Friday, February 13, 2015

ISIS as Cyber Threat?

CENTCOM-hacked-3In January of this year,the group known by the West as the Islamic State of Iraq and Greater Syria, or ISIS, made news by "hacking U.S. Central Command", taking control of CENTCOM's social media feeds, and posting internal documents [1].  In reality,someone sympathetic to ISIS' cause gained temporary control of the CENTCOM Twitter and YouTube accounts, probably after managers of those accounts fell victim to phishing emails and bad password practices, and posted documents that seem to have been readily available elsewhere online.   Why a sympathizer?  Do ISIS members call themselves ISIS?  And would they use as an avatar an image with the line "I love you isis"?  Seems more like the work of a fanboy than a terrorist.

The accounts were quickly taken offline and were back under the control of CENTCOM within a few hours, but not before creating a bit of an embarrassment for Central Command.
More recently, the ISIS splinter group calling itself the "Cyber Caliphate" launched a similar attack against a military spouses' group called Military Spouses of Strength and posted threats against several members [2].  This may have been a more successful campaign if their goal was to spread terror, as personal threats to military spouses could certainly result in someone looking over their shoulder.

Although these attacks seems to have been fairly low-level cyber vandalism, it does beg the question as to what sort of threat ISIS is from a cyber perspective.

ISIS has been particularly adept in their social media campaign, using sites such as Facebook, Twitter, and YouTube to disseminate video footage of executed hostages and to communicate their message to potential sympathizers.  This helps drive recruiting and fundraising, resulting in an estimated 20,000 - 30,000 fighters helping to expand their presence in the middle east. 

Despite their social media prowess, experts in and outside of the U.S. government are largely in agreement that ISIS doesn't post a significant cyber threat to the United States [3].  At least not yet.  A major attack on the U.S. might involve attacks on the energy industry or financial sector to cause large-scale power outages or financial crisis.  These sorts of attacks require significant infrastructure and a long-term campaign to infiltrate large numbers of computer systems within these respective sectors.  Such a campaign requires hard-core programmers that can create specialized software and a large, skilled team of cyber professionals working together from a facility with significant technological infrastructure.  There are currently a handful of nation-states that might meet this criteria, but terrorist groups like ISIS haven't demonstrated the capacity to do this yet.  Even if they could do this, it is not at all clear that such an effort would bring them closer to their goal of creating an Islamic Caliphate in the Middle East.  Instead, ISIS is focusing their energy on recruiting fighters and expanding their footholds in Syria and Iraq.





No comments:

Post a Comment