“The electronic war has not yet begun.”
That was one message released in video on Monday, May 11, 2015, from a hacker group that claimed to be affiliated with the Islamic State. According to the International Business Times:
The video showed a digitized, hooded and faceless figure, akin to the symbol of the hacker collective Anonymous, reading out a prepared speech in Arabic with English subtitles. A group calling itself the “Islamic State’s Defenders in the Internet,” reportedly released the video, although there is no evidence that it is connected to leaders of the group also known as ISIS or ISIL in Iraq and Syria.
Last month, the Obama administration issued this Executive Order which created a new targeted authority for the U.S. government to better respond to the most significant of these online threats, particularly in situations where malicious cyberactors may operate beyond the reach of existing authorities.
But how serious of an online threat is ISIS and those who claim to work with or for the Islamic State? Could these groups unleash cyber terrorism and successfully bring down critical infrastructure in the U.S. and/or around the world? Where do these cyberthreats rank, if we compare them to other cyberattacks from cyber criminals or cyberattacks originating from Russia or China?
There is no doubt that ISIS has learned to use the Internet successfully to attract new recruits through the use of social media. Stories of men and women who travel to the Middle East from all over the world has been major topic of global discussion in 2014 and 2015.
So could more dangerous cyberterrorism be coming from the self-proclaimed “cyber caliphate?”
In June 2014, the Islamic State of Iraq and Al-Sham (ISIS) declared the territory that it captured in Iraq and Syria to be an Islamic state, or caliphate. Meanwhile, a group of hackers who claim to be affiliated with ISIS has declared a "cyber caliphate" and made headlines over the past six months for a series of online incidents that have received worldwide news coverage. For example, check out these two stories and a related video:
U.S. Central Command Twitter Account Suspended After Apparent ISIS Hack
In a rather bizarre twist, the well known hacker group Anonymous sent this response to Cyber Caliphate declaring how they would stop their online activities. Here’s the video message that was sent.
The Guardian newspaper in the U.K. offered this article last month, which characterized our online challenges in stark terms that reflect a Cold War mentality.
Britain’s new spy chief warned last month that the country was now in a “technology arms race” with enemies “often unconstrained by consideration of ethics and law … terrorists, malicious actors in cyberspace and criminals”. “[The technology] allows them to see what we are doing and to put our people and agents at risk,” Alex Younger told an audience in London, adding that traditional human espionage was becoming increasingly intertwined with “technical operations.”
Last year, Michael Rogers, who is U.S. National Security Agency (NSA) director, talked about this same topic.
“We need to assume there is a cyber dimension in every area we deal with,” Rogers said during a speech at a cybersecurity conference at the Capital Hilton hotel in the District of Columbia. “Counterterrorism is no different.”
And yet, many experts doubt that ISIS can do much to harm the U.S. online – at least not yet. Last year, an article in Time magazine pointed to the surprising ISIS social media successes, but poured water on those who think ISIS could bring down the U.S. power grid today.
“I don’t think anyone has any proof that there’s an imminent attack or that ISIS has acquired the manpower or the resources to launch an attack on the infrastructure of the United States,” said Craig Guiliano, senior threat specialist at security firm TSC Advantage and a former counterterrorism officer with the Department of Defense. “It could be a potential threat in the future, but we’re not there yet.”
Dark Reading quoted John Cohen, who is a former U.S. Department of Homeland Security counterterrorism official, on the same question.
"I would be concerned if they were able to attract cyber experts who could execute cyberattacks,” said Cohen, who is now chief strategy advisor at Encryptics. "From the standpoint of a security person, even if I don't have specific intelligence about a specific threat or plot underway, I have to look at all factors if I'm going to be prudent and establish the capacity to mitigate this type of threat."
This past week, The Hill.com reported that the White House has promised cooperation with many Gulf States on cybersecurity. In a meeting this past week at Camp David, leaders and delegates from the Gulf Cooperation Council (GCC) — which includes Bahrain, Kuwait, Oman, Qatar, Saudi Arabia and the United Arab Emirates — discussed numerous ways to partner in fighting ISIS and other regional threats.
“The United States and GCC member states will consult on cybersecurity initiatives, share expertise and best practices on cyber policy, strategy and incident response,” the White House said in a statement. “The United States will provide GCC member states with additional security assistance, set up military cybersecurity exercises and national policy workshops, and improve information-sharing.”
However, many experts currently worry more about the ongoing threats coming from Iran than ISIS in the region, especially if a nuclear deal is signed. Therefore, support for new capabilities and cyberdefense in the Middle East will likely cover a mix of different actors.
I was in Washington, D.C., this past week to speak at the ISC2 CyberSecureGov event. After the opening keynote, and in response to a question on the top new and emerging global cyberthreats, John Riggi, who is section chief from the FBI Cyber Division Outreach, pointed to ISIS and the emerging cyberthreats coming from the Middle East as needing more attention.
He said that cyberthreats coming from China and Russia were much more advanced currently, but the FBI is concerned about these new organizations recruiting or buying the people and technology with more advanced cyberattack capabilities.
So far, these ISIS-affiliated groups have only been able to deface websites and make headlines in more minor hacking cases. Let’s hope it stays that way.
Nevertheless, the public and private sectors need to prepare for the worst.