Pro-ISIS Hackers Have Been Flexing Their Muscles – But Is There Any Real Cause For Concern?

Pierluigi Paganini June 04, 2016

Lion Caliphate, of Caliphate Cyber Army (CCA) and United Cyber Caliphate (UCC) notoriety, briefly left Facebook last week but returned as Lion Back.

Lion Caliphate, of Caliphate Cyber Army (CCA) and United Cyber Caliphate (UCC) notoriety, briefly left Facebook last week but returned with a new name– Lion Back. Site Intel Group, which tracks numerous hacker groups, has released several updates in regard to pro-ISIS hackers:

  • ISIS-affiliated hackers continue to issue OpSec tips, which include advice regarding the use of VPNs when on social media (Photo).
  • The Caliphate Cyber Army (CCA) recently redistributed a video featuring a US military kill list.
  • The Cyber Caliphate now has an official instagram page.
  • The United Cyber Caliphate (UCC) leaked ten thousand accounts of IT equipment manufacturing company D-Link (Photo).
  • ISIS releases multi-language propaganda posters online that threaten attacks in the West (Photo).
  • Caliphate Cyber Army claimsbreach of library in Arkansas and lists hundreds of civilians’ information.

isis hackers-caliphate-cyber-army-cca

The Caliphate Cyber Army also released a communication regarding an attack on a section of US intelligence and communications:

“In the name of Allah, Most Gracious and Most Merciful

CYBER CALIPHATE ARMY

An attack on a section of USA intelligence and communications”

It includes location data broken down by CBSA Code, Metro Division Code, CBSA Title, Metropolitan/Micropolitan Statistical Area, Metropolitan Division Title and CSA Title.

The field of pro-ISIS hackers has been comprised of five distinct groups which often overlapped and coordinated with one another. Additionally, some AnonGhost members pledged their support to ISIS in 2015. Last month, however, the following groups merged with the United Cyber Caliphate:

  • Cyber Caliphate
  • Islamic State Hacking Division
  • Islamic Cyber Army
  • Rabitat Al-Ansar
  • Sons Caliphate Army

Shortly after the announced merger, the UCC targeted 3,000 New Yorkers, posting the names and other personal information of individuals on Telegram. The information was posted briefly and then removed, which led experts to believe it to be a fear-mongering tactic. Either way, the FBI said that all who were listed would be contacted, just in case.

A church website also fell victim to the UCC. “We will conquer your Rome, break your crosses and enslave your women by the permission of Allah, the Exalted,” said the video posted on the site of the Lamont Christian Reformed Church in Michigan. And, the site’s landing page bore the words “You have been hacked by the United Cyber Caliphate.”

Lion Caliphate had been operating under the UCC banner, but this week he has been posting content on Facebook as a member of the Cyber Caliphate Army.

ISIS recruiter and computer mastermind, Junaid Hussain left behind a widow when he was shot down in an airstrike last summer. Sally Jones (aka Umm Hussain Britaniya and the White Widow) continues her propaganda-filled social media campaign, often advocating violence and sometimes making threats. In October 2015, “she released, ‘the address & details of US Military target no.2 also one of America’s most decorated soldiers,’ Sgt. 1st Class Dillard Johnson on October 8, 2015. Making very clear why she released the information, Britaniya proclaimed, ‘Once again I leave these details online to cause havoc in his life & for my brothers and Al-Qaeda in the U.S to eventually hunt him down & kill him.’”

More recently, on May 25, Jones made references to drones and suicide attacks in a barrage of tweets. She also warned of terror attacks in various UK cities, including Glasgow and London and called on British women to carry out attacks during Ramadan in the UK.

Jones’ latest Twitter account (the account that issued the threats was suspended) is an Islamic State Hacking Division account. This particular group of hackers pledged allegiance to the Islamic State in late 2014.

Last month, the Islamic State Hacking Division published a hit list of over 70 US military personnel who have been involved in drone strikes against terror targets in Syria. The group’s followers were encouraged to “kill them wherever they are”. ‘The Sunday Times’ reported that these hackers, who have links to Britain, circulated online the names, addresses and photographs of over 70 US staff.

Though the current assembly of pro-ISIS hackers possesses minimal hacking skills,“groups concerned about ISIS cyberattacks should look for the hacking groups to use deep Web forums as a training ground for ISIS followers with low-level hacking abilities to improve their skills”, according to Flashpoint. “Expect ISIS hackers to download hacking tools from publicly available sources and use a combination of off-the-shelf and custom malware”, Flashpoint added.

Aysha Khan notes that:

“The Internet underlies virtually all of America’s critical infrastructure activities, including military, defense, commerce, finance, energy, transportation and healthcare. “[O]ur reliance on things like satellites and the Internet has led to real vulnerabilities that our adversaries are eager to exploit,” Defense Secretary Ash Carter said at a technology forum in September 2015. Attempts by terrorists at penetrating our power grid, industrial control systems and financial transactions are inevitable. A 2015 USA TODAY analysis of federal energy records found that part of the nation’s power grid is struck by a cyber or physical attack about once every four days. But the Internet of Things, increasing interconnectedness of technology, and rise of drones and self-driving cars will make the U.S. even more vulnerable to being hacked. A smartly-targeted, asymmetrical attack could bring the country to its knees.”

With Junaid Hussain and accomplice Ardit Ferizi out of commission, the confederation of pro-ISIS hackers doesn’t appear to pose much of a threat, but they are always scouting for new tech talent. So, the potential for widespread, possibly devastating impact is always present.

Written by: Sneacker 

Author Bio: Sneacker is a writer who works in the information technology field. She is a member of GhostSec, a counterterrorism unit within the Anonymous collective, and participant in #OpISIS.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – ISIS, Terrorism)

[adrotate banner=”12″]



you might also like

leave a comment