Compliance Management, Threat Management, Privacy, Threat Management

Uniting pro-ISIS hacking groups still unsophisticated, but sharpening skills, report says

While pro-ISIS hackers don't yet have the chops to launch attacks against protected targets like government installations, as the disparate groups join forces behind a super-hacker team, the United Cyber Caliphate, they're sharpening their skills and showing a willingness to coordinate and amp up cyberattacks, a new report revealed.

New hacking collectives emerging toward the end of 2014 proved to be “more interested in cyber than attacks on the ground,” Laith Alkhouri, director of research and analysis for the Middle East and North Africa and a co-founder at Flashpoint, told, noting that they clearly were trying to “advance their skills” and expand their reach via social media and, in an effort to mask their operations, through private communities. “If you look at the zeitgeist of pro-ISIS hackers, before the summer of 2014 there were no pro-ISIS groups.”

“Hacking for ISIS: The Emergent Cyber Threat Landscape” released Thursday by Flashpoint, a company that gleans tactical, operational, and strategic intelligence from the dark web, indicated that, even united, pro-ISIS hackers remain under-funded and disorganized and still not connected to ISIS officially.

“Their skills aren't advanced enough to hit major targets,” said Alkhouri. “Their groups are not affiliated with ISIS but they always put ISIS or the Islamic State in announcements [taking] responsibility for attacks.”

Also, “they're dedicated,” Alkhouri said, which makes their activities of concern and indicates the likelihood that they could eventually grow more sophisticated, especially since they've joined forces to create a united front, something Flashpoint researchers didn't expect to see.

Following in the footsteps of ISIS Cyber Caliphate leader Junaid Hussain, killed last summer in a U.S. military drone air strike near Raqqa in Syria, the collectives have focused their efforts on mastering social media for communication and recruitment – and to gather the information they “use as a target list that then brag about,” said Alkhouri, explaining that some of the groups' claims – such as they pilfered data from the State Department – weren't backed by any proof and are used to “inflate their notoriety.”

Alkhouri pointed to the pro-ISIS hackers' publication of kill lists as an example of that tactic and evidence of Hussain's legacy.

“They also believe in physical attacks,” said Alkhouri. The self-described ISIS sympathizers who carried out the attack in Garland, Texas, last May, received encouragement from Hussain before they opened fire at a prophet Mohammed cartoon contest. The hackers put out “death threats with the implicit possibility they might be carried out.”

The Islamic State group Cyber Caliphate hacked more than 54,000 Twitter accounts and leaked credentials Nov. 8 in retaliation for the drone strike that killed Hussain.

While Alkhouri expected in the short term, the hacktivist collectives will continue to go after low-hanging fruit, particularly small businesses that are using aging software and are vulnerable, he said they will continue to up there game, sharpening their skills and expanding their reach.

“They're dipping into an entirely different pool of people not attracted to violence but interested in technology,” Allison Nixon, director of security research at Flashpoint, told Wednesday. “It's a new channel of recruitment for ISIS leaders.”

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.