Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Shutterstock/scyther5
Hacked

Is Islamic State turning its hand to cyber warfare?

“The targets might not stop with the borders of Syria.”

A BOTCHED CYBERATTACK aimed at unmasking Syrian dissidents has experts worried that the Islamic State group is adding malicious software to its arsenal.

Internet watchdog Citizen Lab says an attempt to hack into systems operated by dissidents within the self-styled caliphate could be the work of hackers affiliated with the Islamic State group.

Citizen Lab analyst John Scott-Railton said there is circumstantial evidence of the group’s involvement, and cautioned that if the group has moved into cyberespionage, “the targets might not stop with the borders of Syria.”

An attack on 24 November came in the form of a booby-trapped email sent to an activist collective in Raqqa, Syria, that documents human rights abuses in the Islamic State group’s de-facto capital. The activist at the receiving end of the email wasn’t fooled and forwarded the message to an online safety group.

“We are wanted — even just as corpses,” the activist, whose name is being withheld to protect his safety, wrote in his message to cybersafety trainer Bahaa Nasr.

This email has a virus; we want to know the source.

The message eventually found its way to Citizen Lab, based at the University of Toronto’s Munk School of Global Affairs. There, Scott-Railton and malware researcher Seth Hardy determined that it could act as a kind of electronic homing beacon by revealing a victim’s Internet Protocol address.

Citizen Lab regularly dissects rogue programs from the region, but Scott-Railton said this sample was different from previous attacks blamed on the Syrian government.

“We think we are looking at a different actor,” he said — an opinion echoed by malware scientist Thoufique Haq at California-based FireEye, who wasn’t involved in the report.

Vowed to hunt down

The activists are convinced the “different actor” is the Islamic State group, whose supporters have publicly vowed to hunt the collective down.

Islamic State has previously expressed interest in electronic surveillance. Last week, a post to a pro-Islamic State forum carried a proposal for a project named “Eye of the Caliphate” that would task a team of computer experts with hacking into the caliphate’s enemies, according to the SITE Intelligence Group. British news media reported this year that Islamic State had recruited a British hacker.

Attempts to reach an Islamic State representative were unsuccessful. U.K. authorities have declined comment.

Scott-Railton said various bugs in the malware’s code suggest an author “with basic skills, but perhaps without a lot of ‘professionalism’ … or quality control.”

Security consultant and former Scotland Yard detective Adrian Culley said that’s no reason to write the hackers off.

“They will evolve and they will learn,” he said.

Read: If North Korea did hack Sony, it’s a watershed moment in cyber-warfare >

Author
Associated Foreign Press
Your Voice
Readers Comments
41
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.