US Cyber Command Hacked ISIS

Uploaded on 2020-01-24 in INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

The US military claims to have "successfully" disrupted the online propaganda efforts of the Islamic State in a hacking operation dating back at least to 2016, according to declassified national security documents released on Jan 21st. Operation Inherent Resolve began in 2016 and it was aimed to combat ISIS and was physically lead by US military forces. 

But what was not publicised at the time was the cyberattacks on ISIS by the US military, Australia and other allies who launched what's been described as the largest offensive cyber operation in US military history. US government documents that have been made public recently show that while a US Cyber Command operation that disrupted ISIS computer networks was largely successful. However, there were significant shortcomings 

Documents obtained through FOIA (Freedom of Information Act) requests and made public recently reveal that while successful, the US Cyber Command's campaign to hack ISIS faced some issues, such as lacking the storage space to store all the information stolen from ISIS accounts. According to the recently released documents, Cyber Command was simply not prepared to handle the amount of data it had collected. Operators were found to be having trouble collecting data, interagency deconfliction issues, difficulty vetting targets, and, in at least one case, a close call with the operation being discovered by the adversary. 

The six heavily-redacted documents published by the National Security Archive at the George Washington University in Washington, DC, reveal the conclusions of a 120-day assessment US Cyber Command conducted after the completion of Operation Glowing Symphony.

The command did not have the capability to handle the terabytes of data that it collected, despite the fact that operation had planned to pull data once it had infiltrated ISIS-used servers and use it to further the mission.The newly released documents offer the most detailed assessment of the moves against ISIS by a joint task force created in 2016 by president Barack Obama. Carried out in November 2016, Operation Glowing Symphony was a classified offensive cyber operation executed by Joint Task Force Ares (JTF-Ares).

The operation's primary task was to disrupt ISIS' online presence and propaganda efforts, by hacking or hijacking online social media accounts, and taking down websites and servers used by the terrorist group to spread propaganda materials and recruit new members.

According to a 120-day post-mortem assessment of Operation Glowing Symphony, US Cyber Command did not anticipate the magnitude of the data they would eventually end up exfiltrating from compromised ISIS infrastructure. "The assessment reveals that a key challenge to exploitation was storage of the data itself, an indication of the operation's scope relative to USCYBERCOM's capacity at the time," said Michael Martelle, analyst for the National Security Archive. 

A recommendation included in the 120-day post-mortem assessment was that US Cyber Command's Capabilities Development Group (CDG) develop new data storage solutions for future operations. But data storage was just one of the technical and bureaucratic issues that JTF-Ares faced at the time. Other issues mentioned in the assessment include challenges in coordination with other coalition members and US government agencies, and a lengthy and overly complex process for vetting suspects, which made it difficult to engage time-sensitive targets.

National Security Archive:       ZDNet:       CyberScoop:       Channel News Asia:      Dark Net Diaries:     ABC News:

You Might Also Read:

European Police Launch Global Attack On Islamic State:

Islamic State Likely To Switch To Cyber Warfare:

UK 'biggest audience' In EU For Jihadist Web Content:

 

« Protecting Children In The Digital Age
Electric Grids Targeted For Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Group-IB

Group-IB

Group-IB is a leading provider of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and protecting intellectual property.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

Wibu-Systems

Wibu-Systems

Wibu-Systems is a leading provider of solutions for the Digital Rights Management (DRM) and anti-piracy industry.

Cobalt Strike

Cobalt Strike

Cobalt Strike is penetration testing software designed to execute targeted attacks.

Portuguese Institute for Accreditation (IPAC)

Portuguese Institute for Accreditation (IPAC)

IPAC is the national accreditation body for Portugal. The directory of members provides details of organisations offering certification services for ISO 27001.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

CryptoCurrency Certification Consortium (C4)

CryptoCurrency Certification Consortium (C4)

The CryptoCurrency Certification Consortium is a non-profit organization that provides certifications to professionals who perform cryptocurrency-related services.

Vantea SMART

Vantea SMART

Vantea SMART have decades of experience in cybersecurity resulting in an approach of proactive prevention - Security by Design and by Default.

Fairdinkum Consulting

Fairdinkum Consulting

Fairdinkum is a leading full-service IT consulting firm with more than two decades of experience in the industry.

Arista Middle East

Arista Middle East

Arista Middle East is part of Global Arista Technologies specializing in OT Cybersecurity.

TRM Labs

TRM Labs

TRM enables risk management and compliance for a global community of financial institutions, cryptocurrency businesses and government agencies.

Multipoint Group

Multipoint Group

Multipoint is an information security and protection solutions company operating in the South EMEA region through value-added distribution channels.

Defendis

Defendis

Defendis develops AI-powered cybersecurity solutions for Government Agencies, Banks, and Businesses, designed to helps them contain data leaks, minimise damage, and proactively hunt for new threats.

Cyberhill Partners

Cyberhill Partners

Cyberhill is a professional engineering services firm solving complex software implementation and integration challenges.

Blind Insight

Blind Insight

Field-level searchable encryption plus fine-grained programmable access controls. All wrapped neatly in developer-friendly APIs and SDKs. Data protection perfection.

Atumcell

Atumcell

Atumcell’s targeted risk assessment exposes emerging threats before they cause harm.