Following the deadly assaults on Europe in late 2015 and early 2016, reports emerged suggesting that ISIS has an army of organized hackers who can provide consistent, round the clock support to foot soldiers. However, new information on the matter seems to suggest that ISIS’s remaining hacking arm is nothing more than a propaganda machine capable of dealing minor hits, if any, to enemies. But ISIS is showing more interest in expanding its hacking capabilities.
The news comes at a time when the U.S. government has declared cyber war on the Islamic paramilitary organization.
A report from Flashpoint called Hacking for ISIS: The Emergent Cyber Threat Landscape, first seen by Ars Technica, says that ISIS in April merged four independent pro-ISIS cyber teams into a single group called the United Cyber Caliphate. The group is made of the Sons Caliphate Army, the Caliphate Cyber Army, the Ghost Caliphate Section and Kalashnikov E-Security Team.
These sound like rather scary organizations, but Flashpoint says they can’t do that much harm as they lack the expertise to conduct sophisticated digital assaults.
“Until recently, our analysis of the group’s overall capabilities indicated that they were neither advanced nor did they demonstrate sophisticated targeting,” Flashpoint co-founder and Director of Research & Analysis for the Middle East and North Africa Laith Alkhouri said. “With the latest unification of multiple pro-ISIS cyber groups under one umbrella, there now appears to be a higher interest and willingness amongst ISIS supporters in coordinating and elevating cyber attacks against governments and companies.”
The report reveals that British citizen Junaid Hussain, who was killed in a raid in August 2015, was the leader of ISIS’s former Cyber Caliphate Army. Known as TriCK and part of a well-known black hat hackers group called TeaMp0isoN, Hussain joined ISIS in the summer of 2014. Since then, he has tried to recruit other colleagues into his team, but he hasn’t been very successful.
ISIS was able to take over social media accounts, defame websites (including CENTCOM and Newsweek), and attack the sites of certain cities, although it hasn’t accomplished any major hack.
Rather than coming up with its own hacks, the unified UCC group – not to be confused with the US Cyber Command fighting ISIS hackers – is likely going to employ “malware as a service” exploit sites and other tools that can be purchased off hacker forums. The UCC would still be able to conduct propaganda operations and cause damage to “soft” targets. So their capabilities, while limited, shouldn’t be completely ignored.