“The electronic war has not yet begun.”
That was one message released in video on Monday, May 11, 2015, from a hacker group that claimed to be affiliated with the Islamic State. According to the International Business Times:
The video showed a digitized, hooded and faceless figure, akin to the symbol of the hacker collective Anonymous, reading out a prepared speech in Arabic with English subtitles. A group calling itself the “Islamic State’s Defenders in the Internet,” reportedly released the video, although there is no evidence that it is connected to leaders of the group also known as ISIS or ISIL in Iraq and Syria.
Last month, the Obama administration issued this Executive Order which created a new targeted authority for the U.S. government to better respond to the most significant of these online threats, particularly in situations where malicious cyberactors may operate beyond the reach of existing authorities.
But how serious of an online threat is ISIS and those who claim to work with or for the Islamic State? Could these groups unleash cyber terrorism and successfully bring down critical infrastructure in the U.S. and/or around the world? Where do these cyberthreats rank, if we compare them to other cyberattacks from cyber criminals or cyberattacks originating from Russia or China?
There is no doubt that ISIS has learned to use the Internet successfully to attract new recruits through the use of social media. Stories of men and women who travel to the Middle East from all over the world has been major topic of global discussion in 2014 and 2015.
So could more dangerous cyberterrorism be coming from the self-proclaimed “cyber caliphate?”
In June 2014, the Islamic State of Iraq and Al-Sham (ISIS) declared the territory that it captured in Iraq and Syria to be an Islamic state, or caliphate. Meanwhile, a group of hackers who claim to be affiliated with ISIS has declared a "cyber caliphate" and made headlines over the past six months for a series of online incidents that have received worldwide news coverage. For example, check out these two stories and a related video:
U.S. Central Command Twitter Account Suspended After Apparent ISIS Hack
In a rather bizarre twist, the well known hacker group Anonymous sent this response to Cyber Caliphate declaring how they would stop their online activities. Here’s the video message that was sent.
The Guardian newspaper in the U.K. offered this article last month, which characterized our online challenges in stark terms that reflect a Cold War mentality.
Britain’s new spy chief warned last month that the country was now in a “technology arms race” with enemies “often unconstrained by consideration of ethics and law … terrorists, malicious actors in cyberspace and criminals”. “[The technology] allows them to see what we are doing and to put our people and agents at risk,” Alex Younger told an audience in London, adding that traditional human espionage was becoming increasingly intertwined with “technical operations.”
Last year, Michael Rogers, who is U.S. National Security Agency (NSA) director, talked about this same topic.
“We need to assume there is a cyber dimension in every area we deal with,” Rogers said during a speech at a cybersecurity conference at the Capital Hilton hotel in the District of Columbia. “Counterterrorism is no different.”
And yet, many experts doubt that ISIS can do much to harm the U.S. online – at least not yet. Last year, an article in Time magazine pointed to the surprising ISIS social media successes, but poured water on those who think ISIS could bring down the U.S. power grid today.
“I don’t think anyone has any proof that there’s an imminent attack or that ISIS has acquired the manpower or the resources to launch an attack on the infrastructure of the United States,” said Craig Guiliano, senior threat specialist at security firm TSC Advantage and a former counterterrorism officer with the Department of Defense. “It could be a potential threat in the future, but we’re not there yet.”
Dark Reading quoted John Cohen, who is a former U.S. Department of Homeland Security counterterrorism official, on the same question.
"I would be concerned if they were able to attract cyber experts who could execute cyberattacks,” said Cohen, who is now chief strategy advisor at Encryptics. "From the standpoint of a security person, even if I don't have specific intelligence about a specific threat or plot underway, I have to look at all factors if I'm going to be prudent and establish the capacity to mitigate this type of threat."
This past week, The Hill.com reported that the White House has promised cooperation with many Gulf States on cybersecurity. In a meeting this past week at Camp David, leaders and delegates from the Gulf Cooperation Council (GCC) — which includes Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and the United Arab Emirates — discussed numerous ways to partner in fighting ISIS and other regional threats.
“The United States and GCC member states will consult on cybersecurity initiatives, share expertise and best practices on cyber policy, strategy and incident response,” the White House said in a statement. “The United States will provide GCC member states with additional security assistance, set up military cybersecurity exercises and national policy workshops, and improve information-sharing.”
However, many experts currently worry more about the ongoing threats coming from Iran than ISIS in the region, especially if a nuclear deal is signed. Therefore, support for new capabilities and cyberdefense in the Middle East will likely cover a mix of different actors.
I was in Washington, D.C., this past week to speak at the ISC2 CyberSecureGov event. After the opening keynote, and in response to a question on the top new and emerging global cyberthreats, John Riggi, who is section chief from the FBI Cyber Division Outreach, pointed to ISIS and the emerging cyberthreats coming from the Middle East as needing more attention.
He said that cyberthreats coming from China and Russia were much more advanced currently, but the FBI is concerned about these new organizations recruiting or buying the people and technology with more advanced cyberattack capabilities.
So far, these ISIS-affiliated groups have only been able to deface websites and make headlines in more minor hacking cases. Let’s hope it stays that way.
Nevertheless, the public and private sectors need to prepare for the worst.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.