The Islamic State of Iraq and Syria (ISIS) has revolutionized how terrorist groups use the Internet to recruit and inspire followers. Since 2014 the group has spread its views of jihad using popular social media accounts including Twitter, Instagram, and Facebook. Adeptly utilizing a diffused and unregulated group of individuals across the world, ISIS has called on Muslims – especially those highly skilled like engineers and computer experts– to join their fight in Iraq and Syria or attack the enemy from their homes. The various hacker groups inspired by ISIS remain quite limited in their technical capabilities. Yet these actors represent a real and growing threat to the cybersecurity of both public and private organizations.
ISIS’s current cyber strategy closely resembles its recruitment strategy: inspiring followers to launch successful cyber attacks on their own. Terrorists Team for Electronic Jihad is one example. The group claims to have hacked the websites of a number of Israeli firms. In the process, they managed to redirect visitors to pages displaying the name and flag of ISIS. The Islamic State Hacking Division is another example. That group was behind the hack of an Australian airport’s website. They used the website to publish a threatening pro-ISIS message. The capture of Ardit Ferizi, the leader of the prominent hacking group Kosova Hacker’s Security, provides the most recent example. Ferizi was arrested for hacking and supplying the personal identification information of 1,351 U.S. military personnel and federal employees to ISIS.
ISIS hackers lack the resources and technical savvy of nation-state cyber powers like Russia or China. To date, their attacks have used rudimentary techniques and basic malware available on the black market. This has limited the types of cyber attacks used by ISIS to mostly Internet vandalism. So far, they have inflicted only minor damage on their victims, as evidenced by a recent unsuccessful attack on the US energy grid. Nevertheless, some recent hacks indicate a strong potential for growth in the cyber threat posed by ISIS. The interception of top secret British Government emails and the malware attack targeting Syrian ISIS critics are two examples.
ISIS does not yet have capabilities to cripple critical infrastructure, steal state secrets or shut down major networks. With that, the vast majority of their attacks have been aimed at Western news and social media websites. In January 2015, a group calling itself Cyber Caliphate hijacked the Twitter and YouTube accounts of the US Military Central Command. The Newsweek Twitter account, International Business Times website, as well as the official Taylor Swift Twitter account were also victims of this group. The purpose of such Internet vandalism is to draw global attention to their cause. News and social media websites with large user-bases will therefore remain at greatest risk of attack by ISIS-affiliated groups.
Current cyber attacks of ISIS-affiliated groups do not pose direct threats to US industry or critical infrastructure. Yet, ISIS continues to inspire sophisticated hacktivist groups such as AnonGhost. These groups aggressively use the Internet to promote their radical ideology and evoke “with us or against us” sentiments among Muslims and non-Muslims alike.
In a matter of two years, due in part to social media expertize, ISIS grew to be one of the most formidable terrorist organizations. Hundreds of new recruits continue to join ISIS each month. With social media accounts numbering in the tens of thousands spreading jihadist ideology, the group will likely continue recruiting highly-skilled sympathizers. A large part of the danger will be its ability to inspire attacks from these supporters. Such diffuse and unconnected networks of ISIS-affiliates will remain difficult to monitor.
The online threat posed by extremists was part of the motivation for a security pact announced in May 2015 between the White House and Gulf states. The pact will focus on securing infrastructure and providing cyber training. US officials also plan to work with partner states to expand joint exercises involving potential cyber warfare scenarios. ISIS has and continues to prove that terrorists are able to continually reinvent themselves online to further their goals.