Ransomware is the least of a CIO’s worries, according to new report issued by the Institute for Critical Infrastructure Technology (ICIT).
James Scott, ICIT senior fellow and Drew Spaniel, ICIT researcher, co-authors of a new report, titled “The Anatomy of Cyber-Jihad: Cyberspace is the New Great Equalizer,” call cyber jihadists the latest threat to America and its allies.
ICIT, a nonprofit think tank with some of the world’s top cybersecurity experts, advises Congress and Federal agencies on the current state of cybersecurity.
“Until now it has been fairly easy to categorize malicious cyber actors as state sponsored APT [advanced persistent threat], hacktivist, mercenary, and script kiddie [hackers who use existing scripts or codes],” Scott said. But more recently, cyber jihadists are gaining momentum.
“Cyber jihad has quickly arrived on the scene and will only continue to grow and hyper-evolve,” he said. “As a well-funded adversary, cyber jihadists can easily outsource the more sophisticated attacks, purchase potent zero days, infiltrate and map networks and exfiltrate and manipulate data from America’s virtually unprotected Internet of Things.”
The Islamic militant group ISIS used this year’s ransomware attacks, like the kind that held electronic health records hostage at several hospitals, not so much as to acquire funding via the ransom, but rather to aid in recruiting, Scott said. ISIS uses scare tactics, media hype, and the ensuing social media blitz caused by ransomware attacks to get the attention of rogue hackers all over the world, Scott said.
Particularly, terrorist groups seek out “lone wolf” hackers, many of whom are mentally unstable, Scott said. These lone wolves already have the right mentality; all they need is a cause, Scott said. “It doesn’t take long for ISIS to recruit them.”
“Jihadists are especially complex adversaries because they are motivated by ideologies that oppose the very existence of Western culture,” Scott said. “They do not fear reprisal and in many cases, their ideology actually encourages collateral damage. These threat actors seek to cause chaos, disrupt operations, and inflict devastating impacts on organizations in every critical sector.”
Because terrorists are taking the war on the West to the cyber world, most people don’t realize that their computer has now become a weapon, Scott said.
According to the report, terrorist groups with greater access to technology and funds, and with younger members, develop faster than other groups. The report goes into an in-depth analysis of some of the most threatening cyber jihad groups, including:
- Al-Shabab, a Somalia-based militant organization with strong ties to al-Qaida
- Boko Haram, a terrorist organization that strives to establish a militant Islamic state in Nigeria
Scott said the biggest threat to cyber jihad breaches in the Federal government is through Federal contractors. Physical threats on-site, including janitorial services and maintenance staff, also provide vulnerability to jihadist attacks. “It would take nothing” for someone to use a USB drive with remote access and a Trojan back door to dial in, Scott said.
Some of the newest terrorist hacker groups are quite small, with as few as three members, but they are powerful, Scott said.
“They only have to be right once,” Scott said. “Federal agencies have to be right all the time.”
How can CIOs keep their agencies safe? Scott said not enough can be said about the continued emphasis on cyber hygiene–educating and encouraging staff to engage in standard precautions against hackers, especially by not opening links from unknown senders found in emails.
Yet despite the growing threat, Scott advises CIOs to be careful of a doom-and-gloom mentality. Instead, “start taking action,” he said.