Pierluigi Paganini
July 26, 2024
Yesterday Federal Bureau of Investigation (FBI) Director Christopher Wray expressed growing concerns over the potential for a coordinated foreign terrorist attack in the United States. During his testimony to the House Oversight Committee, Mr. Wray cited the ISIS-K attack on Crocus City Hall in Moscow in March as an example of the type of threat the bureau is increasingly concerned about.
These details are alarming to the security community and private sector, and demand a proactive approach to combat this threat, including identifying precursors to it in the cyberspace. According to the latest risk assessment published by Resecurity, terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks, as well as to conduct recruitment and establish anonymous communication channels (using apps like Session and their alternatives).
Multiple resources created by threat actors have been identified and deployed both in the surface web and the Tor network. This activity was especially notable in Q2 2024, with new resources appearing at the beginning of Q3 2024. In one of the most recent publications, ISIS has published a menacing image online, suggesting the use of drones as potential bomb delivery systems for an attack on the Paris Olympics, accompanied by a caption declaring the start of the “Lone Wolves’ Olympics”.
Resecurity has also observed a spike of illegal content related to educational materials related to explosives spreaded on the Dark Web. At some point, such content is promoted under umbrella of the “anarchy” ideology encouraging youth to get involved in illegal activities. Making such information available using Dark Web means created a significant threat for society. By July 2024, the number of such resources indexed by Resecurity is almost doubled compared to previous timeframes. This may highlight the growing effort to distribute such illegal content before important events. It is expected that such activity may amplify by the the elections in the United States, with the intention of sowing chaos and radical activity. July 13, 2024, multiple resources were detected spreading information about Telegram bots providing instructions and details on accessing illegal content related to explosive devices.
Besides efforts by law enforcement and public sector agencies to combat terrorism, there are many challenges on the shoulders of the private sector in managing online platforms, marketplaces, social media, and other resources. According to experts, one of the key issues is tracking high-risk individuals who may misuse financial services, such as banks, e-commerce platforms, and payment networks, to engage in illegal activities, including money laundering and terrorism financing. Unfortunately, the abuse management and trust & safety teams of popular online platforms are not always able to react quickly enough or proactively identify such profiles at an early stage due to a lack of visibility and limited resources, which is exploited by threat actors.
Additional information is included in the report published by Resecurity:
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Terrorist Activity)
