has taught at the US Army Intelligence Center of Excellence, Defense Intelligence Agency, National Defense University, Army War College, NATO C-IED Center of Excellence and the Joint Forces Training Centre.

« Keyless Entry Renders Millions Of Cars Vulnerable
UK Police Hire Law Firms To Tackle Cyber Criminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Pervade Software

Pervade Software

Pervade Software is a global provider of dedicated compliance tracking software with monitoring & reporting capabilities.

Careers in Cyber Security (CiCS)

Careers in Cyber Security (CiCS)

CareersinCyberSecurity is a leading global job board and career resource for Cyber Security, IT Audit, Technology Risk and Data Protection professionals.

Secure Decisions

Secure Decisions

Secure Decisions focus on research and product development related to national security including information assurance, computer network defense, cyber security education, and application security.

Bavarian IT Security Cluster

Bavarian IT Security Cluster

The Bavarian IT Security Cluster works to build regional IT security competencies and increase the competitiveness and market opportunities of its member companies.

IBLISS Digital Security

IBLISS Digital Security

How cyber-resilient is your business now? We help companies to continuously answer this never-ending C-level question.

Cybeats Technologies

Cybeats Technologies

Cybeats delivers an integrated security platform designed to secure and protect high-valued connected devices.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Wontok

Wontok

Wontok deliver innovative value-added data security services that fill the gaps left in traditional security solutions.

Tabidus Technology

Tabidus Technology

Tabidus Technology is a cybersecurity association that unites and provides the global protection options against cyber threats.

Cyber Security Canada

Cyber Security Canada

Cyber Security Canada is an accredited Certification Body for government-backed Cyber Security Certification Programs, designed specifically for small and medium-sized Canadian businesses.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

PagerDuty

PagerDuty

PagerDuty is the central nervous system for a company’s digital operations. We identify issues in real-time and bring together the right people to respond to problems faster.

Darktrace

Darktrace

Darktrace is a global leader in cybersecurity AI, delivering complete AI-powered solutions in its mission to free the world of cyber disruption.

GitLab

GitLab

GitLab is a complete DevOps platform, delivered as a single application, fundamentally changing the way Development, Security, and Ops teams collaborate and build software.

NetDescribe

NetDescribe

NetDescribe, part of Xantaro Group, advises and supports companies in building secure and stable IT environments.

Cloudsmith

Cloudsmith

Cloudsmith is the only cloud-native, global, universal artifact management platform for securely developing and distributing software.