Exploring Alternatives: Terrorism Converging With Cyber Crime

Uploaded on 2016-08-26 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-Law Enforcement, FREE TO VIEW

Islamic State's german language magazine  'Kybernetiq', which is  designed to guide jihadist on how to take part in 'cyber war' against other countries.

There is growing evidence that terrorists and criminals are converging in cyperspace. 

Current reporting continues to focus terrorist usage of the technology as a tool for recruitment or the possibility of expanding into offensive cyber-attack operations. One additional possibility that may be overlooked is the development cybercrime operations by terrorist networks. Given the ongoing events in the world; what once could have been considered a farfetched idea is now coalescing as conditions are developing that provide the right environment and ripe opportunity. 

Examining the Islamic State (ISIS) one discovers that the network has a formally staffed capability that is focused on encryption and cyber-attacks. ISIS also has the Afaaq Electronic Foundation, which assists its members by providing online counter-surveillance training. As international military forces have targeted the ISIS revenue streams, the threat has expanded into other countries to reduce the operational impact. However, the global community has responded by expanding operations aimed to disrupt financial capabilities. Terrorists look to disperse support capabilities when threatened because fixed assets are vulnerable to disruption. The world of cybercrime offers ISIS a remote capability that could be conducted by its internationally dispersed support personnel. ISIS has expressed interest in ransomware, which has seen US universities and hospitals pay the extortion with no arrests. 

The focus on ISIS being technically savvy enough to avoid detection online is a direct result of the Snowden revelations. This revelation directly supports the continuation of ISIS monitoring the news of cyberspace to determine vulnerabilities, both its and the enemy, to improve operations. Given this world view, the case of the $81 million SWIFT bank account reveals challenging and systematic failures ripe for the terrorist network exploitation. Fundamentally, the hacking can be attributed to a lack of verification of SWIFT transactions between banking systems and the possibility from insider help. The following events present an even greater critical problem.

The Bangladesh Bank that was the target of the SWIFT hacking originally hired a cybersecurity company to investigate the crime. That company was dismissed in June 2016 as costs associated with the contract outpaced results. While the owner of the SWIFT messaging system hired a cyber forensic team the disparity between investigations shows that not all connected to the hack have the same ability or determination. Another exploitable area is that Bangladesh has demonstrated that the financial institution is willing to accept an $81 million dollar loss, concentrating instead on recovering some of those funds by claiming that the US Federal Reserve also shares responsibility. However this situation gets resolved, at the current time the $81 million is untraceable, those hacked are blaming each other, Bangladesh has established a loss threshold of millions, and the hack demonstrates the potential benefits of cyber-related criminal activities to terrorist organizations.    

Given the advantages to an illicit network, the SWIFT hack results are something that ISIS could find an interesting scenario. This development is also substantiated by revelations that ISIS used an “Albanian Hacker” to develop a kill list of US government/military personnel. While many debate the merits of a convergence between terrorists and criminals, this concept is confined to understanding these as two separate entities and not types of operations carried out by the threat networks. A 2013 paper by the US government reasoned that ‘all terrorist organizations are Transnational Criminal Organizations’. This goes to the critical need for money, which fuels operations. In 1969 Carlos Marighella wrote the book that set the standards on how terrorists can operate in a city environment called, “The Minimanual of the Urban Guerilla”. This manual instructed terrorists how to rob banks and perform kidnappings to fund operations. Margihella’s instructions continue to be promulgated through the global-connected network of terrorists. It would be safe to assume that Carlos would be a proponent of using cyber-crime to fund those operations if he was alive today. 
 
About the author: An intelligence professional with many years active service in the US Intelligence Community, Norman T Lihou has taught at the US Army Intelligence Center of Excellence, Defense Intelligence Agency, National Defense University, Army War College, NATO C-IED Center of Excellence and the Joint Forces Training Centre.

« Keyless Entry Renders Millions Of Cars Vulnerable
UK Police Hire Law Firms To Tackle Cyber Criminals »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

Logicalis

Logicalis

Logicalis are a leading provider of global IT solutions and managed services.

VADO Security Technologies

VADO Security Technologies

VADO Security enables the safe transfer of data between low & high security networks.

Telecommunications Industry Association (TIA)

Telecommunications Industry Association (TIA)

TIA works to secure trust in networks by advocating public policy positions on the security of ICT equipment and services related to critical infrastructure, supply chain and information sharing.

Swiss CyberSecurity

Swiss CyberSecurity

Swiss CyberSecurity is a non-profit group based in Geneva, set up to provide information and as a forum for discussion of topics related to CyberSecurity.

Network Box

Network Box

Network Box is one of the world's leading Managed Security Service Providers.

Mnemonica

Mnemonica

Mnemonica specializes in providing data protection system, information security compliance solutions, cloud and managed services.

Greylock Partners

Greylock Partners

Greylock Partners is a leading venture capital firm based in Silicon Valley. We invest in all sectors of enterprise software technology including applications, cloud/SaaS, networking and security.

Fly Ventures

Fly Ventures

Fly Ventures is a seed-stage venture capital fund for outstanding teams building Enterprise and Deep Tech startups in Europe.

Udacity

Udacity

Udacity's mission is to train the world’s workforce in the careers of the future. Our programs range from beginner to expert levels and deliver the hands-on skills for real-world expertise.

ramsac

ramsac

ramsac provide secure, resilient IT management, cybersecurity, 24 hour support and IT strategy to businesses in London and the South East.

CyberCatch

CyberCatch

CyberCatch provides an innovative cybersecurity Software-as-a-Service (SaaS) platform designed for SMBs.

Beyon Cyber

Beyon Cyber

Beyon Cyber offer a complete portfolio of advanced solutions & services for cyber security in Bahrain.

LaScala

LaScala

LaScala is an IT Managed Services provider delivering technical, security, and compliance solutions with dedication, compassion, and agility.

Prizsm Technologies

Prizsm Technologies

Prizsm is a computational storage capability that provides flexible, easy-to-use, resilient solutions for quantum-resistant, hyper-secure cloud storage and communications.

NST Cyber

NST Cyber

NST Cyber provides comprehensive Threat Exposure Management to Global banks and Forbes 2000 companies.