ISIS preps for cyber war

Getty Images

Islamic terrorists are stoking alarm with threats of an all-out cyber crusade against the United States, and experts say the warnings should be taken seriously.

Hackers claiming affiliation with the Islamic State in Iraq and Syria (ISIS) released a video Monday vowing an “electronic war” against the United States and Europe and claiming access to “American leadership” online.

“Praise to Allah, today we extend on the land and in the Internet,” a faceless, hooded figure said in Arabic. “We send this message to America and Europe: We are the hackers of the Islamic State and the electronic war has not yet begun.”

The video received ridicule online for its poor phrasing and the group’s apparent inability to make good on its cyber threat this week.

But as hackers around the world become more sophisticated, terrorist groups are likely to follow their lead and use the same tools to further their ends, experts said.

“It’s only really a matter of time till we start seeing terrorist organizations using cyberattack techniques in a more expanded way,” said John Cohen, a former counterterrorism coordinator at the Department of Homeland Security.

“The concern is that, as an organization like ISIS acquires more resources financially, they will be able to hire the talent they need or outsource to criminal organizations,” Cohen added. “I think they’re probably moving in that direction anyway.”

Military officials agree. NSA Director Adm. Michael Rogers this week called the pending shift “a great concern and something that we pay lots of attention to.”

“At what point do they decide they need to move from viewing the Internet as a source of recruitment … [to] viewing it as a potential weapon system?” Rogers asked.

While ISIS has been widely recognized for its social media prowess, the growing computer science talent of its recruits has mostly gone unnoticed.

“A number of individuals that have recently joined the movement of ISIS were folks that studied computer science in British schools and European universities,” said Tom Kellermann, chief cybersecurity officer at security firm Trend Micro, who said ISIS’s cyber capabilities are “advancing dramatically.”

Even the man reportedly responsible for a number of the brutal ISIS beheadings, dubbed “Jihadi John” by his captives, has a computer science degree, Kellermann said.

The burgeoning online threat posed by Islamic extremists was part of the motivation for a new security pact announced Thursday between the White House and Gulf states.

In addition to securing infrastructure and providing cyber training, U.S. officials will also work with partner states to expand joint exercises that involve the potential for cyber warfare.

Part of the danger of the ISIS threat is the group’s ability to marshal attacks from its sympathizers, generating a diffuse and unconnected network that is hard to track.

Kellermann said the video threats this week were “a call to arms more than anything,” meant to incite individuals to act on their own.

“It has actually added a new dimension to the terrorist threat that our counterterrorism approach is not intended or designed to pick up on,” Cohen said.

So far, supporters have focused on distributed denial-of-service attacks, spear phishing campaigns and hijacking legitimate websites to push malware, creating what are known as “watering holes.”

“For example, if you go to an ISIS website and download their videos, you better recognize most of those websites are watering holes,” Kellermann said. “[They are] basically trying to attack you while you’re watching that video.”

Experts think radical hackers are likely to expand this tactic to mainstream websites and powerful companies’ websites as a way to gather information on targets.

“They’re beginning to conduct more and more counterintelligence,” Kellermann said.

The ISIS's use of the Internet has been described as unprecedented for a terrorist group, and lawmakers are growing increasingly concerned about U.S. attempts to counter its rhetoric online.

Sen. Cory Booker (D-N.J.) recently criticized U.S.-led online campaigns against radicalization as “laughable,” saying he was “stunned” by the efforts’ lack of sophistication.

Jen Weedon, threat intelligence manager at security researcher FireEye, said these concerns are understandable.

“Part of the reason why there’s a belief that these emissaries are so savvy is because there's a sense of people not feeling that they're’ in control of the message,” she said.

Most of ISIS’s current online power lies in its messaging, experts say, and not in its ability to hack real computer networks. But a handful of high-profile intrusions point toward its aspirations as a hacking group.

Almost every month of 2015 has been punctuated by some online attack by ISIS affiliates or sympathizers.

The so-called Cyber Caliphate took over the Twitter and YouTube accounts for the U.S. Central Command in January and the Twitter account for Newsweek magazine in February.

Then, the next month, the so-called Islamic State Hacking Division posted the personal details of 100 U.S. military personnel supposedly involved in attacks on ISIS in Iraq and Syria.

“Kill them in their own lands, behead them in their own homes, stab them to death as they walk their streets thinking they are safe,” the group urged supporters.

In April, a French TV station was knocked offline in perhaps the best example of terrorists’ abilities.

“It seemed to be of a broader scale than we had seen previously,” Weedon said. “There were a number of facets to that attack, and they also took the station offline for quite awhile. That seemed to me to be of a different magnitude.”

Some worry the next step is inevitable within the year.

Kellermann has noticed an uptick in ISIS activity on the “cyber arms bazaar,” the massive underground dark Web market run out of Eastern Europe that traffics in almost every form of cyber sabotage imaginable.

“By the end of 2015,” Kellermann said, “we’re going to hear about significant attacks that were pulled off by sympathizers of ISIS.”