LONDON: Daesh followers could be seeking cyber-attack tools from the so-called ‘digital underground,’ according to a new report from Europol.
With Daesh forces having lost most of their territorial strongholds in the Middle East since 2016, the terror organization has increasingly retreated to the web to continue its campaign.
The annual report published on Tuesday looks at current and anticipated threats in cybercrime across the globe, and comes just as the Syrian war seems to be entering its final stage with the last militant rebel fighters holding up in the province of Idlib.
Daesh had already become well-known for using encrypted messaging apps and the ‘dark web’- an area of the Internet not accessible to search engines — to promote itself and recruit new members to its organization.
Europe’s law enforcement agency’s report now suggests that Daesh may also considering the use of cyber-attacks and using the ‘dark web’ to buy illicit malware.
“There has been much concern and speculation over the past few years that terrorists could turn to launching cyber-attacks against critical infrastructure,” the report said.
Daesh-affiliated groups have only managed to carry out a handful of “low-level” cyberattacks in the last year, the report found, including the hacking of a Swedish radio station last year when the attacker managed to play out an IS song on air, the report said.
In March this year, Daesh supporters also attempted to set up an alternative to the social networking platform Facebook, called the “Muslim’s Network.”
While concerns are growing, Europol said the organization’s current cyber-crime abilities remain in their “infancy.”
Daesh is also far more likely to buy cyber-attack tools that use malware or ransomware technology, rather than develop their own tools yet, the report found.
“While IS sympathizers have demonstrated their willingness to buy cyber-attack tools and services from the digital underground, their own internal capability appears limited,” the report read.
“While terrorist actors are aggregating open- source tools, they have yet to develop their own,” it added.
Extremist networks have also experimented with cryptocurrencies as a means of moving funds across borders, the report said.
Europol highlighted IS-affiliated websites calling for donations of the virtual currency Bitcoin last November.
As yet, no on-the-ground attack carried out in Europe has been funded with virtual currency, the report found, with financing still mainly coming from the conventional banking system and money remittance services.
The report recommended that efforts must be made to disrupt Daesh’s online propaganda in order to hinder the group’s “access to human expertise, funding and cyber tools.”
In July, a survey of academics specializing in cyberterrorism found that just over two-thirds of respondents thought cyberterrorism constituted a “significant threat.”
However, Stuart Macdonald, professor of law at Swansea University and author of the Cyberterrorism Project report told Arab News that there were differences surrounding the definition of cyberterrorism.
Cyberterrorism could potentially covering an attack that resulted in killing a huge number of people or it could just involve shutting down a website for a few hours, he said.
“But overall most agree that vulnerabilities exist in critical infrastructure. Where opinions tend to differ is whether terrorists have the capability to perpetrate acts of cyberterrorism and are motivated to commit acts of cyberterrorism as opposed to more traditional forms of physical attack.
“Some researchers believe that terrorists are likely to prefer traditional physical attacks, as these are more headline-grabbing and generally less expensive,” he said. Still, not all threats are associated with terror groups. Andrew Silke, professor of terrorism, risk and resilience at Cranfield University, said: "Today the major threat of cyber attacks comes from foreign governments, not terrorist groups and their sympathisers. Governments can control and commit the resources and knowledge needed to carry out truly serious cyber attacks. "When thinking about security then, nations are already thinking in terms of what can be done to counter attacks orchestrated by a rival government. If your security and resilience is good enough to meet that type of threat, it will also be good enough to meet the threats posed by terrorists."