Learning About ISIS Intentions Using Open Source Intelligence

ISIS' weekly newsletter al-Nabā' published an editorial about the lessons to be learned from the attack on the Iraqi embassy in Kabul, Afghanistan (July 30, 2017), which it called "an action of high quality."

In the editorial, attacking embassies and diplomatic staff is promoted as one of the most effective ways to put pressure on "infidel governments."

The Islamic State considers attacks like this as very important and encourages Muslims in every country to attack embassies and either kill the staff or take them hostage. Indeed, the latest edition of “Rumiyah”, an ISIS magazine, featured hostage taking as a notable topic. The editorial, is entitled "War on Embassies: The Greatest Cause of Fear and Pain for the Infidel Countries" (al-Nabā', Issue 92, August 3, 2017) 

Following its weakening across Iraq and Syria, ISIS is encouraging its operatives and supporters around the globe to carry out attacks in their own countries in support of the Islamic State.

The Islamic State consider embassies and those working in them as important targets. It encourages Muslims around the globe to strike embassies and either kill the staff or take them hostage. According to al- Nabā', anyone who wants to wage jihad and cannot, for whatever reason, leave his own country, will not find it difficult to locate foreigners near where they are living and attack them.

In this instance, ISIS is focusing on embassies and diplomats to get publicity for its attacks (compared with stabbing and vehicular attacks, which ISIS has also encouraged its supporters to carry out). A recent expample of such an attacke was carried out a double suicide bombing attack at the Iraqi embassy by ISIS's 'Khorasan Province', a group active in Afghanistan and Pakistan, which  has claimed responsibility for the attack.

Assesment

These types of threat feature a range of new methodologies that are being spread across social media groups and password protected web forums.

The impact of an attack against an embassy or diplomatic mission is a direct illustration of the response to an 'open source' request. Previously, Al Naba magazine has claimed this type of attack is preferable as it causes less damages to innocent civilians and maximises the exposure to their targets, diplomats, military personnel, government agents and law enforcement.

Online radicalization of individuals who are unknown to security services contniues to grow, making it almost impossible for new recruits to be monitored.  Social media media platforms, including Twitter and WhatsApp, are often highlighted by government agencies, particularly where communications are encrypted, however, secret forums and chat rooms hidden in the Dark Web are important places where illicit actors and Jihadists communicate.

Several of the mesaging Apps being used by the online Jihadist community are totally encrypted, with login credentials being randomly generated beyond a local server, making it impossible to monitor the content of their communications. “Threema” and “Wickr” are two such secure communications apps popular with Jihadi groups and are used to groom rectuits after first vetting their potential over “Telegram”.

Conclusion

There is a clear need to go beyond open source intelligence and to develop a new set of techniques to monitor threats concealed behind encryped messaging apps and Dark Web forums.

Law enforcment agencies need new technology  to get actionable Intelligence and live interception feed in real time, if they are to reliably predict and prevent future terror attacks. 

Vasco Da Cruz Amador is Chief Executive Officer at  Global Intelligence Insight

You Might Also Read: 

German Police To Hack Suspect Devices:

Islamic State On The Internet:

ISIS In The Dark Web Amidst Bitcoin  And Crime:

 

« Interpol/Group-IB Unmasking Pro-ISIS Hackers
Can US Cyber Weapons Stop N. Korea’s Nuclear Missiles? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Citicus

Citicus

Citicus provides world-class security, risk and compliance management software, plus supporting services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Canadian Security Intelligence Service (CSIS)

Canadian Security Intelligence Service (CSIS)

CSIS collects and analyzes threat-related information concerning the security of Canada in areas including terrorism, espionage, WMD, cybersecurity and critical infrastructure protection.

CSI

CSI

CSI is a Managed Service Provider (MSP) delivering Hybrid Multi-Cloud, Data Protection, and Cyber Security solutions to highly regulated industries.

Clearswift

Clearswift

Clearswift is trusted by businesses, governments and defense organizations globally for its Adaptive Cyber Security and Data Loss Prevention solutions.

Seltek Technology Solutions

Seltek Technology Solutions

Seltek provides Digital Forensics, eDiscovery, Cybersecurity Assessments and IT Support services.

Search Guard

Search Guard

Search Guard® is an Open Source security suite for #Elasticsearch and the entire #ELK stack that offers encryption, authentication, authorization, audit logging and multi tenancy.

Converge Technology Solutions

Converge Technology Solutions

Converge Technology Solutions Corp. is a North American IT solution provider delivering advanced analytics, cloud, cybersecurity, and managed services solutions.

Network Utilities (NetUtils)

Network Utilities (NetUtils)

Network Utilities provide identity centric network and security solutions to organisations from Telecoms and ISPs to SMEs and large corporates.

Protected Media

Protected Media

Protected Media’s advanced cybersecurity ad fraud solution guards you against current and emerging threats across Connected TV, Display and Video advertising.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

KYND

KYND

KYND has created pioneering cyber risk technology that makes assessing, understanding, and managing business cyber risks easier and quicker than ever before.

SoftForum

SoftForum

SoftForum is a company specializing in next-generation information security solutions in the Quantum-Resistant-Cryptography (PQC) field.

Muscope Cybersecurity

Muscope Cybersecurity

Muscope CYSR platform performs a risk assessment and offers a comprehensive overview of the potential cyber attack risks.

GAM Tech

GAM Tech

GAM Tech is a Managed IT Service Provider that serves small and medium sized businesses in Alberta, British Columbia, Ontario and Quebec.

Hunt & Hackett

Hunt & Hackett

Hunt & Hackett helps European companies prevent, detect and respond to today’s most advanced adversaries, safeguarding them against cyberthreats and espionage.