The group’s cyberwarriors are underfunded and poorly organized, but a recent shakeup could signal a change.
In the nearly two years since ISIS declared itself a caliphate, the group has leaned heavily on technology to recruit, communicate and attack foreign targets—each with varying degrees of success. Twitter and Facebook have scrambled to head off ISIS recruiters who spread propaganda on their platforms, and top intelligence officials have bemoaned the group’s alleged use of encryption to communicate.
But barring a few low-impact operations, ISIS hasn’t successfully launched a meaningful cyberattack on the West. And according to new research from Flashpoint, a cybersecurity company, it probably doesn’t have the tools or the know-how to launch one anytime soon.
To date, most of the group’s offensive moves have been “attacks of opportunity” that grasp at low-hanging fruit, the researchers said.
The highest-profile ISIS cyberattacks targeted Twitter accounts: In January 2015, a group calling itself the “Cyber Caliphate” took over the Twitter handle that belongs to the U.S. Central Command, and the next month, the same group appeared to take over Newsweek’s handle. At most, the attacks amounted to digital graffiti, although it can be hard to measure their psychological and morale-boosting effects.
For now, the Flashpoint researchers wrote, ISIS’s “overall capabilities are neither advanced, nor do they demonstrate sophisticated targeting.” That’s in part because until earlier this month, there were five different, loosely coordinated hacking groups acting in support of ISIS. That led to disorganization and a lack of resources, holding back the larger organization’s offensive cyber operations.
But on April 4, Telegram accounts belonging to two of the five main groups that Flashpoint studied announced the creation of a “united cyber caliphate,” merging those groups with two others. The researchers said the unified group could lead to expanded scope and resources for hacking, and an increased focus on training other jihadis to defend themselves online.
Despite their relative ineffectiveness so far, the leaders of ISIS’ technological offensives have not gone unnoticed. In August, a targeted drone strike killed Junaid Hussain, a young member of ISIS leadership who was allegedly involved in bolstering the group’s online defenses, hacking Western military targets, and recruiting would-be jihadis to join the group’s fight.
And just this week, top Defense Department officials told The New York Times the military is also training its own cyberweapons on ISIS, promising to wreak havoc among the terrorist group’s ranks by disrupting its payroll operations and manipulating its communications to create confusion, and deter potential recruits.
“We are dropping cyberbombs,” Deputy Defense Secretary Robert Work told the Times. “We have never done that before.”