DOCSLIB.ORG

Hacking for ISIS: the Emergent Cyber Threat Landscape

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Hacking for ISIS: the Emergent Cyber Threat Landscape Hacking for ISIS: The Emergent Cyber Threat Landscape By Laith Alkhouri, Alex Kassirer, & Allison Nixon April 2016 Hacking For ISIS Contents Click on a title to navigate to the page Introduction ...........................................................................................................................................2 Cyber Caliphate ...................................................................................................................................3 Islamic State Hacking Division .......................................................................................................6 Islamic Cyber Army ............................................................................................................................9 Rabitat Al-Ansar ................................................................................................................................ 12 Sons Caliphate Army ...................................................................................................................... 15 United Cyber Caliphate .................................................................................................................. 17 Techniques, Tactics, & Procedures (TTPs) .............................................................................. 20 The Future of ISIS’s Cyber Capabilities .................................................................................... 24 Conclusion .......................................................................................................................................... 25 Hacking For ISIS Introduction s the Islamic State (ISIS) has grown neither advanced nor do they over the past two years, so too has demonstrate sophisticated targeting; A its media machine, global support, however, the severity of cyber attacks and online channels. This unprecedented supporting ISIS will likely not remain at this expansion has now come to include level of relative unsophistication. capabilities to inflict damage over the Internet, which came to light when its For the vast majority of its existence, the supporters began coordinating and pro-ISIS hacking landscape was organizing cyber attacks on Western composed of at least five distinct targets. Highlighting this newfound desire groups that launched campaigns in to cause virtual harm was the brief 2014 support of the terror group. Although takeover of Twitter accounts run by US operating under different appellations for CENTCOM and Newsweek. nearly a year and a half, there was evidence that these groups, and the individuals who In the wake of the aforementioned Twitter constitute them, overlapped or coordinated takeover, which was claimed by an with one another in certain campaigns, ISIS-supportive hacking collective called pooling their resources and manpower. the “Cyber Caliphate,” two implications This culminated in the April 4, 2016, that would prove to further change an announcement of a “United Cyber already evolving jihadi landscape unfolded. Caliphate” following the formal merger Firstly, the hacking attacks launched in of several groups. However, as these support of ISIS generated global groups have operated as individual entities attention and afforded ISIS increased for the majority of their existence, this publicity. Secondly, like-minded individuals paper will reflect that history, first exploring and groups found new ways to target the most prominent actors on an individual Western interests. As such, new basis, followed by a look into the nascent concerns regarding ISIS’s cyber “United Cyber Caliphate” collective. capabilities emerged. Regarding this coordination, however, it is At the center of the conversation has been important to note that because the whether ISIS’s cyber prowess is a real pro-ISIS hacking effort is still an unofficial threat or exaggerated. Given the attacks endeavor, neither acknowledged nor that resulted in the CENTCOM and claimed by ISIS itself, it is still poorly Newsweek Twitter accounts being organized (and likely under-resourced), compromised, it appears that ISIS’s which often leads to conflicting messaging supporters maintain somewhat of an among the relevant actors. This existing coordinated cyber campaign that inconsistency is best illustrated by the way aims at launching attacks on targets of these groups identify themselves in claims opportunity, typically those that are of credit, a trend that this paper will explore considered low-hanging fruit. Nonetheless, in more detail. the group's overall capabilities are 2 Hacking For ISIS Spearheaded by a Lone ISIS Fighter Obtaining Sensitive Documents Efforts to launch, grow, and improve the The data provided by the hackers on the “Cyber Caliphate” brand, and thus the ISIS potential compromise of a Fusion Center community’s cyber reputation, were led by demonstrate that the actors had access to a British actor named Junaid Hussain some number of "UNCLASSIFIED//FOR (a.k.a. Abu Hussain Al Britani). Formerly OFFICIAL USE ONLY" and "LAW “TriCk” of TeaMp0isoN fame, Hussain fled ENFORCEMENT SENSITIVE" products as the UK to join ISIS in 2013, after serving a recently as November 26, 2014. It is prison sentence for hacking Tony Blair. possible that this data was stolen from Armed with the technical knowledge and associated email addresses receiving law relevant experience, Hussain utilized his enforcement bulletins. position as a member of ISIS to recruit hackers and cultivate his “Cyber Data thus far provided, however, is not Caliphate,” all while on the ground in ISIS’s sufficient enough to establish the full self-proclaimed capital, Raqqa. compromise of the Fusion Center. Hussain’s Legacy Continues Despite his background, the hacking Nonetheless, this group demonstrated at collective supporting ISIS under Hussain’s least a basic level of credibility and Further exemplifying Hussain’s legacy is direction―until he was killed in an August capability, proving to have the capacity to his wife, Sally Jones (aka Umm Hussain 2015 drone strike in Raqqa―was still launch follow-on attacks against the same Britaniya). Attempting to carry on her late unsophisticated and less productive than or similar organizations weeks after the husband’s mission, she maintains a prolific what might be expected of an effort led by original compromise. and violent social media presence; for a former Western hacking group leader. instance, she released, “the address & This is in part due to Hussain’s inability to details of US Military target no.2 also one provide the ISIS cyber community with a Post-Junaid Hussain of America's most decorated soldiers,” network of other hackers; Hussain’s prior Sgt. 1st Class Dillard Johnson on October contacts largely were unsympathetic to his Although Junaid Hussain was targeted and 8, 2015. Making very clear why she Cyber Caliphate increasingly radical ideology, leading to the killed in an August 2015 drone strike, released the information, Britaniya dissolution of his “hacking rolodex.” temporarily slowing ISIS supportive proclaimed, “Once again I leave these hacking activities, the group’s notoriety is details online to cause havoc in his life & (Caliphate Cyber Army CCA) something future jihadists will likely for my brothers and Al-Qaeda in the U.S to capitalize on to launch further cyber eventually hunt him down & kill him.” The first of the pro-ISIS hacking groups emerged after ISIS attacks. declared its Caliphate in the summer of 2014. In addition to the Proving this desire to carry on without its aforementioned hijacking of Newsweek and CENTCOM’s Twitter former leader, it is now evident that the accounts, the group identifying itself as the “Cyber Caliphate” group replaced Hussain with claimed credit for a string of attacks that generated global British-educated businessman and publicity. On January 6, 2015, for instance, the group launched computer expert, Siful Haque Sujan, a cyber attacks on a number of US targets, including the city of 31-year-old Bangladeshi whose role was Albuquerque, New Mexico; the Facebook and Twitter profiles for brought to light after he too was targeted the Albuquerque Journal; WBOC News (which serves the Delmarva and killed in an American drone strike in Peninsula in Delaware, Maryland, and Virginia); and a Fusion Center Raqqa, Syria, on December 10, 2015. in Tennessee, although that allegation was not fully substantiated. Photo: Junaid Hussain (a.k.a. Abu Hussain Al Britaini) 3 4 Hacking For ISIS Spearheaded by a Lone ISIS Fighter Obtaining Sensitive Documents Efforts to launch, grow, and improve the The data provided by the hackers on the “Cyber Caliphate” brand, and thus the ISIS potential compromise of a Fusion Center community’s cyber reputation, were led by demonstrate that the actors had access to a British actor named Junaid Hussain some number of "UNCLASSIFIED//FOR (a.k.a. Abu Hussain Al Britani). Formerly OFFICIAL USE ONLY" and "LAW “TriCk” of TeaMp0isoN fame, Hussain fled ENFORCEMENT SENSITIVE" products as the UK to join ISIS in 2013, after serving a recently as November 26, 2014. It is prison sentence for hacking Tony Blair. possible that this data was stolen from Armed with the technical knowledge and associated email addresses receiving law relevant experience, Hussain utilized his enforcement bulletins. position as a member of ISIS to recruit hackers and cultivate his “Cyber Data thus far provided, however, is not Caliphate,” all while on the ground in ISIS’s sufficient enough to establish the full self-proclaimed capital, Raqqa. compromise of the Fusion Center.
Load more

Recommended publications
  • 2016 8Th International Conference on Cyber Conflict: Cyber Power
    2016 8th International Conference on Cyber Conflict: Cyber Power N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) 31 MAY - 03 JUNE 2016, TALLINN, ESTONIA 2016 8TH International ConFerence on CYBER ConFlict: CYBER POWER Copyright © 2016 by NATO CCD COE Publications. All rights reserved. IEEE Catalog Number: CFP1626N-PRT ISBN (print): 978-9949-9544-8-3 ISBN (pdf): 978-9949-9544-9-0 CopyriGHT AND Reprint Permissions No part of this publication may be reprinted, reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the NATO Cooperative Cyber Defence Centre of Excellence ([email protected]). This restriction does not apply to making digital or hard copies of this publication for internal use within NATO, and for personal or educational use when for non-profit or non-commercial purposes, providing that copies bear this notice and a full citation on the first page as follows: [Article author(s)], [full article title] 2016 8th International Conference on Cyber Conflict: Cyber Power N.Pissanidis, H.Rõigas, M.Veenendaal (Eds.) 2016 © NATO CCD COE Publications PrinteD copies OF THIS PUBlication are availaBLE From: NATO CCD COE Publications Filtri tee 12, 10132 Tallinn, Estonia Phone: +372 717 6800 Fax: +372 717 6308 E-mail: [email protected] Web: www.ccdcoe.org Head of publishing: Jaanika Rannu Layout: Jaakko Matsalu LEGAL NOTICE: This publication contains opinions of the respective authors only. They do not necessarily reflect the policy or the opinion of NATO CCD COE, NATO, or any agency or any government.
    [Show full text]
  • Cyber Activities in the Syrian Conflict CSS CY
    CSS CYBER DEFENSE PROJECT Hotspot Analysis The use of cybertools in an internationalized civil war context: Cyber activities in the Syrian conflict Zürich, October 2017 Version 1 Risk and Resilience Team Center for Security Studies (CSS), ETH Zürich The use of cybertools in an internationalized civil war context: Cyber activities in the Syrian conflict Authors: Marie Baezner, Patrice Robin © 2017 Center for Security Studies (CSS), ETH Zürich Contact: Center for Security Studies Haldeneggsteig 4 ETH Zürich CH-8092 Zürich Switzerland Tel.: +41-44-632 40 25 [email protected] www.css.ethz.ch Analysis prepared by: Center for Security Studies (CSS), ETH Zürich ETH-CSS project management: Tim Prior, Head of the Risk and Resilience Research Group; Myriam Dunn Cavelty, Deputy Head for Research and Teaching; Andreas Wenger, Director of the CSS Disclaimer: The opinions presented in this study exclusively reflect the authors’ views. Please cite as: Baezner, Marie; Robin, Patrice (2017): Hotspot Analysis: The use of cybertools in an internationalized civil war context: Cyber activities in the Syrian conflict, October 2017, Center for Security Studies (CSS), ETH Zürich. 2 The use of cybertools in an internationalized civil war context: Cyber activities in the Syrian conflict Table of Contents 1 Introduction 5 2 Background and chronology 6 3 Description 9 3.1 Attribution and actors 9 Pro-government groups 9 Anti-government groups 11 Islamist groups 11 State actors 12 Non-aligned groups 13 3.2 Targets 13 3.3 Tools and techniques 14 Data breaches 14
    [Show full text]
  • Troll Hunting
    For my father, Brian, who taught me to love wor ds. Hell is empty, and all the devils are here. William Shakespeare, The Tempest, Act 1, Scene 2 THIS IS A work of nonfiction, researched and documented to the best of my ability. There were significant security risks in writing this book. I sought expert advice and wrote according to it. Therefore, some of the trolling syndicates mentioned within these pages have been given pseudonyms or go unnamed. Likewise, some of the trolls themselves are discussed only with a pseudonym. A few of the trolls who spoke to me behind the scenes are not named at all and others are composites or have been segmented. Some readers may be critical of the decision to provide anonymity for people who are hurting others so much. However, sometimes access to information comes at a cost – and, all things being equal, the trolls gave me great access. By the same token, some predator-troll victims are in physical danger. This is especially true where domestic violence is involved. In those cases, names and other identifying details may have been altered but the facts of the stories are unchanged. I have worked hard to quote all interviewees verbatim, but for the sake of readability have corrected some spelling errors and syntax. When I’m messaging with trolls in the United States, I use Australian spelling and they use American spelling. For authenticity, I’ve left this as is. This is a book about the internet and how it bleeds into real life. When quoting links and screenshots, I’ve aimed for accuracy.
    [Show full text]
  • A Cybersecurity Threat Model for a Combined Cyberattack Against Hospitals and Terrorist Attack in Spain
    A Cybersecurity Threat Model for a Combined Cyberattack against Hospitals and Terrorist Attack in Spain Oxford University - Universidad Autónoma de Madrid Project Report CONSULTANTS: Lucas Kello (Principal Consultant) Ivan Martinovic Martin Strohmeier Florian Egloff Academic Coordinator (UAM): Raquel Galindo Dorado A Cybersecurity Threat Model for a Combined Cyberattack against Hospitals and Terrorist Attack in Spain 1. INTRODUCTION This report is structured as follows: Section 2 will provide the necessary background on cybersecurity in the healthcare Hospital cybersecurity is a global concern. According sector. Section 3 discusses the capabilities and motivations to an investigation by Pulse magazine, health record of different threat actors while Section 4 presents the analysis security breaches in the United Kingdom’s at National of potential vulnerabilities in the reviewed hospitals in Health Service rose 20 percent in the last year. Data from Madrid. Section 5 compares the different IT infrastructure 55 hospitals indicated breaches included records dumped paradigms in terms of security and risk. In Section 6, a in public places, records given to the wrong patient and case study on large medical devices discusses the patching patient data given to relatives without permission. In 2015 process. Finally, Section 7 provides recommendations and alone, more than 94 million U.S. health records were concludes this report. compromised, costing affected institutions approximately $46 billion. According to Experian’s 2014 Data Breach Industry Forecast, the healthcare industry will be among 2. BACKGROUND the most susceptible industries to publicly disclosed and This section will discuss the current cybersecurity widely scrutinized data breaches.1 The October 2013 environment in the healthcare sector.
    [Show full text]
  • Cyber-Terrorism Activities Report No. 16 January
    ICT Cyber-Desk PERIODIC REVIEW Cyber-Terrorism Activities Report No. 16 January – March 2016 Highlights This report covers the period of January - March 2016 and covers two main subjects: cyber-terrorism (offensive, defensive, and the media, and the main topics of jihadist discourse) and cyber-crime, whenever and wherever it is linked to jihad (funding, methods of attack). The following are among the issues covered in this report: The continuing trend of publishing information security guidelines and recommendations, including information and recommendations for correct methods of operation and software manuals, or services with a high encryption or anonymity level. Terrorist organizations continue to publish information about the dangers of intelligence and law enforcement officials who operate on the Internet to search for and locate terrorism supporters. In addition, all supporters are called on to continue spreading the organizations’ messages and guidelines for proper work. Officials in jihadist organizations continue to spread Best Practice guidebooks on the Internet and guidelines for using software and applications to increase information security. These are mainly used to encrypt data on the device and/or for data trafficking and maintaining the anonymity of Internet users. In addition, manuals for video processing are found. As previously stated, in recent years organizations have been using a wide range of software in order to create visual content at a professional level. Terrorists and terrorism supporters continue to hack Internet sites, especially as part of defacement attacks. In January 2016, Islamic State activists tried to recruit hackers to hack into government databases for pay. In February 2016, a television interview in Lebanon reported the existence of a Shi’ite hacker group, affiliated with Hezbollah, named Kadimon (translation – we are coming).
    [Show full text]
  • Security Challenges
    Security Challenges Volume 13 Number 1 (2017) Security Challenges ISSN 1833 – 1459 EDITORS: Dr Greg Raymond Dr Andrew Carr Ian Henry Managing Editors [email protected] Robert Wylie Geoff Hunt Consulting Editor Defence Industry Policy Production Editor [email protected] [email protected] EDITORIAL BOARD: Robert Ayson Sam Bateman Rod Lyon Victoria University University of Wollongong ASPI Wellington, New Zealand Wollongong, Australia Canberra, Australia Leszek Buszynski Eliot Cohen Ralph Cossa Strategic and Defence John Hopkins University, Pacific Forum CSIS Studies Centre, Australian Washington, DC, USA Honolulu, Hawaii, USA National University Bates Gill Gerald Hensley Ramesh Thakur Professor of Strategic Studies Former Secretary of Defence Asia-Pacific College of Strategic & Defence Studies New Zealand Diplomacy, Australian Centre, Australian National National University University Andrew Mack Andrew O’Neill Rizal Sukma Simon Fraser University Director, Griffith Asia Institue, Centre for Strategic and Vancouver, Canada Griffith University, International Studies Brisbane, Australia Jakarta, Indonesia William Tow Akio Watanabe Department of International Research Institute for Peace Relations, Australian National and Security University Tokyo, Japan Project Management and Cover: Qote Canberra (02) 6162 1258 Published and distributed by: The KoKoda Foundation 2/10 Kennedy St (PO Box 4060), Kingston ACT 2604 T: (02) 6295 1555 F: (02) 6169 3019 E: [email protected] W: www.securitychallenges.org.au © The KoKoda Foundation. All rights reserved. Apart from any fair dealing for the purposes of private study, research, criticism or review as permitted by the Copyright Act, no part of this publication may be reproduced, stored, transmitted or disseminated in any form or by any means without prior written permission.
    [Show full text]
  • Cyber-Terrorism Activities Report No. 14 July – September 2015
    ICT Cyber-Desk PERIODIC REVIEW Cyber-Terrorism Activities Report No. 14 July – September 2015 International Institute for Counter Terrorism (ICT) Additional resources are available on the ICT Website: www.ict.org.il Highlights This report covers the period of July - September 2015 and covers two main subjects: cyber- terrorism (offensive, defensive, and the media, and the main topics of jihadist discourse) and cyber- crime, whenever and wherever it is linked to jihad (funding, methods of attack). The following are among the issues covered in this report: Islamic State supporters continued to publish and distribute guidebooks and informational materials on the topic of information security and maintaining anonymity online: “personal computer security”, “smart phone security”, how to post informational material on Twitter using several accounts simultaneously, how to inspect files and links infected with viruses, how to open a Twitter account without a cell phone number, how to use encrypted email, and more. During this period, we continued to see cooperation between players affiliated with the Islamic State, such as Cyber Caliphate, IS Hacking Division and ISIS Cyber Army, and hacker groups that began to identify with the organization. For instance, it was reported that a hacker named Ardit Ferizi stole personal details about US army and government personnel that he sent to members of the organization, who then leaked the information under the name “Cyber Caliphate”. Members and supporters of the Islamic State continued to hack Web sites and social networks, and leak the information obtained. During this period, we witnessed a “spam campaign” – a virtual campaign that called on Islamic State supporters to report Twitter accounts belonging to opponents of the organization as spam in order to have them closed.
    [Show full text]
  • Conflict in Cyberspace and International Law Ido Kilovaty a Thesis Submitted in Partial Fulfillment of the Requirements For
    Conflict in Cyberspace and International Law Ido Kilovaty A thesis submitted in partial fulfillment of the requirements for the degree of Doctor of Juridical Science (S.J.D.) at the Georgetown University Law Center 2017 1 Published as: Law journal publications Doxfare – Election Hacking as Prohibited Intervention 9 HARVARD NATIONAL SECURITY JOURNAL (Forthcoming Fall 2017) World Wide Web of Exploitations: The Case of Peacetime Cyber Espionage Operations Under International Law: Towards a Contextual Approach 18 COLUMBIA SCIENCE AND TECHNOLOGY LAW REVIEW 42 (2017) Virtual Violence – Disruptive Cyberspace Operations as "Attacks" under International Humanitarian Law 22 MICHIGAN TELECOMMUNICATION AND TECHNOLOGY LAW REVIEW 113 (2017) ICRC, NATO and the U.S. – Direct Participation in “Hacktivities” – Targeting Private Contractors in Cyberspace under the Law of Armed Conflict 15 DUKE LAW AND TECHNOLOGY REVIEW 1 (2016) Op-eds Want to Keep Hackers Out of Gadgets? Try International Law WIRED.COM (February 7, 2017). Violence in Cyberspace: Are Disruptive Cyberspace Operations Legal under International Humanitarian Law? JUST SECURITY (March 3, 2017). The Democratic National Committee Hack: Information as Interference JUST SECURITY (August 1, 2016). Will “Cyber Bonds” Mitigate Transnational Cyberspace Threats? JUST SECURITY (June 15, 2016). 2 ABSTRACT Conflict in Cyberspace and International Law Ido Kilovaty In this dissertation, through four separately published articles, I address several contentious questions with regard to offensive cyberspace capabilities and the role of international law in the digital era. Offensive cyberspace capabilities, which for clarity purposes I refer to as “cyber- attacks,” are operations in cyberspace that target the confidentiality, integrity, and availability (colloquially known as the CIA triad) of information technology systems.1 Throughout these four articles, I explore contemporary international law as it applies to cyber conflict.
    [Show full text]
  • Why the United States Needs a National Political Warfare Center and Regional Embassies
    Georgetown Security Studies Review 4:2 1 Georgetown Security Studies Review Volume 4, Number 2 June 2016 A Publication of the Center for Security Studies at Georgetown University’s Edmund A. Walsh School of Foreign Service http://gssr.georgetown.edu Georgetown Security Studies Review 4:2 2 GEORGETOWN SECURITY STUDIES REVIEW Published by the Center for Security Studies at Georgetown University’s Edmund A. Walsh School of Foreign Service Ashley L. Rhoades, Editor-in-Chief Devon Hill, Deputy Editor Jacob Goldstein, Associate Editor for Africa John Chen, Associate Editor for Asia Michael Sexton, Associate Editor for Cyber Security Joe Pedley, Associate Editor for Europe Brendan Kinslow, Associate Editor for the Middle East Morgan Byrne-Diakun, Associate Editor for National Security & the Military Access Georgetown Security Studies Review online at http://gssr.georgetown.edu Connect on Facebook at http://www.facebook.com/GeorgetownUniversityGSSR Follow GSSR on Twitter @gssreview Contact the Editor-in-Chief at [email protected] DISCLAIMER The views expressed in Georgetown Security Studies Review do not necessarily represent those of the editors or staff of GSSR, the Edmund A. Walsh School of Foreign Service, or Georgetown University. The editorial board of GSSR and our affiliated peer reviewers strive to verify the accuracy of all factual information contained in GSSR. However, the staffs of GSSR, the Edmund A. Walsh School of Foreign Service, and Georgetown University make no warranties or representations regarding the completeness or accuracy
    [Show full text]
  • Icrc, Nato and the U.S. – Direct Participation in Hacktivities – Targeting Private Contractors and Civilians in Cyberspace Under International Humanitarian Law
    ICRC, NATO AND THE U.S. – DIRECT PARTICIPATION IN HACKTIVITIES – TARGETING PRIVATE CONTRACTORS AND CIVILIANS IN CYBERSPACE UNDER INTERNATIONAL HUMANITARIAN LAW IDO KILOVATY† ABSTRACT Cyber-attacks have become increasingly common and are an integral part of contemporary armed conflicts. With that premise in mind, the question arises of whether or not a civilian carrying out cyber-attacks during an armed conflict becomes a legitimate target under international humanitarian law. This paper aims to explore this question using three different analytical and conceptual frameworks while looking at a variety of cyber-attacks along with their subsequent effects. One of the core principles of the law of armed conflict is distinction, which states that civilians in an armed conflict are granted a set of protections, mainly the protection from direct attacks by the adversary, whereas combatants (or members of armed groups) and military objectives may become legitimate targets of direct attacks. Although civilians are generally protected from direct attacks, they can still become victims of an attack because they lose this protection “for such time as they take direct part in hostilities.”1 In other words, † Cyber Fellow at the Center for Global Legal Challenges, Yale Law School; Resident Fellow Information Society Project, Yale Law School; S.J.D. Candidate, Georgetown University Law Center. I would like to gratefully acknowledge the generous support of the Minerva Center for the Rule of Law under Extreme Conditions at the Faculty of Law and Department of Geography and Environmental Studies, University of Haifa, Israel and of the Israeli Ministry of Science, Technology and Space, who made this project possible.
    [Show full text]
  • Chapter 29 Cyber Attacks by Terrorists and Other Malevolent Actors
    Chapter 29 Cyber Attacks by Terrorists and other Malevolent Actors: Prevention and Preparedness With Three Case Studies on Estonia, Singapore, and the United States Shashi Jayakumar The field of cyberterrorism has existed for as a long as it has been possible to interdict or compromise computer systems. While contributions of scholars, researchers, and practitioners have enriched discussions, there are longstanding and unresolved issues of definition which can give rise to confusion. Does cyberterrorism mean attacks only by individuals groups that fall within widely accepted definitions of “terrorist” or “terrorist organizations?” To what degree does the aim or intention of the malicious actor matter? For the purposes of the present volume, this study (without sidestepping these questions) examines attacks against computer infrastructure and Critical Information Infrastructure (CII) by all actors with capability, and not just groups such as Al-Qaeda or ISIS. As the author notes and establishes early in his discussion, this is necessary given that while conventional terrorist groups might have intent, they have not to date acquired the capability to carry out a genuinely destructive cyber-attack of the type that might lead to major loss of life or infrastructural damage. It is (for the most part) states which have this capability. Cyber prevention and preparedness covers a wide range. This three-part chapter includes technical aspects of cyber protection, systems (and people) resilience, risk mitigation, as well as nurturing talent within
    [Show full text]
  • Virtual Space As an Area for Covert Terrorist Activities of Radical Islamists
    ТEME, г. XLV, бр. 1, јануар − март 2021, стр. 95−109 Прегледни рад https://doi.org/10.22190/TEME201119006T Примљено: 19. 11. 2020. UDK 323.28:28]:004.738.5 Ревидирана верзија: 5. 2. 2021. Одобрено за штампу: 26. 2. 2021. CYBERSECURITY – VIRTUAL SPACE AS AN AREA FOR COVERT TERRORIST ACTIVITIES OF RADICAL ISLAMISTS Darko Trifunović* University of Belgrade, Faculty of Security Studies, Belgrade, Serbia Abstract Over time, terrorism has evolved into different forms. One of the most dangerous is certainly cyber terrorism. There are many different motivations for terrorists to deploy cyber terrorism as a tool in their fight. Internet and computer networks are powerful resources on which contemporary society relies heavily. Terrorist groups have developed new tools and methods of the fight and they have become more effective, efficient, and unpredictable. Virtual, or cyberspace, is perfect and very safe ground for terrorist groups’ various activities, such are secret encrypted communication, file sharing, indoctrination and recruitment of vulnerable individuals, fundraising and promotions of their future actions and accomplishments spreading fear among common people. Are we adequately aware of these facts and prepared for countermeasures? The fact is that terrorists use mostly open- source tools (software) for their purposes, widely available and free of charge, as well as video games, popular social networks (mostly Twitter), and software developed by their programmers. The purpose of this paper is to point out some of the methods radical Islamic terrorist groups have been using and underline the importance of responding to this new security challenge. Key words: cyber terrorism, Islamic terrorists, Anonymous, steganography, the Islamic state.
    [Show full text]