Islamic State Likely To Switch To Cyber Warfare

Islamic State (IS) and other terrorist groups are turning to the underworld to try to secure tools to carry out cyber-attacks on critical infrastructure.

Terrorist groups have taken part in low-grade “cyber vandalism” and their ability to wage more damaging attacks will only increase, according to a former operations chief at the UK’s spy centre GCHQ.

Many of the required tools to launch crippling attacks are becoming increasingly available on criminal markets on the so-called Dark Web, part of the world wide web that needs special software to penetrate.

Committed extremists could seek to accelerate those efforts by recruiting knowledgeable insiders, said Conrad Prince in a report for government-backed insurance company Pool Re. “A well-placed insider can go a long way to simplifying the work involved in delivering a destructive cyber-attack,” he wrote.

He cited the case of Rajib Karim, a former IT worker for British Airways, who used his position to investigate how to cause international travel chaos by bringing down the airline’s systems. He was jailed for 30 years in 2011 for plotting to blow up a plane.

Mr Prince said that as IS lose control of more physical territory it seemed likely that they would focus their efforts on cyberspace. “The cyber conflict… has a long way to run yet,” he wrote.

“Their capability to do so is limited at present, but all the trends indicate that their ability to deliver such attacks will increase over time.”

IS has so far failed to carry out any major successful cyber-attack in part because of the targeting of its cyber experts by the US and other anti-IS forces, according to the most recent internet threat assessment published by the European Union’s policing agency Europol.

It said that the concerted action had led to a scaling down of the activities of Pro-IS hackers, such as a group known as the “United Cyber Caliphate”.

The group had specialised in the publication of “kill lists” of potential targets in the US and UK and called on followers to “kill them wherever you found them”. There has been no confirmed incident of anyone being targeted on the list.

Many previous known cyber-attacks amounted to little more than attention-grabbing stunts and hacks of public accounts, rather than the penetration of critical infrastructure.

Junaid Hussain, a British militant who was killed in a US drone strike in Syria in 2015, was believed to have been involved in obtaining the passwords of the US Central Command’s Twitter account to briefly send pro-ISIL messages.

He was jailed in the UK for six months while part of a hacking group known as Team Poison after hacking the address book of former UK premier Tony Blair and publishing information. He also was involved in tying up the phone-lines of a UK anti-terror hotline.

“The absence of any major cyber-attacks by terrorist organisations can be interpreted as the result of not enough technical skills on their side, at least for the present time,” Europol said in its internet organised crime threat assessment for 2017.

Despite the apparent amateurish nature of some of the hacks, the 2017 Europol report concluded that the militants’ receptiveness to new technologies and a stated commitment to waging the fight in the virtual world “leaves little room for complacency”.

The National:   picture: Abu Bakr al Baghdadi 

You Might Also Read: 

Terrorism, A Sea Change In Tactics:

Cyberterrorism: The Next Threat From Islamic State:

Cyber Caliphate's Scorecard:

 

 

« Will AI Make Data Analytics Jobs Obsolete?
Self-Drive Trucks Now Working In Australia »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSO

CSO

CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks.

D-Fence

D-Fence

D-Fence high availability security service protects corporate email communication, the company and it's employee's against cyber threats.

Thermo Systems

Thermo Systems

Thermo Systems is a design-build control systems engineering and construction firm. Capabilties include industrial control system cybersecurity.

Cybertekpro

Cybertekpro

Cybertekpro is a specialist insurance broker providing Cyber Liability insurance and cyber risk assessment services.

Plixer

Plixer

Plixer delivers a network traffic analytics system used for monitoring, visualization, and reporting of network and security incidents.

miniOrange

miniOrange

miniOrange is a cloud and on-premise based identity and access management (IAM) solution provider.

Security & Intelligence Agency (SOA) - Croatia

Security & Intelligence Agency (SOA) - Croatia

SOA is the Croatian security and intelligence service. Areas of activity include Cyber Security and Information Security.

TeraByte

TeraByte

TeraByte is an information security company which helps to educate and protect businesses from cyber security related risks.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

Naq Cyber

Naq Cyber

Naq is the number one platform for SMEs looking to become legally compliant and protect against cybercrime and other data-related incidents.

Financial Services Information Sharing and Analysis Center (FS-ISAC)

Financial Services Information Sharing and Analysis Center (FS-ISAC)

The Financial Services Information Sharing and Analysis Center is the only global cyber intelligence sharing community solely focused on financial services.

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions is a leader in the design, manufacture, testing, and support of hardware and software solutions for the embedded computing market.

RegScale

RegScale

RegScale helps organizations comply in real-time with multiple compliance requirements (NIST, CMMC, ISO, SOX, etc), scalable to meet the needs of the entire enterprise.

SoftForum

SoftForum

SoftForum is a company specializing in next-generation information security solutions in the Quantum-Resistant-Cryptography (PQC) field.

Accelerynt

Accelerynt

Accelerynt was founded with a singular purpose: help teams like yours build cybersecurity resilience.

Insurica

Insurica

INSURICA is a full-service insurance agency built upon a tradition of integrity, industry leadership, and excellence.

Inholo

Inholo

Inholo offers tools to manage the risks of synthetic realities, starting with an AI-photo detection service.