Latest Threat Research: LetMeowIn – Analysis of a Credential Dumper

Get Informed


The ISIS Cyber Security Threat

While many look at ISIS and think only of the campaign of terror they are driving through the middle east, but what most do not think of is the terror campaign they are waging through cyberspace. Since its inception ISIS has continually evolved to thrive in current times. ISIS began using relatively old tactics such as when they raided the Central Bank of Mosul making off with over $475 million and taking control of oil fields in Syria. ISIS has since moved into the cyber world for recruiting, propaganda, and theft to expand the reach of the organization.

ISIS has been making a hard push through both social media and hacking to recruit more people to their cause. This push has not only succeeded in bringing young men to their ranks but women as well. Though the social media accounts of ISIS members are routinely shut down, many, especially those involved in ISIS’ cyber efforts, have new accounts online within minutes of their old accounts being shut down.

ISIS has even appealed to many marginalized youth through the hacking campaign of pro ISIS groups like Team System DZ who have been responsible for hacking over 200 sites, some of which still remain offline. These hacks consist of banners reading “I Love you ISIS”, messages of ISIS’ goals and ideals, and images of beheadings or other bloody images. So far there is no pattern to the sites that are targeted for attack. It appears to be more around what websites they can compromise and deface. Some of these pages include The University of New Brunswick Student Union, who did not notice the attack for four days. Additionally the homepage of the Keighley Cougars Rugby Team was also compromised.

Currently ISIS worth is estimated around $2 billion and is rising by $3 million a day. Their hacking campaigns have helped greatly with efforts to raise additional money. Though their social media campaign has brought in monetary support from those too old or unable to fight, they have brought in even greater sums through hacking banking information. Junaid Hussain, known on social media as Abu Hussain Al Britani, is a British national who fled to Syria to join ISIS and has become key to their hacking efforts. Prior to joining ISIS he was responsible for hacking former British Prime Minister Tony Blair’s Email account and is now leading the way with training new ISIS members on how to conduct high level cyber attacks. Al Britani’s greatest focus has been on hacking celebrity and VIP bank accounts to fund operations.

Recently reports have come out from the Syrian Government on 4 November that Al Britani was killed during a Syrian airstrike. These reports are likely false as Al Britani has remained active on social media even going so far as to laugh at the reports of his death and point out inaccuracies in the articles such as pictures of other ISIS members but were reported as being of Al Britani.

As ISIS’ cyber efforts continue to yield positive result they will seek to increase their efforts and the sophistication of their attacks. Everyone should remain vigilant in monitoring the activity on their own cyber presence to ensure there is a quick response to any attacks by ISIS hacktivists. Binary Defense Systems (BDS) Threat Intelligence team will continue to monitor the ISIS threat and will release updates periodically.