How Dangerous Is ISIS In The Cyber Domain?

The Islamic State group and other militant organisations have been creating precedents in terms of discussing cyber activities almost from the start. 

Most cyber operations by militant organisations have been on a fairly low level and merely aspirational, according to John Mulligan, deputy director of the US National Counterterrorism Center.

From a practical standpoint, cyber activity to date has been largely confined to groups such as ISIS finding information and generating kill lists related to security or military personnel. This is achieved through some low-level hacking and the exploitation of low-hanging fruit. The US government has seen some low-level defacement of websites, he added, but nothing critical.

The gap between the perception that entities able to do the most harm in cyberspace, to include sophisticated nation-states, probably have lesser intent and entities with more nefarious intent have lesser capability is closing, former Director of National Intelligence, James Clapper, told the Senate Armed Services Committee in May.

Terrorists, criminals and hacktivists are going to exploit technology, “and so that comfort that we may have taken in the past is something we shouldn’t count on,” he said. Echoing this sentiment, Mulligan noted: “We shouldn’t make the same mistake in terms of underestimating their ability to again adapt their cyber abilities,” he said.  From a military perspective, Mulligan said ISIS is a loose connection of broadly independent, functioning entities that lack a degree of predictability and uniformity. 

When it comes to ISIS’ hacking cohorts, such as the so-called Cyber Caliphate, they are for the most part considered sympathisers rather than members of ISIS. The United States’ concern, he said, is the individuals who are competent in the cyber arena and may be operating below the horizon, making them more difficult to detect.

This can include those undertaking official support tasks, networks of supporters retweeting ISIS propaganda and those that add value to the overall effort but are difficult to detect. These networks, Mulligan said, are believed to be globally dispersed.
“What’s really unique about ISIS is the fact that they have a deep understanding of the linkage between the media world, particularly social media, and the operational world,” Mulligan said. “They have very successfully been able to use media to amplify the effects of their operational activities.”

ISIS understands the broad range of commercial technological applicability, and social media allows the group to conduct global operations, Mulligan said. 

The militant group can conduct financial transactions, facilitate logistical movements, and organise in a dispersed, remote way. Organisations such as ISIS delegate to individual’s degrees of responsibility and accountability, allowing them to display their initiative.

I-HLS

You Might Also Read

Learning About ISIS Intentions Using Open Source Intelligence:

Interpol/Group-IB Unmasking Pro-ISIS Hackers:

Cyber Caliphate's Scorecard:
 

« Will Cyber Warfare Remove Kim From N. Korea?
New AI Claims To Determine If You Are Gay Or Straight. »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Hitachi ID Systems

Hitachi ID Systems

Hitachi ID Systems offers comprehensive identity management and access governance, privileged access management and password management solutions.

ESET

ESET

ESET provide security software for enterprises and consumers - Antivirus Software, Internet Security and Virus Protection.

Hiscox

Hiscox

Hiscox offers cyber and data risks insurance to protect your business against the risks of holding data and using computer systems..

HireVergence

HireVergence

HireVergence is a full service IT staffing and recruiting firm with a focus on cyber and information security.

Digital Infrastructure Association (DINL)

Digital Infrastructure Association (DINL)

DINL is the leading representative for companies and organisations which are active within the Dutch digital infrastructure sector.

Electric Imp

Electric Imp

Electric Imp offers an innovative and powerful Internet of Things platform that securely connects devices with advanced cloud computing resources.

RedSeal

RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events.

Stratosphere Networks

Stratosphere Networks

Stratosphere Networks offer managed cybersecurity services rooted in Managed Detection and Response and Security Operations Center services that our team can tailor to meet your needs.

Veridium

Veridium

Veridium is a leader in single step - multi factor biometric authentication, designed to safeguard enterprises’ most critical assets.

LibraSoft

LibraSoft

Librasoft creates solutions to protect information from external and internal threats.

ADVA Optical Networking

ADVA Optical Networking

ADVA is a company founded on innovation and focused on helping our customers succeed. Our technology forms the building blocks of a shared digital future and empowers networks across the globe.

Dawgen Global

Dawgen Global

Dawgen Global is an integrated multidisciplinary professional service firm in the Caribbean Region providing a range of services including Risk Management and Information Systems Assurance.

Deloitte

Deloitte

Deloitte is a multinational professional services firm providing audit, consulting, financial advisory, risk management, tax, and related services to clients.

Harbottle & Lewis

Harbottle & Lewis

Harbottle & Lewis is a leading UK-based law firm focused on the Private Client and Technology, Media and Entertainment sectors.

Leaf IT

Leaf IT

Leaf IT are a pioneering cloud-first MSP, dedicated to helping businesses in the UK and Ireland. We focus on delivering tangible results for our clients through IT transformation.

Rapifuzz

Rapifuzz

At Rapifuzz, our goal is to help organizations test and secure their APIs enabling trust, innovation and Seamless Secured Digital Experiences.