Poor Coding Limits IS Hackers

Uploaded on 2017-10-25 in TECHNOLOGY--Hackers, FREE TO VIEW

Hackers working for the so-called Islamic State are bad at coding and hiding what they do, suggests research. They produce buggy malware and easily crackable encryption programs, said senior security researcher Kyle Wilhoit at a recent security conference .

In particular, he called three attack tools created by one large IS hacker collective "garbage".

Their poor skills meant IS groups had switched to online services and the dark web for attack code, he said.

Little Harm

While IS was very proficient at using social media as a recruitment and propaganda tool, its cyber-attack arm was nowhere near as effective, said Mr Wilhoit, a cyber-security researcher at Domain Tools, while presenting his work at the conference in Kentucky.

"ISIS is really, really bad at the development of encryption software and malware," he told tech news outlet The Register, adding that the vulnerabilities found in all the tools effectively rendered them "completely useless".

As part of his research, Mr Wilhoit analysed three separate types of tools created by hackers who were part of what is known as the United Cyber Caliphate (UCC). This was set up as an umbrella organisation for 17 hacker groups that had declared their support for IS.

All the tools had problems, he said.

  • the group's malware was full of basic bugs
  • a secure email system it developed leaked information about users
  • the UCC's web attack tool failed to take down any significant target

In addition, attempts to raise cash via donations of bitcoins have been diluted by fraudsters cashing in on the IS name and producing websites mimicking the appeals for funds.

"As it stands ISIS are not hugely operationally capable online," Mr Wilhoit added. "There's a lack of expertise in pretty much everything,"

IS also had a lot to learn when it came to hiding its activities online, he said. There were many examples of it sharing pictures of successful attacks, or which lauded its members, that still held metadata that could identify where the photos were taken.

Mr Wilhoit said that, during his research, he had found an unprotected IS server online that served as a repository of images the group planned to use for propaganda.

"You can basically mass export metadata from each of the pictures and get literally up-to-the-second information on where people are operating, because they are not really that great at operation security," he said.

Many of the people involved with the cyber-arm of IS had been killed in drone strikes, said Mr Wilhoit adding that it was open to speculation about how location data to aid the drones was found.

Over the last year UCC had begun moving to attack tools used by Western cyber-thieves, he said.

"They know they cannot develop tools worth a damn, so they are going to use stuff that works, is minimally cheap and is easy to use."

BBC

You Might Also Read: 

Learning About ISIS Intentions Using Open Source Intelligence:

Islamic State On The Internet:

« Nuclear Missiles Are Not N.Korea’s Only Threat
China Disrupts WhatsApp »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Proofpoint

Proofpoint

Proofpoint provide the most effective cybersecurity and compliance solutions to protect people on every channel including email, the web, the cloud, social media and mobile messaging.

Tymlez Software & Consulting

Tymlez Software & Consulting

Tymlez Software and Consulting is a start-up specialised in blockchain technology for enterprises.

VerifyMe

VerifyMe

VerifyMe is a global technology solutions company delivering brand protection offerings to mitigate counterfeiting, product diversion, and illicit trade.

Mitre ATT&CK

Mitre ATT&CK

MITRE ATT&CK™ is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.

Baffin Bay Networks

Baffin Bay Networks

Baffin Bay Networks operates globally distributed Threat Protection Centers™, offering DDoS protection, Web Application Protection and Threat Inspection.

Cyber Security & Cloud Expo

Cyber Security & Cloud Expo

The Cyber Security & Cloud Expo is an international event series in London, Amsterdam and Silicon Valley.

Crosspring

Crosspring

Crosspring is an incubator/accelerator for people who have the ambition to start a successful business or want to extend their existing business in the areas of FinTech, AR, VR, Cybersecurity and SaaS

Nettoken

Nettoken

Nettoken is the first identity management platform designed for everyday internet users, to encourage awareness and control of our ever expanding digital footprint and personal cybersecurity.

Innefu Labs

Innefu Labs

Innefu is an Information Security R&D startup, providing cutting edge Information Security & Data Analytics solutions.

DoControl

DoControl

DoControl gives organizations the automated, self-service tools they need for SaaS applications data access monitoring, orchestration, and remediation.

Scrut Automation

Scrut Automation

Scrut Automation's mission is to make compliance less painful and time consuming, so that businesses can focus on running their business.

Centric Consulting

Centric Consulting

Centric Consulting is an international management consulting firm with unmatched expertise in business transformation, AI strategy, cyber risk management, technology implementation and adoption. 

Virtual IT Group (VITG)

Virtual IT Group (VITG)

VITG is a cyber security-focused Managed Service Provider (MSP).

Cythera

Cythera

Cythera is an Australian cyber security company with in-house cyber security professionals providing world-class cyber protection to medium to large companies all over Australia.

NetBird

NetBird

NetBird combines a WireGuard-based overlay network with Zero Trust Network Access, providing a unified platform for reliable and secure connectivity.

BugDazz

BugDazz

BugDazz pentest as a service (PTaaS) platform helps bringing in real-time results, detail coverage, & easy remediation workflows with compliance-ready reports.