Exploring Alternatives: Terrorism Converging With Cyber Crime

Uploaded on 2016-08-26 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

Islamic State's german language magazine  'Kybernetiq', which is  designed to guide jihadist on how to take part in 'cyber war' against other countries.

There is growing evidence that terrorists and criminals are converging in cyperspace. 

Current reporting continues to focus terrorist usage of the technology as a tool for recruitment or the possibility of expanding into offensive cyber-attack operations. One additional possibility that may be overlooked is the development cybercrime operations by terrorist networks. Given the ongoing events in the world; what once could have been considered a farfetched idea is now coalescing as conditions are developing that provide the right environment and ripe opportunity. 

Examining the Islamic State (ISIS) one discovers that the network has a formally staffed capability that is focused on encryption and cyber-attacks. ISIS also has the Afaaq Electronic Foundation, which assists its members by providing online counter-surveillance training. As international military forces have targeted the ISIS revenue streams, the threat has expanded into other countries to reduce the operational impact. However, the global community has responded by expanding operations aimed to disrupt financial capabilities. Terrorists look to disperse support capabilities when threatened because fixed assets are vulnerable to disruption. The world of cybercrime offers ISIS a remote capability that could be conducted by its internationally dispersed support personnel. ISIS has expressed interest in ransomware, which has seen US universities and hospitals pay the extortion with no arrests. 

The focus on ISIS being technically savvy enough to avoid detection online is a direct result of the Snowden revelations. This revelation directly supports the continuation of ISIS monitoring the news of cyberspace to determine vulnerabilities, both its and the enemy, to improve operations. Given this world view, the case of the $81 million SWIFT bank account reveals challenging and systematic failures ripe for the terrorist network exploitation. Fundamentally, the hacking can be attributed to a lack of verification of SWIFT transactions between banking systems and the possibility from insider help. The following events present an even greater critical problem.

The Bangladesh Bank that was the target of the SWIFT hacking originally hired a cybersecurity company to investigate the crime. That company was dismissed in June 2016 as costs associated with the contract outpaced results. While the owner of the SWIFT messaging system hired a cyber forensic team the disparity between investigations shows that not all connected to the hack have the same ability or determination. Another exploitable area is that Bangladesh has demonstrated that the financial institution is willing to accept an $81 million dollar loss, concentrating instead on recovering some of those funds by claiming that the US Federal Reserve also shares responsibility. However this situation gets resolved, at the current time the $81 million is untraceable, those hacked are blaming each other, Bangladesh has established a loss threshold of millions, and the hack demonstrates the potential benefits of cyber-related criminal activities to terrorist organizations.    

Given the advantages to an illicit network, the SWIFT hack results are something that ISIS could find an interesting scenario. This development is also substantiated by revelations that ISIS used an “Albanian Hacker” to develop a kill list of US government/military personnel. While many debate the merits of a convergence between terrorists and criminals, this concept is confined to understanding these as two separate entities and not types of operations carried out by the threat networks. A 2013 paper by the US government reasoned that ‘all terrorist organizations are Transnational Criminal Organizations’. This goes to the critical need for money, which fuels operations. In 1969 Carlos Marighella wrote the book that set the standards on how terrorists can operate in a city environment called, “The Minimanual of the Urban Guerilla”. This manual instructed terrorists how to rob banks and perform kidnappings to fund operations. Margihella’s instructions continue to be promulgated through the global-connected network of terrorists. It would be safe to assume that Carlos would be a proponent of using cyber-crime to fund those operations if he was alive today. 
 
About the author: An intelligence professional with many years active service in the US Intelligence Community, Norman T Lihou has taught at the US Army Intelligence Center of Excellence, Defense Intelligence Agency, National Defense University, Army War College, NATO C-IED Center of Excellence and the Joint Forces Training Centre.

« Keyless Entry Renders Millions Of Cars Vulnerable
UK Police Hire Law Firms To Tackle Cyber Criminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Siepel

Siepel

Siepel manufactures high quality shielded rooms and anechoic chambers dedicated to TEMPEST, NEMP & HIRF.

Seclab

Seclab

Seclab is an innovative player in the protection of industrial systems and critical infrastructure against sophisticated cyber attacks.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

Arete

Arete

Arete is a global cyber risk company whose mission is to transform the way organizations prepare for, respond to, and prevent cybercrime.

ngCERT

ngCERT

ngCERT is the National Computer Emergency Response Team for Nigeria.

MicroEJ

MicroEJ

MicroEJ is a software vendor of cost-driven solutions for embedded and IoT devices.

EOL IT Services

EOL IT Services

EOL IT Services is the UK’s most accredited provider of IT Asset Disposal (ITAD), Lifecycle Services and Data Destruction.

KDM Analytics

KDM Analytics

KDM Analytics software products automate the NIST risk management framework (RMF) assessment for operational technology (OT) systems.

Ironhack

Ironhack

Ironhack provide intensive training courses & bootcamps in Web Development, UX/UI Design, Data Analytics & Cybersecurity.

The ATOM Group

The ATOM Group

ATOM builds and secures technology for regulated industries. We design and build for a future we can all trust.

SOOS

SOOS

SOOS is the easy-to-integrate software security solution for your whole team. Build, catch, and fix vulnerabilities with SOOS Software Composition Analysis.

eCloudvalley Digital Technology

eCloudvalley Digital Technology

eCloudvalley Digital Technology is a born-in-the-cloud partner focused entirely on AWS services across APAC region.

Kubus Hitam

Kubus Hitam

Kubus Hitam are a research-based company focused on cyber security. we strongly believe that innovation and safety are the two keywords for the future business market.

DeXpose

DeXpose

DeXpose is a hybrid dark/deep web monitoring and attack surface mapping platform to help you find compromised data or exposed assets related to your organization way before threat actors.

Bitdefender Voyager Ventures (BVV)

Bitdefender Voyager Ventures (BVV)

Bitdefender Voyager Ventures is an early-stage investment vehicle focused on cybersecurity, data analytics and automation startups.

Assurestor

Assurestor

Assurestor's singular focus is delivering leading cloud-based backup and disaster recovery designed to increase levels of IT resilience.