How Dangerous Is ISIS In The Cyber Domain?

The Islamic State group and other militant organisations have been creating precedents in terms of discussing cyber activities almost from the start. 

Most cyber operations by militant organisations have been on a fairly low level and merely aspirational, according to John Mulligan, deputy director of the US National Counterterrorism Center.

From a practical standpoint, cyber activity to date has been largely confined to groups such as ISIS finding information and generating kill lists related to security or military personnel. This is achieved through some low-level hacking and the exploitation of low-hanging fruit. The US government has seen some low-level defacement of websites, he added, but nothing critical.

The gap between the perception that entities able to do the most harm in cyberspace, to include sophisticated nation-states, probably have lesser intent and entities with more nefarious intent have lesser capability is closing, former Director of National Intelligence, James Clapper, told the Senate Armed Services Committee in May.

Terrorists, criminals and hacktivists are going to exploit technology, “and so that comfort that we may have taken in the past is something we shouldn’t count on,” he said. Echoing this sentiment, Mulligan noted: “We shouldn’t make the same mistake in terms of underestimating their ability to again adapt their cyber abilities,” he said.  From a military perspective, Mulligan said ISIS is a loose connection of broadly independent, functioning entities that lack a degree of predictability and uniformity. 

When it comes to ISIS’ hacking cohorts, such as the so-called Cyber Caliphate, they are for the most part considered sympathisers rather than members of ISIS. The United States’ concern, he said, is the individuals who are competent in the cyber arena and may be operating below the horizon, making them more difficult to detect.

This can include those undertaking official support tasks, networks of supporters retweeting ISIS propaganda and those that add value to the overall effort but are difficult to detect. These networks, Mulligan said, are believed to be globally dispersed.
“What’s really unique about ISIS is the fact that they have a deep understanding of the linkage between the media world, particularly social media, and the operational world,” Mulligan said. “They have very successfully been able to use media to amplify the effects of their operational activities.”

ISIS understands the broad range of commercial technological applicability, and social media allows the group to conduct global operations, Mulligan said. 

The militant group can conduct financial transactions, facilitate logistical movements, and organise in a dispersed, remote way. Organisations such as ISIS delegate to individual’s degrees of responsibility and accountability, allowing them to display their initiative.

I-HLS

You Might Also Read

Learning About ISIS Intentions Using Open Source Intelligence:

Interpol/Group-IB Unmasking Pro-ISIS Hackers:

Cyber Caliphate's Scorecard:
 

« Will Cyber Warfare Remove Kim From N. Korea?
New AI Claims To Determine If You Are Gay Or Straight. »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Adlink Technology

Adlink Technology

ADLINK is a leading provider of embedded computing products and services for applications including IoT and industrial automation.

MAY Cyber Technology

MAY Cyber Technology

MAY Cyber Technology is a Security Management solutions provider located in Turkey & Germany.

Six Degrees

Six Degrees

Six Degrees is a leading secure, integrated cloud services provider. We protect UK organisations and help them thrive in the cloud by giving them secure platforms to innovate and grow.

Netizen

Netizen

Netizen is an award-winning company that develops and leverages innovative solutions to enable a more secure cyberspace for clients in government and commercial markets.

Secmation

Secmation

Secmation are an agile engineering services firm providing advanced DoD level security design and consultation services for both commercial and defense hardware and software applications.

Inveteck Global

Inveteck Global

Inveteck Global is a Ghana-based cyber security firm providing strategic guidance and technical solutions to all our clients to best serve their individual needs.

Thistle Technologies

Thistle Technologies

Thistle Technologies is building tools that help connected device manufacturers build security resiliency into devices.

Argentra

Argentra

Argentra is a specialist engineering company, we have years of experience developing custom security software and providing security risk consulting.

OnSecurity

OnSecurity

OnSecurity replaces the overhead of traditional penetration testing firms with a simple online interface, making it easy to book tests as and when needed.

SecurIT360

SecurIT360

SecurIT360 is a full-service specialized Cyber Security and Compliance consulting firm.

Spinnaker Support

Spinnaker Support

Spinnaker Support is a premier global provider of on-premise and cloud-based enterprise software support services.

SIEM Xpert

SIEM Xpert

SIEM Xpert is a leader in Cyber Security Trainings and services since 2015.

Apollo Secure

Apollo Secure

Apollo is an automated cybersecurity platform for startups and small businesses to achieve and maintain security compliance.

Box

Box

Box is the Cloud Content Management company that empowers enterprises to revolutionize how they work by securely connecting their people, information and applications.

Oduma Solutions

Oduma Solutions

Oduma Solutions is a wholly owned Ghanaian Cybersecurity company that offers information security services to organisations seeking to improve their security posture.

Myrror Security

Myrror Security

Myrror Security is a software supply chain security solution that aids lean security teams in safeguarding their software against breaches.