Homeland Security

Could ISIS’s next caliphate be in cyberspace?

Getty Images

Following a wave of devastating attacks aimed at terrorizing and paralyzing the Western world during the Muslim holy month of Ramadan, July has ushered in a series of landmark counterterrorism victories in the fight against ISIS.

Iraqi Security Forces liberated Mosul, the largest city under ISIS control, and a Syrian militia infiltrated the Old City of Raqqa, the capital of ISIS’s so-called Islamic State.

{mosads}Not only has the caliphate been decimated, but the caliph himself may also have been eliminated; the Syrian Observatory claims it has “confirmed information” that ISIS leader Abu Bakr al-Baghdadi is dead. The Pentagon has yet to corroborate this statement, and Western and Iraqi officials remain skeptical, but the mere allegation of al-Baghdadi’s downfall lends strength to the counter-ISIS campaign.


This string of counterterrorism triumphs has inspired many to caution against excess optimism that prematurely celebrates victory and risks blinding the West to the “ever-evolving manifestation” of jihadi groups and their ability to reinvent themselves.

Such warnings are not only justified, but necessary, for preparing the counter-ISIS coalition for the terror group’s next phase. The vast majority of analyses focus exclusively on ISIS’s combative muscle in the physical domain. If the West’s collective counterterrorism mission is to foresee the unforeseeable with regards to the terrorist threat trend, some thought needs to be dedicated to analyzing attacks that have yet to be connected.

The June hack of multiple state government websites by a pro-ISIS group suggests that the status of ISIS’s cyber offensive capabilities is an evolving threat trajectory that demands scrutiny. ISIS has demonstrated its prowess at navigating the Internet of Things through its use of social media to radicalize sympathizers and encrypted communication to plot attacks.

Now that ISIS can no longer claim rights to a physical caliphate, it will have to find ways to stay relevant on the world stage. ISIS could easily leverage its existing cyber capabilities — or inspire sophisticated cyber hacktivists to act in its name — to supplement its physical exertions of terror with cyber attacks.    

On June 25, Ohio Gov. John Kasich’s website was hacked to temporarily display the message: “I love the Islamic State…You will be held accountable Trump, you and all your people for every drop of blood flowing in Muslim countries.”

The message, left by hacktivist group “Team System Dz,” also appeared on the websites of nine other state governments across Ohio, New York and Maryland. While the ease with which hackers penetrated these government servers is troublesome, the hack’s greater significance resides in its suggestion of what ISIS’s “ever-evolving manifestation” will look like in its post-caliphate stage.

ISIS’s tactic of supplementing attacks directed by its central command in Raqqa with attacks inspired and enabled by ISIS via homegrown extremists and lone wolf sympathizers across the globe could be easily paralleled in cyberspace. A growing cyber offensive trend can already be detected in the online footprint formed by pro-ISIS hacking groups over the past two years.

In February, the pro-ISIS group “Tunisian Fallaga Team” hacked into the United Kingdom’s National Health Service website, replacing legitimate web pages with graphic photos of the war in Syria.

In April, the pro-ISIS “United Cyber Caliphate” released a Kill List containing the names and addresses of 8,786 civilians across the United States and United Kingdom, along with a video calling for lone wolf attacks against these individuals. This was a notable escalation from the United Cyber Caliphate’s April 2016 Kill List, which listed the names and contact information for 43 U.S. Government employees. 

It is unclear whether these cyber offenses were connected to or copy-cats of the March 2015 Kill List, in which ISIS’s cyber unit the “Islamic State Hacking Division” leaked the names, pictures and addresses of 100 members of the United States military, asking its “brothers resident in America” to kill them.

Recent reports suggest that the United Cyber Caliphate is now dabbling in malware creation, which if confirmed, would indicate an enhancement of their technical sophistication.

Upon the release of all three Kill Lists, the perpetrators claimed to have hacked multiple government servers in order to obtain the targets’ personally identifiable information (PII) through secure databases. If this claim is legitimate, one can only imagine the havoc ISIS could wreak if it targeted critical infrastructure in its next attack. From a chemical facility to a power grid to a hospital, ISIS could perpetrate a fairly simplistic cyber attack against a critical target with devastating effect.

Even if the attackers’ claim to have hacked into secure government servers was false, in this day and age of “fake news,” the mere perception of cyber malfeasance can lend an adversary significant leverage. One of ISIS’s fundamental goals is to subvert American democracy because its members view man-made law as illegitimate.

If additional ISIS-linked cyber attacks take place — especially if they are aimed at government servers, federal institutions or civil servants — it will slowly but steadily erode the public’s trust in the fundamental pillars of American democracy.

As the United States prepares for ISIS’s next manifestation, it must connect seemingly isolated dots and be wary of ISIS’s likely transition into cyberspace. ISIS is already taking a converged approach to terror, using cyber hacks to facilitate physical attacks. Left without physical territory to claim as its own, ISIS could easily aim to move its caliphate into the boundless arena of cyberspace.

Jacqueline R. Sutherland is the Terrorism & Asymmetric Warfare fellow at Young Professionals in Foreign Policy (YPFP). She is also a security-focused Senior Analyst at The Chertoff Group and a non-resident Counterterrorism fellow at the London-based Asia-Pacific Foundation. She holds a Master’s in International History with highest honors from the London School of Economics.

 The views expressed by contributors are their own and are not the views of The Hill.

Tags Defense Homeland security ISIS Jacqueline R. Sutherland

Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

See all Hill.TV See all Video

Most Popular

Load more


See all Video