How Dangerous is ISIS in The Cyber Domain?

This post is also available in: עברית (Hebrew)

The Islamic State group and other militant organizations have been creating precedents in terms of discussing cyber activities almost from the start. Most cyber operations by militant organizations have been on a fairly low level and merely aspirational, according to John Mulligan, deputy director of the U.S. National Counterterrorism Center.

From a practical standpoint, cyber activity to date has been largely confined to groups such as ISIS finding information and generating kill lists related to security or military personnel, Mulligan told fifthdomain.com. This is achieved through some low-level hacking and the exploitation of low-hanging fruit. The U.S. government has seen some low-level defacement of websites, he added, but nothing critical.

The gap between the perception that entities able to do the most harm in cyberspace — to include sophisticated nation-states — probably have lesser intent and entities with more nefarious intent have lesser capability is closing, former Director of National Intelligence, James Clapper, told the Senate Armed Services Committee in May.

Terrorists, criminals and hacktivists are going to exploit technology, “and so that comfort that we may have taken in the past is something we should count on,” he said.

Echoing this sentiment, Mulligan noted: “We shouldn’t make the same mistake in terms of underestimating their ability to again adapt their cyber abilities,” he said.

From a military perspective, Mulligan said ISIS is a loose connection of broadly independent, functioning entities that lack a degree of predictability and uniformity. When it comes to ISIS’ hacking cohorts, such as the so-called Cyber Caliphate, they are for the most part considered sympathizers rather than members of ISIS.

The United States’ concern, he said, is the individuals who are competent in the cyber arena and may be operating below the horizon, making them more difficult to detect.

This can include those undertaking official support tasks, networks of supporters retweeting ISIS propaganda and those that add value to the overall effort but are difficult to detect. These networks, Mulligan said, are believed to be globally dispersed.

“What’s really unique about ISIS is the fact that they have a deep understanding of the linkage between the media world, particularly social media, and the operational world,” Mulligan said. “They have very successfully been able to use media to amplify the effects of their operational activities.”

ISIS understands the broad range of commercial technological applicability, and social media allows the group to conduct global operations, Mulligan said. The militant group can conduct financial transactions, facilitate logistical movements, and organize in a dispersed, remote way. Organizations such as ISIS delegate to individuals degrees of responsiblity and accountability, allowing them to display their initiative.